iliaa Wed Mar 12 17:32:26 2008 UTC Modified files: /php-src/ext/exif exif.c Log: MFB: Fixed bug #44388 (Crash inside exif_read_data() on invalid images) http://cvs.php.net/viewvc.cgi/php-src/ext/exif/exif.c?r1=1.200&r2=1.201&diff_format=u Index: php-src/ext/exif/exif.c diff -u php-src/ext/exif/exif.c:1.200 php-src/ext/exif/exif.c:1.201 --- php-src/ext/exif/exif.c:1.200 Fri Mar 7 18:41:59 2008 +++ php-src/ext/exif/exif.c Wed Mar 12 17:32:26 2008 @@ -17,7 +17,7 @@ +----------------------------------------------------------------------+ */ -/* $Id: exif.c,v 1.200 2008/03/07 18:41:59 pajoye Exp $ */ +/* $Id: exif.c,v 1.201 2008/03/12 17:32:26 iliaa Exp $ */ /* ToDos * @@ -142,7 +142,7 @@ }; /* }}} */ -#define EXIF_VERSION "1.4 $Id: exif.c,v 1.200 2008/03/07 18:41:59 pajoye Exp $" +#define EXIF_VERSION "1.4 $Id: exif.c,v 1.201 2008/03/12 17:32:26 iliaa Exp $" /* {{{ PHP_MINFO_FUNCTION */ @@ -2856,7 +2856,7 @@ /* exception are IFD pointers */ exif_error_docref("exif_read_data#error_ifd" EXIFERR_CC, ImageInfo, E_WARNING, "Process tag(x%04X=%s): Illegal pointer offset(x%04X + x%04X = x%04X > x%04X)", tag, exif_get_tagname(tag, tagname, -12, tag_table TSRMLS_CC), offset_val, byte_count, offset_val+byte_count, IFDlength); } - return TRUE; + return FALSE; } if (byte_count>sizeof(cbuf)) { /* mark as outside range and get buffer */
-- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php