Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Leap:15.3:Update
jhead.17742
CVE-2018-17088.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File CVE-2018-17088.patch of Package jhead.17742
Index: jhead-3.00/gpsinfo.c =================================================================== --- jhead-3.00.orig/gpsinfo.c +++ jhead-3.00/gpsinfo.c @@ -6,6 +6,7 @@ #include "jhead.h" #define MAX_GPS_TAG 0x1e +#include <stdint.h> #define TAG_GPS_LAT_REF 1 @@ -101,7 +102,7 @@ void ProcessGpsInfo(unsigned char * DirS unsigned OffsetVal; OffsetVal = Get32u(DirEntry+8); // If its bigger than 4 bytes, the dir entry contains an offset. - if (OffsetVal+ByteCount > ExifLength){ + if (OffsetVal > UINT32_MAX - ByteCount || OffsetVal+ByteCount > ExifLength){ // Bogus pointer offset and / or bytecount value ErrNonfatal("Illegal value pointer for Exif gps tag %04x", Tag,0); continue; Index: jhead-3.00/makernote.c =================================================================== --- jhead-3.00.orig/makernote.c +++ jhead-3.00/makernote.c @@ -5,6 +5,7 @@ #include "jhead.h" extern int MotorolaOrder; +#include <stdint.h> //-------------------------------------------------------------------------- // Process exif format directory, as used by Cannon maker note @@ -64,7 +65,7 @@ static void ProcessCanonMakerNoteDir(uns unsigned OffsetVal; OffsetVal = Get32u(DirEntry+8); // If its bigger than 4 bytes, the dir entry contains an offset. - if (OffsetVal+ByteCount > ExifLength){ + if (OffsetVal > UINT32_MAX - ByteCount || OffsetVal+ByteCount > ExifLength){ // Bogus pointer offset and / or bytecount value ErrNonfatal("Illegal value pointer for Exif maker tag %04x", Tag,0); continue;
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor