From 82087b58e4271270c57eecc3da251e3737d4eda1 Mon Sep 17 00:00:00 2001
From: clanmills <robin@clanmills.com>
Date: Fri, 27 Mar 2020 15:57:10 +0000
Subject: [PATCH] fix_1099_0.27

---
 src/exiv2.cpp                            |   5 +++++
 test/data/issue_1099_poc.bin             | Bin 0 -> 11343 bytes
 test/data/issue_1099_poc.txt             | Bin 0 -> 170 bytes
 tests/bugfixes/github/test_issue_1099.py |  27 +++++++++++++++++++++++
 tests/suite.conf                         |   1 +
 5 files changed, 33 insertions(+)
 create mode 100644 test/data/issue_1099_poc.bin
 create mode 100644 test/data/issue_1099_poc.txt
 create mode 100644 tests/bugfixes/github/test_issue_1099.py

diff --git a/src/exiv2.cpp b/src/exiv2.cpp
index 1132603c..ce3fb5ec 100644
--- a/src/exiv2.cpp
+++ b/src/exiv2.cpp
@@ -1475,6 +1475,11 @@ namespace {
         modifyCmd.value_ = value;
 
         if (cmdId == reg) {
+            if (value.empty()) {
+                throw Exiv2::Error(Exiv2::kerErrorMessage,
+                                   Exiv2::toString(num) + ": " + _("Empty value for key") +  + " `" + key + "'");
+            }
+
             // Registration needs to be done immediately as the new namespaces are
             // looked up during parsing of subsequent lines (to validate XMP keys).
             Exiv2::XmpProperties::registerNs(modifyCmd.value_, modifyCmd.key_);
diff --git a/test/data/issue_1099_poc.bin b/test/data/issue_1099_poc.bin
new file mode 100644
index 0000000000000000000000000000000000000000..bf386ecbdcbac26f28ec7f4ba7ee759f06457ef9
GIT binary patch
literal 11343
zcmb_?d011)wl89UBm@YANhT8v0g*u30T8q$3ECOJMkLHrZ0UnQ0FgmKL_$bF+wPcV
za%dZDupvy5h6IQqB;nWy>Oo|ZfPhLL1{2UDLBWuhzPIna=a2W^_x^bG)mQ7czp7e$
z*KbwrTDA5j5?ysjdvtU(|C@B?o8|{O7s|(vFT*RCGmf5xOWesGbjRQ7$c(dj5*mnJ
zAaJ5Bi!vKa`rM1-6UQeya<VF=-^iMKrl}sn-)wpSd3!z=Z=xIX+ND9(=9)7_V|^xw
zL$^IIhocUhpS)biDsOLr9I6_RjQp9W2ZJ0xXnMS)=q4uT?rDVMv5OtKjqB<y&5UM-
ztk_teTqY|z$Omd8gN(3sY_My&HV?>Pf1s)W#gCFYB~))(wa(!Qtr*h1?pcOSN+e+M
zaC#`TVGawxOWve6APlf=(bY<5Z3foes<!l7i_=zb>7?Mhf;?MCsXkJ-u$JwgGIWc#
zjW3u5LE3`oQ?sF6ps_~yBkIITd!g<=Jn0Q{I=BSD@l2%Nhd+{4@?|!|<AWx2<_GLh
zjjFv+|7u+aymA9N!cib%l1uz_EFPzv8ewG)zQO$H$D3yq24hY~%+h@#h1FS~#wS<x
