projects / platform / upstream / libexif.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 593bd4c) | patch
Improve deep recursion detection in exif_data_load_data_content. 67/203467/1 accepted/tizen_5.5_unified accepted/tizen_5.5_unified_mobile_hotfix accepted/tizen_5.5_unified_wearable_hotfix tizen_5.5 tizen_5.5_mobile_hotfix tizen_5.5_tv tizen_5.5_wearable_hotfix accepted/tizen/5.5/unified/20191031.011749 accepted/tizen/5.5/unified/mobile/hotfix/20201027.074220 accepted/tizen/5.5/unified/wearable/hotfix/20201027.100532 accepted/tizen/unified/20190416.071505 submit/tizen/20190415.103526 submit/tizen_5.5/20191031.000007 submit/tizen_5.5_mobile_hotfix/20201026.185107 submit/tizen_5.5_wearable_hotfix/20201026.184307 tizen_5.5.m2_release
authorDan Fandrich <dan@coneharvesters.com>
Fri, 12 Oct 2018 14:01:45 +0000 (16:01 +0200)
committerJeongmo Yang <jm80.yang@samsung.com>
Mon, 15 Apr 2019 05:14:06 +0000 (14:14 +0900)
commitcc7979ec2644ee461a7592311533839c39d24e4a
tree718c5c96f3a96e6d1f91b7906a80c5b542a93759tree | snapshot
parent593bd4c2a95f4ddb56284a787abe2ae3d557dccecommit | diff
Improve deep recursion detection in exif_data_load_data_content.

The existing detection was still vulnerable to pathological cases
causing DoS by wasting CPU. The new algorithm takes the number of tags
into account to make it harder to abuse by cases using shallow recursion
but with a very large number of tags.  This improves on commit 5d28011c
which wasn't sufficient to counter this kind of case.

The limitation in the previous fix was discovered by Laurent Delosieres,
Secunia Research at Flexera (Secunia Advisory SA84652) and is assigned
the identifier CVE-2018-20030.

Change-Id: I0ea69965f94d762c4f43c587504469259108456f
Signed-off-by: Jeongmo Yang <jm80.yang@samsung.com>
libexif/exif-data.c diff | blob | history
Domain: Multimedia / Media Camera;