diff options
Diffstat (limited to 'community/exiv2/CVE-2021-29458.patch')
-rw-r--r-- | community/exiv2/CVE-2021-29458.patch | 49 |
1 files changed, 0 insertions, 49 deletions
diff --git a/community/exiv2/CVE-2021-29458.patch b/community/exiv2/CVE-2021-29458.patch deleted file mode 100644 index 64206b8a4fa..00000000000 --- a/community/exiv2/CVE-2021-29458.patch +++ /dev/null @@ -1,49 +0,0 @@ -From 0a91b56616404f7b29ca28deb01ce18b767d1871 Mon Sep 17 00:00:00 2001 -From: Kevin Backhouse <kevinbackhouse@github.com> -Date: Fri, 9 Apr 2021 13:26:23 +0100 -Subject: [PATCH 1/5] Fix incorrect delete. - ---- - src/crwimage_int.cpp | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/src/crwimage_int.cpp b/src/crwimage_int.cpp -index a44a67e2c..6f89fa8b8 100644 ---- a/src/crwimage_int.cpp -+++ b/src/crwimage_int.cpp -@@ -579,7 +579,7 @@ namespace Exiv2 { - void CiffComponent::setValue(DataBuf buf) - { - if (isAllocated_) { -- delete pData_; -+ delete[] pData_; - pData_ = 0; - size_ = 0; - } - -From 9b7a19f957af53304655ed1efe32253a1b11a8d0 Mon Sep 17 00:00:00 2001 -From: Kevin Backhouse <kevinbackhouse@github.com> -Date: Fri, 9 Apr 2021 13:37:48 +0100 -Subject: [PATCH 3/5] Fix integer overflow. - ---- - src/crwimage_int.cpp | 6 +++++- - 1 file changed, 5 insertions(+), 1 deletion(-) - -diff --git a/src/crwimage_int.cpp b/src/crwimage_int.cpp -index 6f89fa8b8..7b958c26f 100644 ---- a/src/crwimage_int.cpp -+++ b/src/crwimage_int.cpp -@@ -1187,7 +1187,11 @@ namespace Exiv2 { - pCrwMapping->crwDir_); - if (edX != edEnd || edY != edEnd || edO != edEnd) { - uint32_t size = 28; -- if (cc && cc->size() > size) size = cc->size(); -+ if (cc) { -+ if (cc->size() < size) -+ throw Error(kerCorruptedMetadata); -+ size = cc->size(); -+ } - DataBuf buf(size); - std::memset(buf.pData_, 0x0, buf.size_); - if (cc) std::memcpy(buf.pData_ + 8, cc->pData() + 8, cc->size() - 8); |