blob: 4afedf8e59fcf85018dc5f8012642054cfb08b4c (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
|
From e6a0982f7cd9282052b6e3485a458d60629ffa0b Mon Sep 17 00:00:00 2001
From: Kevin Backhouse <kevinbackhouse@github.com>
Date: Fri, 23 Apr 2021 11:44:44 +0100
Subject: [PATCH] Add bounds check in Jp2Image::doWriteMetadata().
---
src/jp2image.cpp | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/jp2image.cpp b/src/jp2image.cpp
index 1694fed27..ca8c9ddbb 100644
--- a/src/jp2image.cpp
+++ b/src/jp2image.cpp
@@ -908,6 +908,7 @@ static void boxes_check(size_t b,size_t m)
case kJp2BoxTypeUuid:
{
+ enforce(boxBuf.size_ >= 24, Exiv2::kerCorruptedMetadata);
if(memcmp(boxBuf.pData_ + 8, kJp2UuidExif, 16) == 0)
{
#ifdef EXIV2_DEBUG_MESSAGES
|