z3O=&4il+MvP6U2vW_q1Q+?;K}OyKta?PM>nSi-pW$o95peLU=twNexUrjxMM!9Z{W
zFf|y9uMWjF&N5lH#wfP{@3%aev4exd)}JPf%Tolminii}BjWMcnKSn13?%fcvr)>u
z*qUhUiHH(!@3ZgxiW1%Z{pq3S7|(s&5kAdF0s9O>k2glbSj3>fLDCmjzwcTGUG+}f
zgZ^flfvoRuRl2y_I~<KCdABQAkFd7=rC-MnfpK)tg-jGYV7Au^YkMyz5EJj{%^HW^
zJzj-$_KG+<21EJD8bmH10F>K4S5E%^6YmNPa@%`O7az;m5kvggr)n}8*J!qe)8gvV
z#Fq*dyKK*_({KC{Y*hR?Rw-^0%eU&X(n`|3K9hANAS8Y!4s+>X`)5yVNR9@u-G<v$
zvn3I*3Rc;qKZaLA!z44S5a=8I$T49YeI@OD>8;eeej)M!fW8`hl1fnroQBHbH!`X#
zKTxg00pB}*`!6Th*J~!i>uEdo0`Pqn((VsbkHI-hx7H0sUc^F{T9w0y>kw%gf#<~0
z0+ZxHdaP1zd&xpFNWXN%?F{Z0K2p<jfI8W{d^KI89?Kw3TvMrkceMUUiM;fr5Bs^5
zvWr^u`tWnfy>%}~>i4Z%^a3KcaYI)=z0`p?Z%=RaKa0FF4)~oCx>h7$tvF;1CWG9k
z`-~~&pqz3&yy%ym%qePwrJMEMXUx@dXpLbb4_A^nl!}kfi{iycbUL^-fS(0z>I-Zw
z$84k9c)lqUyjB~xe`aQ}By7`G(A7&`(f~r7{rhP^WBNxhzGWx#!4d1FBQSfV`u>NP
zan5C$K~0i6AU@XFv*4cIhvZLqUhI2TZ$SaH$qTe>6+X<F_hpF1q_vHs;hkkee{^ge
zwdRFbejdlKE@6&#Y{Anh5#Nq&bbp>_&KAh2{kh3jA(3*nRjN8|0t1Q<qL#1B=h}i~
z=#K?me5!TEjZ}-mUJ(h07FwPnjJwic7x!Te15&EGg>?zMnkX*iXi2h+@o7x=1%1XE
zTw|GnzY5j32DBL2dYP+e#j~7NXS+&s(DM02Rvd^9`@2zcV9@#@^NeD$vt9_R!tC4a
zoVy#UZ)C@Q32=EykFszj26vh74T*=Ijfk04@(0n@j6@3X)TxfzVEetNsr7g|u$d;V
zOpxpW6!uzlFroT8KA1_K$`#m>e;zXfno+wGMt4#sR;&O-W{-QK#)OVcUL=F&Btr#2
zu<q}5g8iT4po#s-F*gB2QAcXMm&mB_*ZeI+>rO~f%g?<81DZPC`b|Ze_2aT<fe#Ty
z#xifmY|KZn?8%c?`-oq7K~4_B?3@>Di%)%#W0YN5{xz9&s<)!IcHe1U<$OB;@*t$*
zk<K;^KHZS%7GCG!aXx}_HEM%Dm{CMB>8fpOf-erjLW?pc&)n`*pmAqe2&rS?npI)p
zN$oPXe1k3lZQtOYd8&(ppQkq}8ME%b&oF>fuP{IH&hi%>=iM%{vBx<*@QG1+uO8jJ
zROt%XQ#cNFtGbCYPF-1&Wlul>ldz(L7{EC<G6G+mY%wy-!NY;BP7eLhiVK`atajOS
zc3PU;m>5(d%<>oXqCW=p`(O#&j5BAn<lWo`vW!Fw?yW^HH&uDptN211o(;-QS)ZQl
z+m5E^l+410-&CI%?%od|rQgOmKO}n3mql5gvbbyGU&!p`-`w_xO34?UHVg5Gz?6(E
zySO2GGyp59B#}AQ!8eSG{PzM%p|^utm)XvwPy9TgtS`+=O1+|Byq<m^%U%+5Lw;cV
zD&{ubTqpv7IPm61jd0qFx_hoiMt}XXO#$#x;<<;ZdkFv79@!C62e^gKqSWUSgQa$r
zesR<b&ME0OztUeHx{#CCzZX)Fvy#1OID&>U!lVQ?r{xd^StK^+di(_J0oYfh?mOoQ
zN}RzvWapSEQ%#xYrc`2Ex#{pTeOmb50J}_!fbTB&i8F!t`}}d&#o=pwYT^{#G)3TL
zIwKdfuk@5%jo4tmVU_B>t|OUyxY44+=+nz9Em6s$D6wz`y^JuyCv<rZa8XdV*dGXQ
z8Jm+|?GNd$6Y||YRx39;)XdpD+hGF*rUsEYWIId&Wn|$Anf;TzC9JWbrMvW7@{9UG
z`+Eb_9j+#}^e?Xm64Q|18^E%XJo-A}Llg?4scnc_cf;WN#;arc5(%yyKGd=DLqaiL
