projects / platform / upstream / libexif.git / log
? search:
summary | shortlog | log | commit | commitdiff | tree
first ⋅ prev ⋅ next
platform/upstream/libexif.git
4 years agoFix MakerNote tag size overflow issues at read time. 93/235593/1
commit | commitdiff | tree
Dan Fandrich [Sat, 16 May 2020 15:32:28 +0000 (17:32 +0200)]
Fix MakerNote tag size overflow issues at read time.

Check for a size overflow while reading tags, which ensures that the
size is always consistent for the given components and type of the
entry, making checking further down superfluous.

This provides an alternate fix for
https://sourceforge.net/p/libexif/bugs/125/ CVE-2016-6328 and for all
the MakerNote types. Likely, this makes both commits 41bd0423 and
89e5b1c1 redundant as it ensures that MakerNote entries are well-formed
when they're populated.

Some improvements on top by Marcus Meissner <marcus@jet.franken.de>

CVE-2020-13112

Change-Id: I334efda3fbf2b0bae831f74e8fa866303d0ec93b
Signed-off-by: Jeongmo Yang <jm80.yang@samsung.com>
5 years agoImprove deep recursion detection in exif_data_load_data_content. 67/203467/1 accepted/tizen_5.5_unified accepted/tizen_5.5_unified_mobile_hotfix accepted/tizen_5.5_unified_wearable_hotfix tizen_5.5 tizen_5.5_mobile_hotfix tizen_5.5_tv tizen_5.5_wearable_hotfix accepted/tizen/5.5/unified/20191031.011749 accepted/tizen/5.5/unified/mobile/hotfix/20201027.074220 accepted/tizen/5.5/unified/wearable/hotfix/20201027.100532 accepted/tizen/unified/20190416.071505 submit/tizen/20190415.103526 submit/tizen_5.5/20191031.000007 submit/tizen_5.5_mobile_hotfix/20201026.185107 submit/tizen_5.5_wearable_hotfix/20201026.184307 tizen_5.5.m2_release
commit | commitdiff | tree
Dan Fandrich [Fri, 12 Oct 2018 14:01:45 +0000 (16:01 +0200)]
Improve deep recursion detection in exif_data_load_data_content.

The existing detection was still vulnerable to pathological cases
causing DoS by wasting CPU. The new algorithm takes the number of tags
into account to make it harder to abuse by cases using shallow recursion
but with a very large number of tags.  This improves on commit 5d28011c
which wasn't sufficient to counter this kind of case.

The limitation in the previous fix was discovered by Laurent Delosieres,
Secunia Research at Flexera (Secunia Advisory SA84652) and is assigned
the identifier CVE-2018-20030.

Change-Id: I0ea69965f94d762c4f43c587504469259108456f
Signed-off-by: Jeongmo Yang <jm80.yang@samsung.com>
6 years agoFix CVE-2017-7544 02/163702/1 accepted/tizen_5.0_unified tizen_5.0 accepted/tizen/5.0/unified/20181102.030422 accepted/tizen/unified/20171213.153238 submit/tizen/20171213.045006 submit/tizen_5.0/20181101.000007
commit | commitdiff | tree
Jeongmo Yang [Tue, 10 Oct 2017 05:50:54 +0000 (14:50 +0900)]
Fix CVE-2017-7544

Tue Jul 25 21:38:56 2017 UTC (2 months, 2 weeks ago) by marcusmeissner
Branch: MAIN
CVS Tags: HEAD
Changes since 1.131: +6 -0 lines
Diff to previous 1.131
On saving makernotes, make sure the makernote container tags has a type
with 1 byte components.

Fixes (at least):
https://sourceforge.net/p/libexif/bugs/130
https://sourceforge.net/p/libexif/bugs/129

[Version] 0.6.21-3
[Profile] Common
[Issue Type] CVE

Change-Id: I2649b5cadbac7c7cd285d537b918dda56e637f3a
Signed-off-by: Jeongmo Yang <jm80.yang@samsung.com>
7 years agoUpdate spec file for license macro 08/121608/1 accepted/tizen_common accepted/tizen_ivi accepted/tizen_mobile accepted/tizen_tv accepted/tizen_wearable accepted/tizen/4.0/unified/20170816.013605 accepted/tizen/4.0/unified/20170828.222846 accepted/tizen/common/20170329.171857 accepted/tizen/ivi/20170329.221930 accepted/tizen/mobile/20170329.221821 accepted/tizen/tv/20170329.221858 accepted/tizen/unified/20170329.221947 accepted/tizen/wearable/20170329.221914 submit/tizen/20170328.103759 submit/tizen_4.0/20170811.094300 submit/tizen_4.0/20170828.100006 tizen_4.0.IoT.p1_release tizen_4.0.m1_release tizen_4.0.m2_release
commit | commitdiff | tree
Jeongmo Yang [Tue, 28 Mar 2017 10:07:03 +0000 (19:07 +0900)]
Update spec file for license macro

