johu 15/01/20 21:40:26 Added: exiv2-0.24-CVE-2014-9449.patch Log: Revision bump adds patch from fedora to fix CVE-2014-9449, bug #534608. Thanks to Pacho Ramos <[email protected]> for spotting the patch. (Portage version: 2.2.15/cvs/Linux x86_64, signed Manifest commit with key F3CFD2BD)
Revision Changes Path 1.1 media-gfx/exiv2/files/exiv2-0.24-CVE-2014-9449.patch file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/media-gfx/exiv2/files/exiv2-0.24-CVE-2014-9449.patch?rev=1.1&view=markup plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/media-gfx/exiv2/files/exiv2-0.24-CVE-2014-9449.patch?rev=1.1&content-type=text/plain Index: exiv2-0.24-CVE-2014-9449.patch =================================================================== diff -up exiv2-0.24/src/riffvideo.cpp.CVE-2014-9449 exiv2-0.24/src/riffvideo.cpp --- exiv2-0.24/src/riffvideo.cpp.CVE-2014-9449 2013-12-01 06:13:42.000000000 -0600 +++ exiv2-0.24/src/riffvideo.cpp 2015-01-05 11:21:42.306728309 -0600 @@ -856,7 +856,7 @@ namespace Exiv2 { void RiffVideo::infoTagsHandler() { - const long bufMinSize = 100; + const long bufMinSize = 10000; DataBuf buf(bufMinSize); buf.pData_[4] = '\0'; io_->seek(-12, BasicIo::cur); @@ -879,10 +879,14 @@ namespace Exiv2 { if(infoSize >= 0) { size -= infoSize; io_->read(buf.pData_, infoSize); + if(infoSize < 4) + buf.pData_[infoSize] = '\0'; } if(tv) xmpData_[exvGettext(tv->label_)] = buf.pData_; + else + continue; } io_->seek(cur_pos + size_external, BasicIo::beg); } // RiffVideo::infoTagsHandler
