File: 150-CVE-2009-2687.patch

package info (click to toggle)
php5 5.2.0%2Bdfsg-8%2Betch16
  • links: PTS
  • area: main
  • in suites: etch
  • size: 58,940 kB
  • ctags: 45,388
  • sloc: ansic: 533,605; sh: 17,835; php: 11,336; cpp: 4,289; xml: 3,809; yacc: 2,446; lex: 2,174; makefile: 1,150; tcl: 1,128; awk: 693; perl: 71; sql: 22; pascal: 15
file content (15 lines) | stat: -rw-r--r-- 566 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
 
diff --git a/ext/exif/exif.c b/ext/exif/exif.c
index 56bc3b9..86ca58a 100644
--- a/ext/exif/exif.c
+++ b/ext/exif/exif.c
@@ -3128,6 +3128,10 @@ static void exif_process_TIFF_in_JPEG(image_info_type *ImageInfo, char *CharBuf,
 		exif_error_docref(NULL EXIFERR_CC, ImageInfo, E_WARNING, "Invalid TIFF start (1)");
 		return;
 	}
+	if (offset_of_ifd > length) {
+		exif_error_docref(NULL EXIFERR_CC, ImageInfo, E_WARNING, "Invalid IFD start");
+		return;
+	}
 
 	ImageInfo->sections_found |= FOUND_IFD0;
 	/* First directory starts at offset 8. Offsets starts at 0. */