rpm/openexr
SHA256
1
0
Fork 0
forked from pool/openexr
Code Pull Requests Activity
575a51b131
openexr/openexr-CVE-2017-14988.patch
Petr Gajdos 3c840ae9b8 - security update 
- added patches
  CVE-2017-14988 [bsc#1061305]
  + openexr-CVE-2017-14988.patch

OBS-URL: https://build.opensuse.org/package/show/graphics/openexr?expand=0&rev=23
2019-07-15 14:06:49 +00:00

16 lines
505 B
Diff
Raw Blame History

--- a/IlmImf/ImfHeader.cpp
+++ b/IlmImf/ImfHeader.cpp
@@ -1185,6 +1185,11 @@ Header::readFrom (OPENEXR_IMF_INTERNAL_NAMESPACE::IStream &is, int &version)
checkIsNullTerminated (typeName, "attribute type name");
OPENEXR_IMF_INTERNAL_NAMESPACE::Xdr::read <OPENEXR_IMF_INTERNAL_NAMESPACE::StreamIO> (is, size);
+ if( size < 0 )
+ {
+ throw IEX_NAMESPACE::InputExc("Invalid size field in header attribute");
+ }
+
AttributeMap::iterator i = _map.find (name);
if (i != _map.end())
View Git Blame Copy Permalink