third_party/exiv2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Credit to OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=37492

Browse Source 
Throw an error if the size of the preview is greater than 1MB.
This commit is contained in:
Kevin Backhouse 2021-08-27 16:56:45 +01:00
parent 218ad98f22
commit 60144df557
No known key found for this signature in database
GPG Key ID: 9DD01852EE40366E
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/tiffvisitor_int.cpp
View File

@ -1598,6 +1598,9 @@ namespace Exiv2 {
if ( !isize ) {
v->read(pData, size, byteOrder());
} else {
// Prevent large memory allocations: https://github.com/Exiv2/exiv2/issues/1881
enforce(isize <= 1024 * 1024, kerCorruptedMetadata);
// #1143 Write a "hollow" buffer for the preview image
// Sadly: we don't know the exact location of the image in the source (it's near offset)
// And neither TiffReader nor TiffEntryBase have access to the BasicIo object being processed