2002-08-29 Lutz Müller <lutz@users.sourceforge.net>

	Renchi Raju <renchi@pooh.tam.uiuc.edu> found another bug in

	* libexif/exif-data.c: Correctly save the data.
	* configure.in: Version 0.5.6.

diff --git a/ChangeLog b/ChangeLog
index 1e8852c..bb878ed 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,12 @@
 2002-08-29  Lutz Müller <lutz@users.sourceforge.net>
 
+       Renchi Raju <renchi@pooh.tam.uiuc.edu> found another bug in 
+
+       * libexif/exif-data.c: Correctly save the data.
+       * configure.in: Version 0.5.6.
+
+2002-08-29  Lutz Müller <lutz@users.sourceforge.net>
+
        Jason Sodergren <jason@taiga.com> found a lot of bugs in
 
        * libexif/exif-data.c: Correctly save the data.

diff --git a/configure.in b/configure.in
index a2a90c9..250117b 100644 (file)
--- a/configure.in
+++ b/configure.in
@@ -1,7 +1,7 @@
 AC_PREREQ(2.50)
 AC_INIT(libexif/exif-data.h)
 AM_CONFIG_HEADER(config.h)
-AM_INIT_AUTOMAKE(libexif, 0.5.5)
+AM_INIT_AUTOMAKE(libexif, 0.5.6)
 AM_MAINTAINER_MODE
 
 dnl ---------------------------------------------------------------------------

diff --git a/libexif/exif-data.c b/libexif/exif-data.c
index 0b51347..f854124 100644 (file)
--- a/libexif/exif-data.c
+++ b/libexif/exif-data.c
@@ -32,7 +32,7 @@
 #undef MAX
 #define MAX(a, b)  (((a) > (b)) ? (a) : (b))
 
-//#define DEBUG
+#define DEBUG
 
 static const unsigned char ExifHeader[] = {0x45, 0x78, 0x69, 0x66, 0x00, 0x00};
 
@@ -261,14 +261,20 @@ exif_data_save_data_content (ExifData *data, ExifContent *ifd,
        /*
         * Check if we need some extra entries for pointers or the thumbnail.
         */
-       if (ifd == data->ifd[EXIF_IFD_1]) {
+       if (ifd == data->ifd[EXIF_IFD_0]) {
+
+               /*
+                * The pointer to IFD_EXIF is in IFD_0. The pointer to
+                * IFD_INTEROPERABILITY is in IFD_EXIF.
+                */
                if (data->ifd[EXIF_IFD_EXIF]->count || data->ifd[EXIF_IFD_INTEROPERABILITY]->count)
                        n_ptr++;
+
+               /* The pointer to IFD_GPS is in IFD_0. */
                if (data->ifd[EXIF_IFD_GPS]->count)
                        n_ptr++;
-       } else if (ifd == data->ifd[EXIF_IFD_1]) {
-               if (data->size)
-                       n_thumb = 2;
+       } else if ((ifd == data->ifd[EXIF_IFD_1]) && data->size) {
+               n_thumb = 2;
        } else if (ifd == data->ifd[EXIF_IFD_EXIF]) {
                if (data->ifd[EXIF_IFD_INTEROPERABILITY]->count)
                        n_ptr++;
@@ -344,7 +350,8 @@ exif_data_save_data_content (ExifData *data, ExifContent *ifd,
                offset += 12;
        }
 
-       if (n_thumb) {
+       /* Information about the thumbnail (if any) is saved in IFD_1. */
+       if ((ifd == data->ifd[EXIF_IFD_1]) && data->size) {
 
                /* EXIF_TAG_JPEG_INTERCHANGE_FORMAT */
                exif_set_short (*d + 6 + offset + 0, data->priv->order,
@@ -365,12 +372,13 @@ exif_data_save_data_content (ExifData *data, ExifContent *ifd,
                exif_set_short (*d + 6 + offset + 2, data->priv->order,
                                EXIF_FORMAT_LONG);
                exif_set_long  (*d + 6 + offset + 4, data->priv->order, 1);
-               exif_set_long  (*d + 6 + offset + 8, data->priv->order,
+               exif_set_long  (*d + 6 + offset + 8, data->priv->order, 
                                data->size);
                offset += 12;
        }
 
-       if (ifd == data->ifd[EXIF_IFD_0] && data->ifd[EXIF_IFD_1]->count) {
+       if (ifd == data->ifd[EXIF_IFD_0] && (data->ifd[EXIF_IFD_1]->count ||
+                                            data->size)) {
 
                /*
                 * We are saving IFD 0. Tell where IFD 1 starts and save
@@ -521,6 +529,15 @@ exif_data_load_data (ExifData *data, const unsigned char *d, unsigned int size)
 #ifdef DEBUG
                printf ("IFD 1 at %i.\n", (int) offset);
 #endif
+
+               /* Sanity check. */
+               if (offset > size - 6) {
+#ifdef DEBUG
+                       printf ("Bogus offset!\n");
+#endif
+                       return;
+               }
+
                exif_data_load_data_content (data, data->ifd[EXIF_IFD_1], d + 6,
                                             size - 6, offset);
        }