43 lines
1.4 KiB
Diff
43 lines
1.4 KiB
Diff
Index: LibRaw-0.19.0/internal/dcraw_common.cpp
|
|
===================================================================
|
|
--- LibRaw-0.19.0.orig/internal/dcraw_common.cpp 2018-08-01 12:52:18.288642432 +0200
|
|
+++ LibRaw-0.19.0/internal/dcraw_common.cpp 2018-08-01 13:13:55.263263676 +0200
|
|
@@ -14413,8 +14413,13 @@ void CLASS apply_tiff()
|
|
|
|
void CLASS parse_minolta(int base)
|
|
{
|
|
- int save, tag, len, offset, high = 0, wide = 0, i, c;
|
|
+ int tag, len, offset, high = 0, wide = 0, i, c;
|
|
short sorder = order;
|
|
+#ifdef LIBRAW_LIBRARY_BUILD
|
|
+ INT64 save;
|
|
+#else
|
|
+ int save;
|
|
+#endif
|
|
|
|
fseek(ifp, base, SEEK_SET);
|
|
if (fgetc(ifp) || fgetc(ifp) - 'M' || fgetc(ifp) - 'R')
|
|
@@ -14422,8 +14427,9 @@ void CLASS parse_minolta(int base)
|
|
order = fgetc(ifp) * 0x101;
|
|
offset = base + get4() + 8;
|
|
#ifdef LIBRAW_LIBRARY_BUILD
|
|
- if(offset>ifp->size()-8) // At least 8 bytes for tag/len
|
|
- offset = ifp->size()-8;
|
|
+ INT64 fsize = ifp->size();
|
|
+ if(offset>fsize-8) // At least 8 bytes for tag/len
|
|
+ offset = fsize-8;
|
|
#endif
|
|
|
|
while ((save = ftell(ifp)) < offset)
|
|
@@ -14433,6 +14439,10 @@ void CLASS parse_minolta(int base)
|
|
len = get4();
|
|
if(len < 0)
|
|
return; // just ignore wrong len?? or raise bad file exception?
|
|
+#ifdef LIBRAW_LIBRARY_BUILD
|
|
+ if((INT64)len + save + 8ULL > save)
|
|
+ return; // just ignore out of file metadata, stop parse
|
|
+#endif
|
|
switch (tag)
|
|
{
|
|
case 0x505244: /* PRD */
|