z+(`}3_J_V1qtuK-A;sv1<LrpS-MFDkxU&bXbNh@<kGFn>ug2?lB>-F97k>nwH>al<
zq7B95WpE*w37N~qCYxZdeXL|8V}GZ_;m40wnXPXKKF{@J7f2l`d!BTl?LVt!xu<TI
z$XTE($k1ZsnHasIR{cf_Z)ynh_Dk1yXYj>E`3C?+>Frm#%_ihSI1rO5I-0Qdg@26U
zA2N2Y(IWHLfhot4c*RIWuXi|xI6@_WUo1Dln(hZw`BDp?XLksE!&jYPMWu@R@vOy#
z9>H{2aca3c+Mr{OFOM`RPmdY0O%m9u=wMyq+OTbK-ew(^aUmnQE3=jH2{o;@0FbKp
zEySS56UfvT!bS?zylG#258nqne9D*qgGEy51!=yb&B`s^wi57(jtHB6ay9LOcvtd5
z+o4i1eMU6frE0S}UgENIYo<odSy5%sG;1)=ck3GTL5=vq%CWnhHX9Y1R{LCG)acfg
zOM_6AAjxC@hmA&vRGe_oZf3mrXQI)G#wMRP&5eistK!1rcetX-C1bJH<H338X$9<k
ziw!-;M23MykA^Fi8S11o>36qmNijCeV~V1LbAzL2h;)$to?~{fpFa-tUH0IGl#~E{
zU%ru#Q+VyuDt;@4yRPb4`=~a0j&KO5HhFe)f8W!rD;#K3tq-~o>i8;vFr@x|UxTFE
z@&PvPx!I2;)NZiZBV;qSWHz*a%>QEKT|JdkJ-mn1(%s}QgnKN<hPG6|nrG*^S9#|f
z-F{3COrOvI3dhmsheFl*j~xAb<~v$Z6HJHw?QSLwYbbBalFotnlG(G@D6*ZVzPM}+
zJ!F1fzP6T&Pd%UA!fAR>tyk!YkyiWB#G?EvX^oM`4A?YN9PNM?_TZd^ng0NMR*86T
z@JCWxONEeY^whkGXJChpSkC8N5+&MbMKJ-$adL}3yL|U{>!9l%^be)qj86z4H6T@W
zwCUe;k5!m0aoH5$Jr4J3e5N2?LdRlGQ}t?al;U_WnN}Z_ir78GIUT_qsOAIysFy(R
z&7XZ#(izn<IKu#I`c{>AR{MqOed+Djf+}$@`5QH9{U)dorEKVT&5EYE(%n9{0rwAv
z6Z@$@a}nQNjrRfM{<NC;ZD^u@J23z0L;vJSmwh~2sdQN7nk6I+#;&ylcOIrvuxVz+
zpmVoh-{19Fg&@n_$AzDJF6PJeL<<Ks@8@@n5*XJSiW++pWWJqtE!5P+(T6n0zjwq}
z8tDpCB!h$lwUY_w^X2n`n6%BW&)vm%8NNs;o)y?%r1W>hte)A%sc4eP=^lFm%L1eA
zfCt?G<UIfM0D>&{FyI%J)#qVOjY`3b8-2t3$U@{`-;6DY;@4I0QA7W9x`0<zvao_m
zgC9-h!F#sW<XjD@MAP_YrloDm_bH>ejx52?%54t$!%L1l0DgBOFVEC%)gy22Av2~j
zP9WAh@~o}s<M~^L)~wY$4W^$QEK8}*$@!%+Q~KS?7%$!f&*B~h?uER-dj~A|c!u``
zO=jQxTY!0OEi}M*Ec;hIGq5zQM(nP*!HaK6298FN$$_(yB2Ni75bkyTQsfX_@zWnh
z8zLXcYBNlx?6K>izS8a5d42UGdNb;!S0PlKFvG;gNpgKRw65~TjJQJOG0Kk%ZlJ|+
zYWd9_@OpV}DX0Y7{luTOP1F}s^n|u(xS^?zJF;+xaPsIl?t!{Mt<lWP{MoxzGjl`|
z7(O;DoJ;$dM3?#}nDj_jr&r7W$gD2l9hsO}o4wSTS)YHCeAxwEuYe+nh!+mJ#K^Y8
zK;&6*`)NFn1(f-d;Nj#cPNZu8KjPEBK^dd#D>|(v_MiCz51D}e;60${l<EMW8~Vrd
z?p?l7qD`IV%GgMg^)EkmgR;}{FB!YL{JnkKnbUo5kurcGsQ9Ew;E#6ua2U7FD<7%W
zC!9-64ZnD@r>Y$6csquqh>ZXGoKHXl*t6`9Bwm=*kKVlBK>sx_Wq~uRs%CAnYb~Ft
zutSPBLq$N__%$U$YIpE0btebar$G$$<K<rhh^n~iB)Jkw;5OohQsvo&$QTazW{H57
zC#Aarl8M2vg~TW$!C|*zr&IA|BLKr{Y65d{hZ0?k0J<Wj$7}ZgGkz4qm#2n<8=55i
z+3dWVyDn3AaEJGY71>+54XS2=hRx6IK({9WD4U_L`j)XndRfpAL_L0}PP^T7`>`^C
