Bug#773846: exiv2: diff for NMU version 0.24-4.1

Salvatore Bonaccorso Wed, 07 Jan 2015 11:52:03 -0800

Control: tags 773846 + pending

Dear maintainer,


I've prepared an NMU for exiv2 (versioned as 0.24-4.1) and
uploaded it to DELAYED/2. Please feel free to tell me if I
should delay it longer.

Regards,
Salvatore

diff -Nru exiv2-0.24/debian/changelog exiv2-0.24/debian/changelog
--- exiv2-0.24/debian/changelog	2014-09-05 23:32:43.000000000 +0200
+++ exiv2-0.24/debian/changelog	2015-01-07 20:38:01.000000000 +0100
@@ -1,3 +1,12 @@
+exiv2 (0.24-4.1) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Add CVE-2014-9449.patch patch.
+    CVE-2014-9449: buffer overflow in RiffVideo::infoTagsHandler
+    Thanks to Klaus Ethgen <kl...@ethgen.de> (Closes: #773846)
+
+ -- Salvatore Bonaccorso <car...@debian.org>  Wed, 07 Jan 2015 20:25:48 +0100
+
 exiv2 (0.24-4) unstable; urgency=medium
 
   * Team upload.
diff -Nru exiv2-0.24/debian/patches/CVE-2014-9449.patch exiv2-0.24/debian/patches/CVE-2014-9449.patch
--- exiv2-0.24/debian/patches/CVE-2014-9449.patch	1970-01-01 01:00:00.000000000 +0100
+++ exiv2-0.24/debian/patches/CVE-2014-9449.patch	2015-01-07 20:38:01.000000000 +0100
@@ -0,0 +1,41 @@
+From ed36a4692058f745a06d87bdaf107bc43c7d2359 Mon Sep 17 00:00:00 2001
+From: badola <badola@b7c8b350-86e7-0310-a4b4-de8f6a8f16a3>
+Date: Thu, 19 Jun 2014 20:28:44 +0000
+Subject: [PATCH] #960: Added a Buffer Overflow Fix in INFO tags of
+ RIFFVIDEO.CPP
+
+git-svn-id: svn://dev.exiv2.org/svn/trunk@3264 b7c8b350-86e7-0310-a4b4-de8f6a8f16a3
+---
+ src/riffvideo.cpp | 6 +++++-
+ 1 file changed, 5 insertions(+), 1 deletion(-)
+
+diff --git a/src/riffvideo.cpp b/src/riffvideo.cpp
+index 4545bc3..0dcd291 100644
+--- a/src/riffvideo.cpp
++++ b/src/riffvideo.cpp
+@@ -856,7 +856,7 @@ namespace Exiv2 {
+ 
+     void RiffVideo::infoTagsHandler()
+     {
+-        const long bufMinSize = 100;
++        const long bufMinSize = 10000;
+         DataBuf buf(bufMinSize);
+         buf.pData_[4] = '\0';
+         io_->seek(-12, BasicIo::cur);
+@@ -879,10 +879,14 @@ namespace Exiv2 {
+             if(infoSize >= 0) {
+                 size -= infoSize;
+                 io_->read(buf.pData_, infoSize);
++                if(infoSize < 4)
++                    buf.pData_[infoSize] = '\0';
+             }
+ 
+             if(tv)
+                 xmpData_[exvGettext(tv->label_)] = buf.pData_;
++            else
++                continue;
+         }
+         io_->seek(cur_pos + size_external, BasicIo::beg);
+     } // RiffVideo::infoTagsHandler
+-- 
+2.1.4
diff -Nru exiv2-0.24/debian/patches/series exiv2-0.24/debian/patches/series
--- exiv2-0.24/debian/patches/series	2014-08-28 22:59:07.000000000 +0200
+++ exiv2-0.24/debian/patches/series	2015-01-07 20:38:01.000000000 +0100
@@ -1 +1,2 @@
 libtool_update.diff
+CVE-2014-9449.patch

signature.asc
Description: Digital signature

Bug#773846: exiv2: diff for NMU version 0.24-4.1

Reply via email to