projects / platform / upstream / libexif.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: b4322b1) | patch
Fix a buffer read overflow in exif_entry_get_value
authorDan Fandrich <dan@coneharvesters.com>
Wed, 4 Jul 2018 09:06:09 +0000 (11:06 +0200)
committerDan Fandrich <dan@coneharvesters.com>
Tue, 5 Nov 2019 09:27:54 +0000 (10:27 +0100)
commitf9bb9f263fb00f0603ecbefa8957cad24168cbff
tree585e9d02da08b552ed55436fa8a329c0bc6ee3bftree | snapshot
parentb4322b18e24a8a636abe8542a0551614fef5ce4bcommit | diff
Fix a buffer read overflow in exif_entry_get_value

While parsing EXIF_TAG_FOCAL_LENGTH it was possible to read 8 bytes past
the end of a heap buffer. This was detected by the OSS Fuzz project.
Patch from Google.

Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=7344 and
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=14543
libexif/exif-entry.c diff | blob | history
Domain: Multimedia / Media Camera;