z-Efmdx-qu$4v*(zFvEyAX=xHxl$K+Cag}t=$L09Bz0jL~Ou$*Of3_-gUw|Ufz5wE&
zF*bP6oe-&7&R<leX*6Q>=DPX}SMu|{k@%J8=JqKjxi?Q05?Ky_o$vJ}WJWpD#MC<T
zqvJ$jehJU-onD&>HbyTWTl#914u2%)7|AGXz~-omUcD5v7vceQy#1jizE}h|!m3(A
z^N41E7s8ZBv1}xezLM18Q4jAI$EY~w!?c`7J+;s`t$J&9h);1#WIS6_r(tiHJc={i
z@OUwfSkT>>U=mkp64Th7)Q@j{KJ^5;Q1iUZF8@wv=?k86{){7QufN3v$~gPWZ!h0t
z9{*7<B|Oj$b@^;e33sDFJu}_NMFm_wlP|x6*|z5ioJ|@AIFKH#-%JTe{8#Vr9hV!t
zvT#IVS>|0sK2QeQx0w>=)@Hx&>iNf~bWBc0ABC)j8QjWFtOC@vJU?#uV{c9V<RZ*~
zR#Gq-fwiqz3jE2uohl?B{VB8$YYTLRkMbL~e_`KF1;2D65~?m++;%xWvimkz*W^ie
zs&l~QI|zS&%io@OZclluq<{`RKI_mI40YtxG-k7)_Ht#g)6gN=i-(EjFG2iUwF)(f
z7tj>hA^=?}Q>czSt9gDmRXv|SE*{uClD%H=DAj#Y6Q#+^3D@Kec4(A!>v^5xtQ^PA
z$}ORMc`a{3rBTOj<d_JT#XFNV3Tl|TKp~RL>c+Kp&YK8s7C0?T_b3t;hs90umkL=2
zQWQp@$>lvA$QTt_&Zo%)?!@2@(j?6nB1DTq6wnkxn!xB7UE(fkksvx0H0yvAQ-jKu
zWb1>NtTYyt*V3U~)7i54y_er*SqB^pzqpfm!`XOj*~_tghN`w;Uh=ixSeaQbkO8jF
z6rl9o7T#+DCcazA`z*f1UDYJyXy!EdJ7pSY)CH-&>BW<8J;GxxFP<=%Z_Qm^kGmxC
z@^TteHMe@KA2H3zi3@bw@=(7Q9KVv+s?vZj6egoDpvB7>D}p1}^E`53Z^!9lP7@nL
zk(UIMDw%qeKOY8)>>gv0mQ&?4xu76RNUj^M8*UAXk@Ht*0`XvAZgzQyQw+BN9g`$f
zD6`kSYAY1v%9b$o&{E^HSR<ZVugfKBatR$y9YT4wyeGd)eu;uc??w_W%m^Mdp(0g|
zsTWQ6s5zl*(iP4dI<j?GNuvpAl4l|{_m>K;pF64diZ}3G4MS3yElkVH`Ax?p`^zE4
zmQ8n4Fx2wx+O(oMl`YiN3`KD`dMH04ZBdv;^C~Pc_;F%94ajU^q(*{H*pAv$6TKlF
z;}q%;P`@1bqf~G32;^Y46yS2OZs4b*r`Wl3+KEP6{i$+&2H-IAE?je@&>*?{Gq-F3
z)dD*Yz0FAJ+<Zr1e}MgQy!v&@53?FZu`x5}$}`66nQq|oT%)v_$rUTRLrwV_UE4!$
zIfBoU!xv|UOgtZ~d?PZ_^c;cwXx~$?eC;vslWLAt+N&=+^7adbv1oQy{IkzKXdm-2
z__xE0n0OCGC6*ar=VYv!Tb=PJiod6yWMKPtdX6<PWz+jQBab3>!&Cd2LdB)x$ALzN
zpq-7#uAUkmP0pXorX-ohxD7|jIO9<zr&p(W)E%i-b6vHdLk7Pu+gG^Jewtl59`383
zk|UECts@A!%^*fuh>@H!IzN=^==*@iquLtpq$3j_IhE%AXs&dHwDfqHp17>_iVJyE
zj5UPy6~T#k-0r;psZ+X4b5H7TqtJ>6hrhl1-Z8ucBe@eob(27A{TudeE7COsFi&G9
zWc4PF;r>Ml)=UvL7l^1ynJ}7J=23S7O8wyY;KIMx>i&ywmICwat@fO2)u-V(5mTrt
z=PO@$8M^q%YN!WO9KX(Pd#Y$F%Qki-%$uGtM3%(=UXzX$D}qXR7)ea^un)xa9!!t=
z&0aoVq%f;xg-izWGVp+7cL7<8EsQ!I2z+}UioKrb*N{A1Q|JFSzW;{zy^KtkZs5PJ
z!D)cR^EakN*gz-aUB=kGwePRj@9TUT^AEd4Ym{{s)Qz6z2sk^4g)bOVN4w7Q5{h0A
zF+M%jyStyX?OzP4ZbjWz1NhLXB2)nF0X(VjUw(+h#)mNQd279!yjqH*jawXTVc^n2
zHEIH9(ujhhfD=L2Vx289Z(-JEJ5xi}>Y#lwml@X4puwz1vs+=;A<swj?_dF~Op_f`
zt}%Dws}RK>wQo}&|A|%oosQ6?^gYzGapjmMDCm4RbJi#fNT;R`G6r_jdA$iw7`lBp