[Version] 0.6.21-2
[Profile] Common
[Issue Type] Update
[Dependency module] N/A

Change-Id: Ib8876c56489a4a5d2d8d2fe4eb03bb5b10f5a6e9
Signed-off-by: Jeongmo Yang <jm80.yang@samsung.com>
8 years ago1. Remove samsung extension code, 2. Block unnecessary build and exclude doc related... 33/75233/3 accepted/tizen_3.0.m2_mobile accepted/tizen_3.0.m2_tv accepted/tizen_3.0.m2_wearable accepted/tizen_3.0_common accepted/tizen_3.0_ivi accepted/tizen_3.0_mobile accepted/tizen_3.0_tv accepted/tizen_3.0_wearable tizen_3.0.m2 tizen_3.0_tv accepted/tizen/3.0.m2/mobile/20170105.024711 accepted/tizen/3.0.m2/tv/20170105.024852 accepted/tizen/3.0.m2/wearable/20170105.025020 accepted/tizen/3.0/common/20161114.110951 accepted/tizen/3.0/ivi/20161011.044313 accepted/tizen/3.0/mobile/20161015.033422 accepted/tizen/3.0/tv/20161016.004914 accepted/tizen/3.0/wearable/20161015.083213 accepted/tizen/common/20160627.191504 accepted/tizen/common/20160629.222220 accepted/tizen/ivi/20160629.015912 accepted/tizen/mobile/20160629.015834 accepted/tizen/tv/20160629.015929 accepted/tizen/unified/20170309.040048 accepted/tizen/wearable/20160629.015958 submit/submit/tizen/20160623.063229/20160623.063406 submit/tizen/20160623.063229 submit/tizen/20160627.065544 submit/tizen_3.0.m2/20170104.093753 submit/tizen_3.0_common/20161104.104000 submit/tizen_3.0_ivi/20161010.000003 submit/tizen_3.0_mobile/20161015.000003 submit/tizen_3.0_tv/20161015.000003 submit/tizen_3.0_wearable/20161015.000003 submit/tizen_unified/20170308.100414
commit | commitdiff | tree
Jeongmo Yang [Fri, 17 Jun 2016 06:22:57 +0000 (15:22 +0900)]
1. Remove samsung extension code, 2. Block unnecessary build and exclude doc related files

Change-Id: Iab15d7e450e11c86b648a31f4fbd82eb6ae3b1a7
Signed-off-by: Jeongmo Yang <jm80.yang@samsung.com>
11 years agoresetting manifest requested domain to floor 68/4868/1 accepted/tizen/ivi/genivi accepted/tizen/ivi/stable accepted/tizen_3.0.2014.q3_common accepted/tizen_3.0.m14.3_ivi accepted/tizen_generic tizen_3.0.2014.q3_common tizen_3.0.2014.q4_common tizen_3.0.2015.q1_common tizen_3.0.2015.q2_common tizen_3.0.m14.2_ivi tizen_3.0.m14.3_ivi tizen_3.0.m1_mobile tizen_3.0.m1_tv tizen_3.0_ivi tizen_ivi_genivi accepted/tizen/20130710.215910 accepted/tizen/20130912.094035 accepted/tizen/20130912.095640 accepted/tizen/20130912.150234 accepted/tizen/20130912.191731 accepted/tizen/20130912.195828 accepted/tizen/ivi/20160218.025300 accepted/tizen/ivi/genivi/20140131.024025 ivi_oct_m2 submit/tizen/20130710.132410 submit/tizen/20130912.075943 submit/tizen/20130912.090251 submit/tizen_common/20151015.190624 submit/tizen_common/20151019.135620 submit/tizen_common/20151023.083358 submit/tizen_common/20151026.085049 submit/tizen_ivi/20160217.000000 submit/tizen_ivi/20160217.000006 submit/tizen_ivi_genivi/20140131.023309 submit/tizen_mobile/20141120.000000 tizen_3.0.2014.q3_common_release tizen_3.0.m14.2_ivi_release tizen_3.0.m14.3_ivi_release tizen_3.0.m1_mobile_release tizen_3.0.m1_tv_release tizen_3.0.m2.a1_mobile_release tizen_3.0.m2.a1_tv_release tizen_3.0_ivi_release
commit | commitdiff | tree
Alexandru Cornea [Sat, 29 Jun 2013 00:02:31 +0000 (03:02 +0300)]
resetting manifest requested domain to floor

11 years agoadd samsung device support 76/4176/1 submit/tizen/20130620.182649
commit | commitdiff | tree
Anas Nashif [Thu, 20 Jun 2013 13:10:13 +0000 (09:10 -0400)]
add samsung device support

11 years agoSet license using %license accepted/tizen/20130520.095854 submit/tizen/20130515.050142 submit/tizen/20130517.023025
commit | commitdiff | tree
Anas Nashif [Sat, 11 May 2013 05:44:16 +0000 (01:44 -0400)]
Set license using %license

12 years agoadd packaging accepted/tizen/20130503.222322 accepted/trunk/20130325.212953 submit/tizen/20130503.223707 submit/tizen/20130509.181038 submit/trunk/20130325.083309
commit | commitdiff | tree
Anas Nashif [Sun, 4 Nov 2012 03:47:09 +0000 (20:47 -0700)]
add packaging

12 years agoadd packaging
commit | commitdiff | tree
Anas Nashif [Sun, 4 Nov 2012 03:46:35 +0000 (20:46 -0700)]
add packaging

12 years agoImported Upstream version 0.6.21 upstream/0.6.21
commit | commitdiff | tree
Anas Nashif [Sun, 4 Nov 2012 03:46:33 +0000 (20:46 -0700)]
Imported Upstream version 0.6.21

Domain: Multimedia / Media Camera;