third_party/exiv2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
5,252 Commits 2 Branches 0 Tags 122 MiB
142a9a9178
Commit Graph

5252 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Luis Díaz Más
142a9a9178 (AppVeyor) Disable unit tests until we found out the problem 2017-10-16 07:27:32 +02:00
Luis Díaz Más
bf6670abb0 (AppVeyor) Install ninja & Use it as the CMake generator (speed up builds) 2017-10-16 07:27:32 +02:00
Luis Díaz Más
f9fab45163 (AppVeyor) Trying to run unit tests properly from windows 2017-10-16 07:27:32 +02:00
Pix4d
3f53588de7 (Travis) Should run tests on mac 2017-10-16 07:27:32 +02:00
Luis Díaz Más
a721ab343d (travis) Use 2 threads in the compilation 2017-10-16 07:27:32 +02:00
Luis Díaz Más
b78aa69455 (travis) Do not install things bring with conan already 2017-10-16 07:27:32 +02:00
Luis Díaz Más
9482763061 Run unit tests in travis-ci and appveyor 2017-10-16 07:27:32 +02:00
Luis Díaz Más
752e7a6bea Add simple unit tests for DataBuf 2017-10-16 07:27:32 +02:00
Luis Díaz Más
72cf9166fe Add simple tests for exifTime 2017-10-16 07:27:32 +02:00
Luis Díaz Más
2bad771834 (CMake) Add GTEST_LINKED_AS_SHARED_LIBRARY definition 2017-10-16 07:27:32 +02:00
Luis Díaz Más
26189ad287 (CMake) Add a new CMake option to enable the new Unit Tests 2017-10-16 07:27:32 +02:00
Luis Díaz Más
89629f0056 (CMake) Bring GTest and GMock via conan 2017-10-16 07:27:32 +02:00
Luis Díaz Más
cd38a570fa (CMake) Same output directories for binaries and libraries on all the platforms 2017-10-16 07:27:32 +02:00
Luis Díaz Más
00f5b2ab6d Merge pull request #114 from D4N/readme_improvements 
Adapted README.md to better render on Github
 2017-10-16 07:10:40 +02:00
Dan Čermák
942044e7d9 Adapted README.md to better render on github 2017-10-15 22:55:06 +02:00
Luis Díaz Más
38584d938b Merge pull request #118 from a17r/exiv2command 
Fix build with EXIV2_BUILD_EXIV2_COMMAND=OFF
 2017-10-15 21:05:57 +02:00
Luis Díaz Más
6c01726404 Merge branch 'master' into exiv2command 2017-10-15 20:30:18 +02:00
Andreas Sturmlechner
57883ee664
Fix build with EXIV2_BUILD_EXIV2_COMMAND=OFF 2017-10-13 18:54:11 +02:00
Luis Díaz Más
269370863e Merge pull request #117 from a17r/pobuildswitch 
Fix remaining occurrence of EXIV2_ENABLE_BUILD_PO
 2017-10-13 08:09:13 +02:00
Andreas Sturmlechner
3f39c23f2c
Fix remaining occurrence of EXIV2_ENABLE_BUILD_PO 2017-10-12 17:41:01 +02:00
D4N
549cac47af Merge pull request #110 from D4N/fix_CVE-2017-14864 
Fix for CVE-2017-14864, CVE-2017-14862 and CVE-2017-14859
 2017-10-11 10:15:00 +02:00
Dan Čermák
de298b8e5d Added reproducers for #73, #74 and #75 to the test suite 2017-10-11 09:50:39 +02:00
Dan Čermák
c686843e20 Added exception throw on Value pointer being null 
v can be null if the typeId is invalid => throw an exception notifying
the user that his file is corrupted instead of the assertion
 2017-10-11 09:46:04 +02:00
Dan Čermák
75940da0a6 Added check for overflows in calculation of size 2017-10-11 09:46:04 +02:00
Dan Čermák
8a586c74bb Fix for CVE-2017-14864, CVE-2017-14862 and CVE-2017-14859 
The invalid memory dereference in
Exiv2::getULong()/Exiv2::StringValueBase::read()/Exiv2::DataValue::read()
is caused further up the call-stack, by
v->read(pData, size, byteOrder) in TiffReader::readTiffEntry()
passing an invalid pData pointer (pData points outside of the Tiff
file). pData can be set out of bounds in the (size > 4) branch where
baseOffset() and offset are added to pData_ without checking whether
the result is still in the file. As offset comes from an untrusted
source, an attacker can craft an arbitrarily large offset into the
file.

