diff options
Diffstat (limited to 'meta-oe/recipes-support/exiv2/exiv2/CVE-2021-29473.patch')
| -rw-r--r-- | meta-oe/recipes-support/exiv2/exiv2/CVE-2021-29473.patch | 21 |
1 files changed, 21 insertions, 0 deletions
diff --git a/meta-oe/recipes-support/exiv2/exiv2/CVE-2021-29473.patch b/meta-oe/recipes-support/exiv2/exiv2/CVE-2021-29473.patch new file mode 100644 index 000000000..4afedf8e5 --- /dev/null +++ b/meta-oe/recipes-support/exiv2/exiv2/CVE-2021-29473.patch | |||
| @@ -0,0 +1,21 @@ | |||
| 1 | From e6a0982f7cd9282052b6e3485a458d60629ffa0b Mon Sep 17 00:00:00 2001 | ||
| 2 | From: Kevin Backhouse <kevinbackhouse@github.com> | ||
| 3 | Date: Fri, 23 Apr 2021 11:44:44 +0100 | ||
| 4 | Subject: [PATCH] Add bounds check in Jp2Image::doWriteMetadata(). | ||
| 5 | |||
| 6 | --- | ||
| 7 | src/jp2image.cpp | 1 + | ||
| 8 | 1 file changed, 1 insertion(+) | ||
| 9 | |||
| 10 | diff --git a/src/jp2image.cpp b/src/jp2image.cpp | ||
| 11 | index 1694fed27..ca8c9ddbb 100644 | ||
| 12 | --- a/src/jp2image.cpp | ||
| 13 | +++ b/src/jp2image.cpp | ||
| 14 | @@ -908,6 +908,7 @@ static void boxes_check(size_t b,size_t m) | ||
| 15 | |||
| 16 | case kJp2BoxTypeUuid: | ||
| 17 | { | ||
| 18 | + enforce(boxBuf.size_ >= 24, Exiv2::kerCorruptedMetadata); | ||
| 19 | if(memcmp(boxBuf.pData_ + 8, kJp2UuidExif, 16) == 0) | ||
| 20 | { | ||
| 21 | #ifdef EXIV2_DEBUG_MESSAGES | ||