Package: exiv2 / 0.25-3.1+deb9u1

CVE-2018-10998.patch Patch series | download
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
From f4e8ed2fd48d012467b99552f0d6378302a23c75 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Dan=20=C4=8Cerm=C3=A1k?= <dan.cermak@cgc-instruments.com>
Date: Mon, 11 Jun 2018 16:25:23 +0200
Subject: [PATCH] Catch all exceptions not caught in exiv2 cli-tool

It effectively looks the same as before, only now we don't call abort() but
instead clean up everything gracefully.

(cherry picked from commit f4e8ed2fd48d012467b99552f0d6378302a23c75)
[rcs: Backported to stretch]
---
 src/exiv2.cpp | 48 +++++++++++++++++++++++++++---------------------
 1 file changed, 27 insertions(+), 21 deletions(-)

--- exiv2-stretch.git.orig/src/exiv2.cpp
+++ exiv2-stretch.git/src/exiv2.cpp
@@ -151,30 +151,36 @@
         return 0;
     }
 
-    // Create the required action class
-    Action::TaskFactory& taskFactory = Action::TaskFactory::instance();
-    Action::Task::AutoPtr task
-        = taskFactory.create(Action::TaskType(params.action_));
-    assert(task.get());
-
-    // Process all files
     int rc = 0;
-    int n = 1;
-    int s = static_cast<int>(params.files_.size());
-    int w = s > 9 ? s > 99 ? 3 : 2 : 1;
-    for (Params::Files::const_iterator i = params.files_.begin();
-         i != params.files_.end(); ++i) {
-        if (params.verbose_) {
-            std::cout << _("File") << " " << std::setw(w) << std::right << n++ << "/" << s << ": "
-                      << *i << std::endl;
+
+    try {
+        // Create the required action class
+        Action::TaskFactory& taskFactory = Action::TaskFactory::instance();
+        Action::Task::AutoPtr task = taskFactory.create(Action::TaskType(params.action_));
+        assert(task.get());
+
+        // Process all files
+        int n = 1;
+        int s = static_cast<int>(params.files_.size());
+        int w = s > 9 ? s > 99 ? 3 : 2 : 1;
+        for (Params::Files::const_iterator i = params.files_.begin(); i != params.files_.end(); ++i) {
+            if (params.verbose_) {
+                std::cout << _("File") << " " << std::setw(w) << std::right << n++ << "/" << s << ": " << *i
+                          << std::endl;
+            }
+            int ret = task->run(*i);
+            if (rc == 0)
+                rc = ret;
         }
-        int ret = task->run(*i);
-        if (rc == 0) rc = ret;
-    }
 
-    taskFactory.cleanup();
-    params.cleanup();
-    Exiv2::XmpParser::terminate();
+        taskFactory.cleanup();
+        params.cleanup();
+        Exiv2::XmpParser::terminate();
+
+    } catch (const std::exception& exc) {
+        std::cerr << "Uncaught exception: " << exc.what() << std::endl;
+        rc = 1;
+    }
 
     // Return a positive one byte code for better consistency across platforms
     return static_cast<unsigned int>(rc) % 256;