zkZp?7F=yyd{HYsP7N@{cu8n_H2GI-><z?+=NIg|Uz1{<qP`rVZfk55l=$gLkh?Cpz
z+0wDIh_V428&2=LguHsYrf2VuS6#MuethaNLsph){WhTs%UPV}z|QlGP|iaZfHYZH
z-ToBjz}aXf=n!Ve4}^I9!S5|okt(SJI5>wmue$86@5MTq0`(B4wPuocxv+1)C!9h6
zk9SBIYu5^;ZkS(e?R0OsVxF6&$m#&UggO>cU0ebT_OMCr=|G=$;0?n7M|mP9`q(+L
z<nbI89|Jd$xYv~N-p*k`jpw0M8-lBm>D#A|@R6}JRv<9I%FY;T%eU99NfWf<PwIk;
zAVzfLXsL0wMTlk)<!KEpiVTwT(ftC!IBKY})(>Lg1$+!1Hq>oEs=fLpP)J9$Cn8Oj
z9h4*Q@tk`Dgw+^22Ap_w8b{6`4o|Xn7~7Z}gh;e+cD^t_xzCD#YjBcqNaSZTTDL`C
z{xU8uEb0X-tf5hja!J3kF$eT~Ac`B_^~II&>lu0?kehx=Npf-f$er%IA_eAMx$fIt
z))M7perc(mH5e9(yyEg@z@CQQmUF!aG3c11yb{dB40Xa2qCWY170!&YH@Z=(bg?Lm
zUv4lAzb;YbthQ{97^FC*?ykDe#idP;OR^imk@ImJDx%2<JIG$E14xRZP~U|*ax?JE
zp4)_$5q>GBOTV9v4GGG3hMWxYH$Q#CA#x?6$e!-U_{6+B@y0omiNHhsF#*a%TYvZ}
z6i8PcdjZE*E61RcJM|v`%jt<gv&=#23us6y-jHKl#Kby~c(=?C?1w~xbC&d&MKv&U
z5a8mHp@T_I+a8c(6TsBIfS!OeU_sS$$A7vc2JI>3VE*o|ccZ~y_r!Gkge-)-Fh;E^
zjqJmo1u`pYzqbp2>wg(YeeWaK>m~vC`nC^1t-FzDlO^8?VEWdFqJvSagKxQPCs^6d
zZ2I+Dz$3aqM!hkKxe6@iS5yaK3HG4OrSR%~bG$;nY!0fp$*XoR)HBa@31PI|$Bl&X
z^b6rbatAO7fMw|UF1nJZCQOk)4zk3LmptQGk_QZk$ACF-f>q7FK3$xynHd%3MqtB%
zBP<bmXG{&d+O_M=dmE%QAcKCL0F>3n<W0;S?gt#rC2%=T<tU8GM>6z?fr1dKXXF__
zL+#J7#Sbc2PD6$pqO_vC3o+fP^P!iW&VIW*R8#OXbOqx9_&QQhpq}3qt65j}Xf(mm
zQ~kZ2nw%Bv6e0fIc%}Z~>qc#{;>nBf*iB7R(U|6vtxxTSdL}r!K=@@-g`cM27dO}m
z#@c4{umrG+s7~AQp;OZg*nVztjTx^{DNNLHJ5j*bTWTW;C58nvJCXdRB3qtscpu(4
zCW*>k`MxfBlrIp*X+$#xqL(ze`d|wu<cD+t?FiHTa8?4$`@BG|XZSEOc|CP~voTvf
zolR*N<I~n-IJK=>kzL-hmL}g4e^^&&#49SzvPOHDnbxdpKt8_7>px@2s8{B;4>X{t
zYk)%b+xnGcq>Jxo&BE5Xefubd>s$XE)Au=Rs(WZb^G{SUNU1#m9jFnBmzv^By{pCw
zoVOo8&@{15!39fkt#VJV9j~S<Yg=!IA1Gvb%b=Dovc+G6A{nLt7>c+y;Q!iDzXXLt
zxn=Wd;wKCphle;KCw7=7Pt7YJ1{0U%e1Rg1$f@{{Dpz<u2WPv(zIs3kZs-d%L^#A8
z!Wb^43WU&S0Zo7O`b32-QgDtzQ%V8Mw&NX_VrCdl)F=~gf%HCEDN2&B5{+(c1^OEN
za-*uo{M}{g4ZHcm`MA4>@5#EM3DTr{-pCI<G@zH4vky?-ulI7<b!oEK9pSjtV+#<r
zHr6-l6rBC7zGqtZR<CSgWCUgn`s`}-0$}z}?-?$TuRQD@o@32~jsnO(b|#s+C0CW2
zSCoV1MJ9#)mv^HAp+1=p)*L6EeMe{$V?Cs|2jB%wdZa$;l3)DDoZ<cy6zWwkcV7+t
zk{ebI^~4q$zK<Mon+5+Sh5fe7k?$IaW7E}flUp9NFtrUI8?a-ILlPkFZ5M2qjkBmI
zH1D*{MDKTv#-O&Ref!T{`M9Ua^HiJ@F=H{7FU4eqdk}*c0^Bf3@+GskDkq|AVn-F>
zLQWSTuj-@IN2lGjUyX>-FSe|Zpj=T}BXyn3K_=p}@}k<FRU(P(=t&X!z>5(`UO5t!
