third_party/exiv2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
5,470 Commits 2 Branches 0 Tags 122 MiB
c40c90141f
Commit Graph

5470 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Luis Díaz Más
01a5d863ad Apply clang-format to Print::printMetadatum 2018-03-20 21:30:06 +01:00
Luis Díaz Más
45fe44aa2f Move condition in if statement to discard work earlier 2018-03-20 21:30:06 +01:00
Luis Díaz Más
d82b9434e1 Only print items (Params::prValue) when size > 0 2018-03-20 21:30:06 +01:00
Robin Mills
185d0e9482 #199 Fix for getopt(). Use src/getopt_win32 code instead of libc/getopt() 2018-03-20 18:49:16 +01:00
D4N
a4a0516dc4
Merge pull request #238 from D4N/safe_op_improvements 
Addition overflow checks improvements
 2018-03-17 00:39:21 +01:00
Dan Čermák
06ec1e6984 [safe_op] Refactored addition overflow checks using functions only 
- templated structs were not required, SFINAE works for functions too
  => use instead, removes some unneeded code
- fix non-usage of builtins with clang
- adjust unit tests
 2018-03-09 00:14:24 +01:00
Dan Čermák
684c8c89de [safe_op] Simplified unsigned int overflow check 
Simply check for overflows after the addition, as no undefined behavior can
occur here.
 2018-03-08 00:34:14 +01:00
Dan Čermák
31b96b58e7 [safe_op] improved signed int overflow checks via integer promotion 
The fallback signed integer overflow check is quite expensive, but the addition
can be safely performed when saved in an int due to integer promotion
rules. This makes the check a little less expensive.
 2018-03-08 00:32:14 +01:00
Dan Čermák
029b997ca0 [safe_op] fixed typo in doc-comment 2018-03-08 00:31:02 +01:00
D4N
28fa146d97
Merge pull request #230 from D4N/fix_170 
Fix for #170
 2018-02-22 17:16:09 +01:00
Dan Čermák
cabf756553 Add reproducer for #170 to the test suite 2018-02-22 16:42:51 +01:00
Dan Čermák
751fba8b54 Added dataBuf size check before calling PngChunk::decodeIHDRChunk 
- cdataBuf must be at least 8 bytes long otherwise decodeIHDRChunk
  reads out of bounds
- pngImage::readMetadata now skips png chunks where the offset for
  IHDR chunks is invalid
- added assertion into PngChunk::decodeIHDRChunk() to ensure dataBuf
  size
 2018-02-22 14:55:12 +01:00
D4N
a1ab522eda
Merge pull request #231 from D4N/pngimage_documentation_fix 
Fix outdated documentation of PngImage::doWriteMetadata()
 2018-02-22 14:54:20 +01:00
Dan Čermák
22a7a8c2ed Fix outdated documentation of PngImage::doWriteMetadata() 
The function does not return anything, it only throws exceptions.
 2018-02-22 11:57:51 +01:00
D4N
9f74f247b4
Merge pull request #227 from frli8848/master 
Nikon mount - Sigma Lens Updates
 2018-02-22 11:57:03 +01:00
Dan Čermák
73ac02d7f2 Added test for Sigma lenses 2018-02-21 12:57:45 +01:00
Fredrik lingvall
fc8b45dd12 Added the Sigma 120-300mm F2.8 DG OS HSM | S for Nikon mount. 2018-02-21 12:56:42 +01:00
Fredrik lingvall
34a3be025e Added Sigma 50mm F1.4 DG HSM | A mount/UPC code (for Nikon mount). 2018-02-21 12:56:42 +01:00
Fredrik Lingvall
215227024d Added Sigma 20mm F1.4 DG HSM | A mount/UPC code (for Nikon mount). 2018-02-21 12:56:42 +01:00
D4N
f9d421b172
Merge pull request #109 from D4N/error_codes_enum 
[WIP] Added error codes from src/error.cpp into an enumeration
 2018-02-19 14:25:33 +01:00
Dan Čermák
3965a44df2 Replace error variable names in test suite with enum error codes 2018-02-18 10:44:05 +01:00
Dan Čermák
a15f090f81 Modified test suite so that case sensitive keys are possible 2018-02-18 10:42:16 +01:00
Dan Čermák
efe2ccdcb6 Replaced all hardcoded error codes with ker... constants 2018-02-18 09:28:57 +01:00
Dan Čermák
d897997b29 Force error code usage to construct a Exiv2::BasicError 
changed parameter code_'s type from int to ErrorCode => requires the
usage of the enum constants
 2018-02-18 09:28:40 +01:00
Dan Čermák
d3c3c036b8 Incorporated error codes into errList 2018-02-18 09:26:47 +01:00
Dan Čermák
b80fa1b4ed Added error codes from src/error.cpp into an enumeration 2018-02-18 09:26:32 +01:00
D4N
efee9a2b58
Merge pull request #205 from D4N/CVE-2017-1000127_reproducer 
Added reproducer for CVE-2017-1000127
 2018-02-07 12:36:10 +01:00
Dan Čermák
ead7f309b0 Added reproducer for CVE-2017-1000127 2018-02-07 11:16:23 +01:00
Robin Mills
55001c8ddf
Merge pull request #222 from Exiv2/fix-220 
Fix 220
 2018-02-03 14:19:59 +00:00
clanmills
7d837d9c86 Changes to test/Makefile following Dan's review. 2018-02-03 12:29:22 +00:00
D4N
9cddfa514d
Merge pull request #207 from D4N/fix_cve_2018_4868 
Fix CVE-2018-4868
 2018-02-01 18:08:47 +01:00
Dan Čermák
72de0f96f3 Added reproducer for CVE-2018-4868 to the test suite 2018-02-01 17:55:22 +01:00
Dan Čermák
fcb4257051 Add check for DataBuf.size_ in Jp2Image::readMetadata() 
When parsing a subBox that is a ColorHeader, a length is extracted
from the input file and fed directly into DataBuf() (which calls
malloc). A crafted input file can provide arbitrarily (up to
max(uint32_t)-8) large values and result in excessive memory
allocation.

