diff options
Diffstat (limited to 'media-libs/libexif/files/libexif-CVE-2007-6352.patch')
| -rw-r--r-- | media-libs/libexif/files/libexif-CVE-2007-6352.patch | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/media-libs/libexif/files/libexif-CVE-2007-6352.patch b/media-libs/libexif/files/libexif-CVE-2007-6352.patch new file mode 100644 index 000000000000..c6d53cee91d9 --- /dev/null +++ b/media-libs/libexif/files/libexif-CVE-2007-6352.patch @@ -0,0 +1,17 @@ +Index: libexif-0.6.16/libexif/exif-data.c +=================================================================== +--- libexif-0.6.16.orig/libexif/exif-data.c ++++ libexif-0.6.16/libexif/exif-data.c +@@ -288,10 +288,9 @@ static void + exif_data_load_data_thumbnail (ExifData *data, const unsigned char *d, + unsigned int ds, ExifLong offset, ExifLong size) + { +- if (ds < offset + size) { ++ if ((ds < offset + size) || (offset < 0) || (offset > ds)) { + exif_log (data->priv->log, EXIF_LOG_CODE_DEBUG, "ExifData", +- "Bogus thumbnail offset and size: %i < %i + %i.", +- (int) ds, (int) offset, (int) size); ++ "Bogus thumbnail offset and size."); + return; + } + if (data->data) |