third_party/exiv2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
5,415 Commits 2 Branches 0 Tags 122 MiB
06ec1e6984
Commit Graph

2704 Commits

Author SHA1 Message Date
Dan Čermák
06ec1e6984 [safe_op] Refactored addition overflow checks using functions only 
- templated structs were not required, SFINAE works for functions too
  => use instead, removes some unneeded code
- fix non-usage of builtins with clang
- adjust unit tests
 2018-03-09 00:14:24 +01:00
Dan Čermák
684c8c89de [safe_op] Simplified unsigned int overflow check 
Simply check for overflows after the addition, as no undefined behavior can
occur here.
 2018-03-08 00:34:14 +01:00
Dan Čermák
31b96b58e7 [safe_op] improved signed int overflow checks via integer promotion 
The fallback signed integer overflow check is quite expensive, but the addition
can be safely performed when saved in an int due to integer promotion
rules. This makes the check a little less expensive.
 2018-03-08 00:32:14 +01:00
Dan Čermák
029b997ca0 [safe_op] fixed typo in doc-comment 2018-03-08 00:31:02 +01:00
Dan Čermák
751fba8b54 Added dataBuf size check before calling PngChunk::decodeIHDRChunk 
- cdataBuf must be at least 8 bytes long otherwise decodeIHDRChunk
  reads out of bounds
- pngImage::readMetadata now skips png chunks where the offset for
  IHDR chunks is invalid
- added assertion into PngChunk::decodeIHDRChunk() to ensure dataBuf
  size
 2018-02-22 14:55:12 +01:00
Fredrik lingvall
fc8b45dd12 Added the Sigma 120-300mm F2.8 DG OS HSM | S for Nikon mount. 2018-02-21 12:56:42 +01:00
Fredrik lingvall
34a3be025e Added Sigma 50mm F1.4 DG HSM | A mount/UPC code (for Nikon mount). 2018-02-21 12:56:42 +01:00
Fredrik Lingvall
215227024d Added Sigma 20mm F1.4 DG HSM | A mount/UPC code (for Nikon mount). 2018-02-21 12:56:42 +01:00
Dan Čermák
efe2ccdcb6 Replaced all hardcoded error codes with ker... constants 2018-02-18 09:28:57 +01:00
Dan Čermák
d3c3c036b8 Incorporated error codes into errList 2018-02-18 09:26:47 +01:00
Robin Mills
55001c8ddf
Merge pull request #222 from Exiv2/fix-220 
Fix 220
 2018-02-03 14:19:59 +00:00
Dan Čermák
fcb4257051 Add check for DataBuf.size_ in Jp2Image::readMetadata() 
When parsing a subBox that is a ColorHeader, a length is extracted
from the input file and fed directly into DataBuf() (which calls
malloc). A crafted input file can provide arbitrarily (up to
max(uint32_t)-8) large values and result in excessive memory
allocation.

This commit adds a check for the new size of DataBuf so that it is not
larger than the remaining size of the file.

This fixes #202 aka CVE-2018-4868
 2018-02-01 17:55:22 +01:00
Robin Mills
a1f1989cb5
Merge branch 'master' into master 2018-02-01 14:55:07 +00:00
clanmills
c082537967 Fix #220 https://github.com/Exiv2/exiv2/issues/220 2018-01-29 09:13:27 +00:00
Dan Čermák
4429b962e1 Fix out of bounds read in src/pngchunk_int.cpp by @brianmay 
- consider that key is advanced by 8 bytes if stripHeader is true
  => length is reduced by same amount
  Fixed by adding offset to the check in the loop
- Rewrote loop so that keysize is checked before the next
  iteration (preventing an out of bounds read)
 2018-01-27 14:51:40 +01:00
Robin Mills
df4113b765 changes to MemIo::reserve() for #200 (#213) 
* changes to MemIo::reserve() for #200

