diff options
Diffstat (limited to 'media-gfx/jhead/files/jhead-3.06.0.1-CVE-2021-34055.patch')
-rw-r--r-- | media-gfx/jhead/files/jhead-3.06.0.1-CVE-2021-34055.patch | 108 |
1 files changed, 0 insertions, 108 deletions
diff --git a/media-gfx/jhead/files/jhead-3.06.0.1-CVE-2021-34055.patch b/media-gfx/jhead/files/jhead-3.06.0.1-CVE-2021-34055.patch deleted file mode 100644 index 1669eb6f089f..000000000000 --- a/media-gfx/jhead/files/jhead-3.06.0.1-CVE-2021-34055.patch +++ /dev/null @@ -1,108 +0,0 @@ -From f4f57913fff5de97da347a22558bbb74a1166369 Mon Sep 17 00:00:00 2001 -From: matthias wandel <matthias@woodgears.ca> -Date: Wed, 1 Sep 2021 18:59:15 -0300 -Subject: [PATCH] If exif header is complete garbage, don't keep it. Fixes - issue 36 - -(cherry picked from commit c761620767ae72e5d61c697a73de262aebe0b591) ---- - exif.c | 12 +++++++----- - jhead.h | 2 +- - jpgfile.c | 5 ++++- - 3 files changed, 12 insertions(+), 7 deletions(-) - -diff --git a/exif.c b/exif.c -index ba066b5..d250a8d 100755 ---- a/exif.c -+++ b/exif.c -@@ -1005,7 +1005,7 @@ void Clear_EXIF () - // Process a EXIF marker - // Describes all the drivel that most digital cameras include... - //-------------------------------------------------------------------------- --void process_EXIF (unsigned char * ExifSection, int length) -+int process_EXIF (unsigned char * ExifSection, int length) - { - int FirstOffset; - -@@ -1020,7 +1020,7 @@ void process_EXIF (unsigned char * ExifSection, int length) - static uchar ExifHeader[] = "Exif\0\0"; - if (memcmp(ExifSection+2, ExifHeader,6)){ - ErrNonfatal("Incorrect Exif header",0,0); -- return; -+ return 0; - } - } - -@@ -1033,21 +1033,21 @@ void process_EXIF (unsigned char * ExifSection, int length) - MotorolaOrder = 1; - }else{ - ErrNonfatal("Invalid Exif alignment marker.",0,0); -- return; -+ return 0; - } - } - - // Check the next value for correctness. - if (Get16u(ExifSection+10) != 0x2a){ - ErrNonfatal("Invalid Exif start (1)",0,0); -- return; -+ return 0; - } - - FirstOffset = (int)Get32u(ExifSection+12); - if (FirstOffset < 8 || FirstOffset > 16){ - if (FirstOffset < 16 || FirstOffset > length-16 || length < 16){ - ErrNonfatal("invalid offset for first Exif IFD value",0,0); -- return; -+ return 0; - } - // Usually set to 8, but other values valid too. - ErrNonfatal("Suspicious offset of first Exif IFD value",0,0); -@@ -1086,6 +1086,7 @@ void process_EXIF (unsigned char * ExifSection, int length) - ImageInfo.FocalLength35mmEquiv = (int)(ImageInfo.FocalLength/ImageInfo.CCDWidth*36 + 0.5); - } - } -+ return 1; - } - - -@@ -1235,6 +1236,7 @@ void create_EXIF(void) - const char * ClearOrientation(void) - { - int a; -+ - if (NumOrientations == 0) return NULL; - - for (a=0;a<NumOrientations;a++){ -diff --git a/jhead.h b/jhead.h -index 3d620d9..03987e2 100644 ---- a/jhead.h -+++ b/jhead.h -@@ -163,7 +163,7 @@ void FileTimeAsString(char * TimeStr); - // Prototypes for exif.c functions. - int Exif2tm(struct tm * timeptr, char * ExifTime); - void Clear_EXIF(); --void process_EXIF (unsigned char * CharBuf, int length); -+int process_EXIF (unsigned char * CharBuf, int length); - void ShowImageInfo(int ShowFileInfo); - void ShowConciseImageInfo(void); - const char * ClearOrientation(void); -diff --git a/jpgfile.c b/jpgfile.c -index 097d2f1..af2d7bc 100644 ---- a/jpgfile.c -+++ b/jpgfile.c -@@ -286,7 +286,10 @@ int ReadJpegSections (FILE * infile, ReadMode_t ReadMode) - // There can be different section using the same marker.
- if (ReadMode & READ_METADATA){
- if (memcmp(Data+2, "Exif", 4) == 0){
-- process_EXIF(Data, itemlen);
-+ if (!process_EXIF(Data, itemlen)){
-+ // malformatted exif sections, discard.
-+ free(Sections[--SectionsRead].Data);
-+ }
- break;
- }else if (memcmp(Data+2, "http:", 5) == 0){
- Sections[SectionsRead-1].Type = M_XMP; // Change tag for internal purposes.
--- -2.39.2 - |