zaj-ovO7XBG1ls;!{pA+f4Dh7(nns?m9>=PlAL!6z$nmRWd{VxK9NQyiwkIqIvtJl*
zbuimszsy<On6icm!y4vtB=2nw#71EX15#p`7d;vwpOy=93f5vM6_jO<nfH`SF=IzQ
z#DraFZhg-U%a58@dX0>SeOgntT@+`<gvD%ZWeDVXXi7PyauVIDco`E+8Fg|bHYz}`
zl*e6^e4@cI79EL}zH?1<ff-))o3g1Gb@!d?WKB;2NSRfBJ|Sl9?d`@p_AX+!eRmUc
z4fgQITi<<q_v_mN!Su^}HbswF&X8xu2*)Z%0%MoEXE@Ggcz8Iv(7+x?yyg#ntmANM
zMQ(J<=uo(+E-ZemxPCeEO8t^5TYjtBXzA&sDl#&XG^BrvJHk_l(xk{lqe5%2!G+ek
zWm1*S_c8dANLrpy5m==ozjj(U-rZh?*%o?>L<!_w)HR8!x<7LZLx#G2{~F-Xjh&um
z?1AmCF0nt2M&F2MgY=ywryF~Gs?dOBRF=G_^aKoGnF3e+P}VyYgho?qYA7oUs{48J
zEuT9=Q+(yi>FM<?Of7|pBWGdyr;RSicQ%68G{TwO!5QU-MlEO(i3@Tx8Jcft>NS>Z
zM!=71snn<k2RG7_r#F<1QOu_4_|3@plKu_l4<+)_S>EyuzreTRx66Ai;Bq6Gs&d{#
zMiwE?3#lKHooXwiWnVr9_sN<0Jae!l_eF4fW$7JSPC+rmk>C^KDw08|ccj_tmF8`4
zg2`X^`%dv`axom6&`?*W&X)7#t=OZ4s5%OQ_Ih_URi3@+L~P0FYR~trSuv6+!U#Tq
zOS?>aFIR8&98Q@~vok*hCWHgKJEnzHo>(-NRAjWMddZhzQt~U^8v+BNSfN}*E21uU
zhd32e$w>l{z?O+FH`~lQBS+Lv^P)CAry>Vw><TdRmkqD7-z#P5`Em@hrh_V_+f0h?
zlVrU1S4pOSMC}O(ieHSHzJ&?=HGR5STm2sX0p_{taI8KG^Tr3VQL*xJ3K7oieSgCR
zyYH?ZYb~CB#e@k(|BcQpFT$d3qJDIJY<CuAxlo>)Y3niFlPM=psyKX6EzRT1pU{c6
zIjkTHTGy9F%c7)$j|!R3MVZ${naP(B71Km!u*owK$NdA1tzkhH;g}CW&`h9yVK?26
z!mKtfuAYRBSkSo;ti3iQ3`819P&~j3J);Q5r%<-%Z)0>?(vA$1W?h)g@q+~Q@hTL|
z$ofs}uo2Z^s8L`$wax)E$wOhcvT3{}^=E8bFJsiYHpY6+!4dPSvj5n2%TW3^MQgIa
z@bh@K7~a;PV;|sa1vdL^|NTdWM|~|_T-5U!%?{CE{72#S-A6dK^aky7NGpK)H`tqc
zUKBTLUHgjJ@rY)-QxBmwx<uVdbyPauxX8>E*gYs7Fs!Iy5G@HyVm^3qI%DDGmQk05
z>&f$l$j!LMp~3fRjjVfMT4EOV?dA1?n51&EdqKNCZoICT_obF1cp~>^PSOpYzH(WU
z+Ao_;Q#(ob#uf+jmNm{PtJ(BS%F?#6MmPHXzt;s5T^G|!-<Rn@M)O9Kj;!hKyGp3t
z{)-5?NaobWHw3jR7@g}oxtct*A*bEkB$&uqy5*tYHnS&lFeA>4#C9cFI0hh)#5y_u
zX!=DDdRBa)T?Ggb@L|$vH>vJu(CjIFAHd%FfX>@5!C5)$qkKKYqx8NOPBj;(js3h*
zHp-Rh$x+bkX4i1X1@90u0QaS(x74Tu^u1MmWde{4$ggfQo@V+^Nt=!H42>jh%!mpg
zSmdCL?|QAD=g&Zd+l(c4&HZBYnaZoI_j<e};r;9b$qbAcESh6E@pd{WznRDt>uofA
z<2Q#M@~xHW7CvpZbHiFe@X$=j)c#-m(j+zRXNDBVt#dnSYoeyW%4(sT_UJo#q(vk2
z7@Y>-zIxY1=6u%EU(p7Aw^o%2#4K2X;4rfPkQq|6+s@MabQ~RG5#VeZ{p+a6_a-1L
z$8>l|YLjU%ymeJf<_xgwG)sX}QL7WBe|RHLA!v1+z;plcwoW7Xyh$e^ifh5@=E%uq
zm7%NjERoC|nrZvs+Pc9Sb0P*6f3RwyI7n-k<!}X8>)UDStwM>)O(Vq1pD{(tmJ;2t
z0({R2RFlC6kM+s-X%XeTvp1?=Lz_03@m-YA{`V$$Ua#w5TfC&r*IE~!SZ;OK;aOWR
