sergiotarxz/libvips
sergiotarxz/libvips
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Ensure EXIF is at least 4 bytes before inspection (#3109)

Browse Source
This commit is contained in:
Lovell Fuller 2022-10-22 11:20:53 +01:00 committed by GitHub
parent 53a3e6d819
commit c76d74be65
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
libvips/foreign/exif.c
View File

@ -167,6 +167,10 @@ vips_exif_load_data_without_fix( const void *data, size_t length )
/* exif_data_load_data() only allows uint for length. Limit it to less
* than that: 2**20 should be enough for anyone.
*/
if( length < 4 ) {
vips_error( "exif", "%s", _( "exif too small" ) );
return( NULL );
}
if( length > 1 << 20 ) {
vips_error( "exif", "%s", _( "exif too large" ) );
return( NULL );