This commit adds a check into the problematic branch, whether the
result of the addition would be out of bounds of the Tiff
file. Furthermore the whole operation is checked for possible
overflows.
 2017-10-11 09:46:04 +02:00
Dan Čermák
6c1ba331b9 Added arithmetic operation overflow error 2017-10-11 09:46:04 +02:00
Luis Díaz Más
f06418c656 Merge pull request #108 from D4N/fix_CVE-2017-14860 
Fix CVE-2017-14860
 2017-10-11 06:38:58 +02:00
Dan Čermák
c884a3b4bf Added the reproducer for CVE-2017-14860 to the test suite 2017-10-11 00:11:15 +02:00
Dan Čermák
ff18fec24b Fix for CVE-2017-14860 
A heap buffer overflow could occur in memcpy when icc.size_ is larger
than data.size_ - pad, as then memcpy would read out of bounds of data.

This commit adds a sanity check to iccLength (= icc.size_): if it is
larger than data.size_ - pad (i.e. an overflow would be caused) an
exception is thrown.

This fixes #71.
 2017-10-11 00:11:15 +02:00
Dan Čermák
65f45a3505 Added new error message to warn about corrupted metadata 2017-10-11 00:11:15 +02:00
Luis Díaz Más
27cabb2a1a Merge pull request #115 from piponazo/appVeyorChanges 
App veyor changes
 2017-10-10 11:59:44 +02:00
Luis Díaz Más
39e3d7fbe4 Merge branch 'master' into appVeyorChanges 2017-10-10 10:41:33 +02:00
Luis Díaz Más
7f0d753d10 Use separate conanData directory for the conan cache in travis 2017-10-10 08:13:30 +02:00
Luis Díaz Más
62a0f8cde8 Unify appveyor style 2017-10-10 08:13:30 +02:00
Luis Diaz Mas
bdce47b6e7 Use VS2015 instead of 2017, Use newer conan version and enable cache in appveyor 2017-10-10 08:13:26 +02:00
D4N
0a56b0ab81 Merge pull request #113 from greenbigfrog/patch-1 
Fix URL to wiki in README.md
 2017-10-09 22:36:51 +02:00
Jonathan
2ff0bb9a6a Fix URL to wiki in README.md 2017-10-09 18:01:27 +02:00
Luis Díaz Más
0670b35f56 Merge pull request #111 from piponazo/travisCache 
Travis cache
 2017-10-08 09:12:03 +02:00
Luis Diaz Mas
f454c375a0 Disable bash -ex to not fail with commands returning non-0 values 2017-10-07 19:47:30 +02:00
Luis Díaz Más
1067978216 Adding caching support in travis-ci builds 2017-10-07 19:39:26 +02:00
Luis Díaz Más
4beb08e219 Merge pull request #105 from Kicer86/bigtiff 
Work in progress - improvements for bigtiff
 2017-10-07 09:38:49 +02:00
Michał Walenciak
2e535d8a27 trying to fix windows build 2017-10-07 08:58:58 +02:00
Luis Díaz Más
8e4aff29c2 Merge pull request #107 from D4N/tiffvisitor_nullptr_check 
Use nullptr check instead of assertion, by Raphaël Hertzog
 2017-10-06 15:57:55 +02:00
Michał Walenciak
2402a693fd adding missing include for numeric_limits 2017-10-06 11:27:46 +02:00
Luis Díaz Más
93bbf0cab1 Merge pull request #104 from piponazo/removeCpp11Feature 
Remove cpp11 features
 2017-10-06 05:40:39 +02:00
Dan Čermák
e026160556 Use nullptr check instead of assertion, by Raphaël Hertzog 
Source:
https://github.com/Exiv2/exiv2/issues/57#issuecomment-333086302

tc can be a null pointer when the TIFF tag is unknown (the factory
then returns an auto_ptr(0)) => as this can happen for corrupted
files, an explicit check should be used because an assertion can be
turned of in release mode (with NDEBUG defined)

This also fixes #57
 2017-10-06 00:43:31 +02:00
Luis Díaz Más
bef6dad6c5 Merge pull request #103 from AdelieLinux/master 
Amend fix for #9 to apply to other Unix systems
 2017-10-05 14:45:05 +02:00
Michał Walenciak
b1a5d615c5 removing debug message 2017-10-04 22:46:43 +02:00
Michał Walenciak
64e05c0a7a improving fixes for #55 and #56 2017-10-04 22:46:20 +02:00
Luis Díaz Más
1a1a61b63d Remove reference to regex & c++11 from the man page 2017-10-04 19:42:11 +02:00