* Changes following review by Dan (thanks, Dan).
 2018-01-26 09:19:03 +01:00
Michał Walenciak
d219e61586 be more error prone 2018-01-17 19:07:41 +01:00
Michał Walenciak
24348e85ca checks for valid reads 2018-01-15 21:44:41 +01:00
Michał Walenciak
421c6d6723 improvements for issue #208 2018-01-14 08:24:26 +01:00
Michał Walenciak
1647908e00 fix for crash in bigtiff (issue #208) 2018-01-13 11:44:31 +01:00
Robin Mills
7d42da94d0 Removed wrong ExifData::const_iterator that shadowed the correct one 2018-01-06 00:07:36 +01:00
Luis Díaz Más
00f32316b2 Add missing header 2017-12-21 16:33:14 +01:00
Luis Díaz Más
14ff034fb4 Catch std::overflow_error exception in Print::run 2017-12-21 16:33:14 +01:00
Luis Diaz Mas
d09c4bb7cd Fix arithmetic operation overflow 2017-12-21 16:33:14 +01:00
Luis Díaz Más
a1023c39ab Add safe_op.hpp to LIBEXIV2_PRIVATE_HDR (to be shown in IDEs) 2017-12-17 20:35:07 +01:00
Dan Čermák
7c00e9128d Fix compilation error with gcc < 5 
- overflow builtins were added with gcc 5.0
 2017-12-17 20:35:07 +01:00
Dan Čermák
ca7c699aa1 Added overflow safe addition function 2017-12-17 20:35:07 +01:00
Robin Mills
8f5b795eaa Fixes to autotools build to respect mn_int.cpp files (#186) 
* Fixes to autotools build to respect mn_int.cpp files

* Changes following Luis' code review.
 2017-12-11 16:48:07 +01:00
Luis Díaz Más
f36bea3801 exiv2::getEnv throws std::out_of_range on unexpected EnVar 
This change define explicitly the behavior that exiv2::getEnv should have
on response to unexpected inputs.

There are some other minor changes:

- Use _putenv_s for the unit tests on Windows
- Add todo comment
- Remove deprecated note about freeing memory
 2017-12-06 17:29:05 +01:00
Luis Díaz Más
8dc3c1f0a0 Replace malloc/free by new/delete. Use const char* for input arg 2017-12-06 17:29:05 +01:00
Luis Díaz Más
bfe057ca20 Auto-formatting done by the IDE while touching code in the previous commits 2017-12-06 17:29:05 +01:00
Luis Díaz Más
8b049922d7 Change exiv2::urlencode signature to return std::string 
The goal of this change is to remove the responsibility from the client code to
free the memory of the returned string.
 2017-12-06 17:29:05 +01:00
Luis Díaz Más
8c010c903b Compile private part as an OBJECT library (CMake concept) 2017-11-28 17:36:08 +01:00
Luis Díaz Más
d3748152a7 add _int suffix to all the internal files 2017-11-28 17:36:08 +01:00
Luis Díaz Más
44fc9ec528 Move Cr2Header to a new .cpp file 2017-11-28 17:36:08 +01:00
Luis Diaz Mas
d48abab718 Apply clang-format to some lines of the file canonmn.cpp 2017-11-19 18:52:33 +01:00
Luis Diaz Mas
d0a1c6d19d Apply clang-format to bmpimage.cpp 2017-11-19 18:52:23 +01:00
tbeu
2efc2e79da Remove obsolete id 2017-11-19 11:17:12 +01:00
tbeu
5b5987a596 Remove obsolete EXIV2_RCSID 2017-11-19 11:17:12 +01:00
tbeu
5df8b01b77 Remove obsolete svn revision 2017-11-19 11:17:11 +01:00
Robin Mills
e96e0daa8a Jp2Image::printStructure: Corrected used DataBuf for output 2017-11-19 08:29:06 +01:00
Robin Mills
befe8c64e3 Jp2Image::printStructure: only print output when bPrint is set 2017-11-19 08:29:06 +01:00
Robin Mills
13db7fdec2 Formatting changes 2017-11-19 08:29:06 +01:00
Luis Díaz Más
87a83c89d5
Merge branch 'master' into stringFormat_update 2017-11-12 10:21:33 +01:00
Luis Díaz Más
1fe8d5ba7f Fix conversion issue detected by MSVC 2017-11-12 09:54:17 +01:00
Dan Čermák
36df4bc997 Fixed potential out of bounds file access 
This commit adds a out-of-bounds protection in the case that the
extracted values for offset & count are summed up larger than the size
of the file. Also this function checks for overflows before performing
the addition.

This fixes #159
 2017-11-10 15:12:55 +01:00
Dan Čermák
cfa5073a2c Added short explanation to internal function stringFormat 2017-11-09 20:38:11 +01:00
Dan Čermák
06cafadf4f Added assertion that call to vsnprintf succeeds 2017-11-09 20:38:11 +01:00
tbeu
c0ea5f4fba Rewrite the reallocation the C++ way 
* Fix handling of the return value of vsnprintf
* In C++11 we could use buffer.data instead of &buffer[0]
 2017-11-04 21:01:36 +01:00
tbeu
22dbd632bb Find single character 2017-11-04 21:01:36 +01:00