xymp
/
exiv2
3
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #1534 from Exiv2/fix_1529

Browse Source 
Fix out of buffer access in #1529
main
pydera 4 years ago committed by GitHub
parent 05ec05342e 13e5a3e023
commit 0230620e6e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File

5
src/jp2image.cpp
Unescape Escape View File

@ -776,9 +776,10 @@ static void boxes_check(size_t b,size_t m)
#endif #endif
box.length = (uint32_t) (io_->size() - io_->tell() + 8); box.length = (uint32_t) (io_->size() - io_->tell() + 8);
} }
if (box.length == 1) if (box.length < 8)
{ {
// FIXME. Special case. the real box size is given in another place. // box is broken, so there is nothing we can do here
throw Error(kerCorruptedMetadata);
} }
// Read whole box : Box header + Box data (not fixed size - can be null). // Read whole box : Box header + Box data (not fixed size - can be null).

Write Preview
Loading…
Cancel
Save