This commit adds a check for the new size of DataBuf so that it is not
larger than the remaining size of the file.

This fixes #202 aka CVE-2018-4868
 2018-02-01 17:55:22 +01:00
Robin Mills
7f56236bb8
Merge pull request #212 from Kicer86/master 
fix for crash in bigtiff (issue #208)
 2018-02-01 15:13:12 +00:00
Robin Mills
a1f1989cb5
Merge branch 'master' into master 2018-02-01 14:55:07 +00:00
clanmills
06e3570f10 Trivial Documentation Update 2018-01-29 09:14:48 +00:00
clanmills
552247c3d0 Update test/Makefile not to exit on error 2018-01-29 09:13:58 +00:00
clanmills
c082537967 Fix #220 https://github.com/Exiv2/exiv2/issues/220 2018-01-29 09:13:27 +00:00
D4N
5f360a99af
Merge pull request #217 from D4N/fix_187 
Fix for #187
 2018-01-27 22:27:49 +01:00
Dan Čermák
80c4d95171 Add regression test for CVE 2017-17669 2018-01-27 14:51:40 +01:00
Dan Čermák
e0ab5aaa87 Add error 14 text as a variable to the test suite 2018-01-27 14:51:40 +01:00
Dan Čermák
4429b962e1 Fix out of bounds read in src/pngchunk_int.cpp by @brianmay 
- consider that key is advanced by 8 bytes if stripHeader is true
  => length is reduced by same amount
  Fixed by adding offset to the check in the loop
- Rewrote loop so that keysize is checked before the next
  iteration (preventing an out of bounds read)
 2018-01-27 14:51:40 +01:00
Robin Mills
df4113b765 changes to MemIo::reserve() for #200 (#213) 
* changes to MemIo::reserve() for #200

* Changes following review by Dan (thanks, Dan).
 2018-01-26 09:19:03 +01:00
Michał Walenciak
d219e61586 be more error prone 2018-01-17 19:07:41 +01:00
Michał Walenciak
24348e85ca checks for valid reads 2018-01-15 21:44:41 +01:00
Michał Walenciak
421c6d6723 improvements for issue #208 2018-01-14 08:24:26 +01:00
D4N
b7d76da9d5
Merge pull request #203 from Exiv2/fix_201 
Fix #201
 2018-01-13 21:30:02 +01:00
Michał Walenciak
dba9fba725 test for issue #208 2018-01-13 15:52:50 +01:00
Michał Walenciak
1647908e00 fix for crash in bigtiff (issue #208) 2018-01-13 11:44:31 +01:00
Dan Čermák
9900f523fe Added reproducer for #201 to the test suite 2018-01-06 00:26:09 +01:00