z9U;~;WI{GDjFOp~E<4YBbq{o_a}i@)xa-wdo8>_3zxnVNc_9etq2DAiB~doaLoaUh
z29RI|d%iy$_=W*GwBTKgH$|<c6jz`wJRG6&kl&k|`LlK$k7`EH!Ppn81pd>Dn*oI9
zh`ysfP<x!eNB<nFf%4Ve!n~$CD9GKH{&sxucgV|CJl+Yh#xkoUYQz9%cj$a3ruLn<
z9OV*?xP@uL{1nu9UbaWsVU^{>8XV`nby-{gsEsB6NBZ?(V@}tYO}kkSlYG;%V>G=S
z8HssGbG~t##EmftGyVITcsgDCF|%V!<__W@kNlQq+vA5pVmVpB=))CoJg4j}W3YL~
z35dWR2u!}#r%9c>e@(9~B)Dtq_|2Vr3G7;ElV%2mD{><~vQ%qH{=|2W2!6Cw5#9D7
zXSq1|EIE7-niRA7juQeH=k$brDj?=06Uk{F`Q?)><8_nV?z*Llr|5_%&YRAG-zV$9
z;)lDp;vaS(9qvwjK)t{@raTDgJk4T~|L#8@d?BKBiVKN=QXaI_sv5hy5JdQ6BY|r_
zh0|GB3+{qn&mFV0BL_7c4>D{beMCK`hw$R5L=?<fin{I(btSuEDSFtuhrZks!l@2w
zS(GIez-~mPOAk03ho>e49XKti%q$1olyXT@S8OQAwE=k@5M7tkIlpB2_;<nVe92}-
z*#zVQ=_3c{1mbXUp~X0}8U*oZ23D_>%_IPJASsK}Dizw0AEn$7L>kJBev(c*l_On{
z#NcvdIe^H9-#x!ud(vp2!wGGq6{Sk4Og(sFO0Md`#*CiGo<R^@iEJbYXYOxai3HK%
zM1XE3oX9cf)N14WoDUTu^vcVM6`%Vok!ZOmX)uEbIQuTb|12>`YdIpPWcJSzX{ars
zI1W-;hBreJyGPn4(YUE~M}YHrw{L_g8Y(#M{!b-hSXO<SBA6KIL?m;-U<+g+lAuR)
z0#%ae<{UT?bb$~|?Cb0i@U=fniSsw*TiG4!a!odojngA?s>uj!P$@K;?n*k<0oRU<
z<bvhkf(Ue6I46AL<@)4I8W5E~$QQ1t`BO@bpaZ%4&mq*Bh16-sLeirni9zUM5~rFC
zAO^YA*31+XgsIi<Uv3uU2xr!!$aDsR;6w-lakcgC5eJaO;YwGek?Gko64+Eie#qEt
z=>RAQfE;yH>tOCk9=WGk7&7P7P)la(@8+g9BrR~@4FepzNGtz(R#}io#0IU|DXV^y
z9NLw+tgIMiH$`0$b##Z)^9Y7DR~QB%!AB$NeEdiB8n|u;1~_*Ig39U|lOD0-qB?$&
zvp<jhtpXdK(3KF8`XXx&7|(QT{LHOq?yp7np~+mZ1!T1C^WM`Dd0k<4l=+HzN@7iZ
zICDU^$Spj9wxf+Z#f7Futl{>ABubMb7Ah(!GI~M;({0cv(h`CT53Navz%YP#Aie?-
zE^-S`&m3%nTHY<D7DEt`@%0ddijMFftWHGO=^tQNYZvr$R|z7$f1aJ(Whr^r<k7EZ
zl{r2}uOP<-jaELoNVJOXZujG;as&5}uuh^N4Li1u^I@`;<GvWlspYOa5jmmx1a?J_
zgLaOLdjN-rTk&+{^^}HabPg7Zd_*7Uo^}ETmoLd#NJ3=p!71$w>dM5+Oh8WfjT7K<
zcj>!04j0^^Z;DJR58;r5DQY}hyPqw?3EiYfn_4b;4>dV*%*@s^80${*2G(%k<o9gj
zPud``5s?#Z(onl(<T^?>DF=v#+ss2P=01K=fqe3~!x)_d($3Y2Y_fYC9od{)-a~fX
z9nu~2QUoVx!#BcP9VF<Sw|VKT#pLMprWv3ZfW~?#>?_D@E~)Q4p|UAY7D<QiX+J$u
zQ?VJ_ptIemA*6Cv)q}$%Hgx{JGlqI*ce|9G**FMo$pBgADD|6x4Gi+s((*&sL<{p3
zv0r3p7P;Eu)v?)G;BK%DxbzYTA5<c>@@Wo(9|f?$bUR$&TUROp!7-5@HD?X<Ss>k@
z?+gKE75H4}7f%BtNY8JA2@Tc3&=b*hK`u;Y2;ScwOvD>=t?#B62VsM-e`Z&gS~d<a
zO*gX%hK5uR4^@u^Stq${X{~yuyqf-eF9d;M_D=1@{#0SO0Cl^{-bHet>sf{q(!axp
z($L|&S!K|u$6)FHlpIq?E4?YXWXJViFP}GYHT4;!Qi@UxQ{_|6J}Bcw1aatJJMX)?
zO*5&53SS(Uc$SzYh%oI+*)$F&;-rflcs*{8HH|7<oIwDcUa$cOYEct+GL^Lg1)RZa
zz1$A!LXRN_yv(JKBngFZ5EF@~ClMKAV^&D2sji_`fs^GLCAi5M5?>xW%N~<`PFQr$
zJV#hFMCaQh8@9w1m&%c6VDogR{G#|9KJ`mLLuz?e`+!LiWQUK9^qa$wE6?}-_Ub=3
zsQ)gXryt(Z0bc&^Y^tNPZM)7k9UYxseJ%V86F@pTx_{w6>$d-e0a~p87uG@@@LyP0
zi;cGF>X>MyrS^|hV=abhF-nU~w*me`KTvyZ_HQ~Z{ta9H)#lIpTK$C&x$5ZHY}5OX
zzCKz#wtr!q7Tf(>UzdM-2JJ0$PG(Y5Pg65a!-=WsS(!RI-=w8xCuC$MoQ4PC0^#4D
zNlDPrxy*3Tfja+>{Qu8_o7?}ea7c^)-&puhOZ=Z$u+!@KFBXtm{C{JiU(3XwmisUH
I|G>)s0?0#{=l}o!

literal 0
HcmV?d00001

diff --git a/test/data/issue_1099_poc.txt b/test/data/issue_1099_poc.txt
new file mode 100644
index 0000000000000000000000000000000000000000..3509efb7a625b68db01c7284f33c37d9195d2efe
GIT binary patch
literal 170
zcmXR)O;>QO$V^Mq^GVD0%uCDHa}Nl1NmNkcVqjp%FZ!ZjxXHw@-U!HXXZV_uvcQ$W
zEbB5;x}JLKx{#v8)c^k(7>eYKoQ#YOjh$E%Q&JS7D)_VOGt<_1CM%{_>-nXY2bU(L
zWagxXykJgM@>!pkZs=oDZ=MCRw88OhVtuM(eroPB`=2XHUik53Ccn+gO)W|-Nh}G<
Uum4{h>|Io%qGn`eY;42@01@ImjQ{`u

literal 0
HcmV?d00001

diff --git a/tests/bugfixes/github/test_issue_1099.py b/tests/bugfixes/github/test_issue_1099.py
new file mode 100644
index 00000000..6d64b3d3
--- /dev/null
+++ b/tests/bugfixes/github/test_issue_1099.py
@@ -0,0 +1,27 @@
+# -*- coding: utf-8 -*-
+
+from system_tests import CaseMeta, path, check_no_ASAN_UBSAN_errors
+
+
+class EmptyValueInCommandFile(metaclass=CaseMeta):
+    """
+    Regression test for the bug described in:
+    https://github.com/Exiv2/exiv2/issues/1099
+
+    An empty value in the command file causes a std::out_of_range exception.
+    """
+    url = "https://github.com/Exiv2/exiv2/issues/1099"
+
+    filename1 = path("$data_path/issue_1099_poc.txt")
+    filename2 = path("$data_path/issue_1099_poc.bin")
+    commands = ["$exiv2 -m $filename1 mo $filename2"]
+
+    stderr = [
+        """$filename1, line 1: Empty value for key `Exiff.LfkInfo.GPSDa'
+$exiv2exe: Error parsing -m option arguments
+"""]
+    retval = [1]
+
+    def compare_stdout(self, i, command, got_stdout, expected_stdout):
+        """ We don't care about the stdout, just don't crash """
+        pass
diff --git a/tests/suite.conf b/tests/suite.conf
index f829b4cc..7f7cfcca 100644
--- a/tests/suite.conf
+++ b/tests/suite.conf
@@ -28,6 +28,7 @@ kerInvalidTypeValue: invalid type value detected in Image::printIFDStructure
 kerNotAJpeg : This does not look like a JPEG image
 kerNoImageInInputData: Input data does not contain a valid image
 addition_overflow_message: Overflow in addition
+exiv2exe: exiv2${ENV:binary_extension}
 exiv2_exception_message: Exiv2 exception in print action for file
 exiv2_overflow_exception_message: std::overflow_error exception in print action for file
 exception_in_extract: Exiv2 exception in extract action for file