third_party/exiv2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
5,398 Commits 2 Branches 0 Tags 122 MiB
efe2ccdcb6
Commit Graph

62 Commits

Author SHA1 Message Date
Dan Čermák
efe2ccdcb6 Replaced all hardcoded error codes with ker... constants 2018-02-18 09:28:57 +01:00
Dan Čermák
fcb4257051 Add check for DataBuf.size_ in Jp2Image::readMetadata() 
When parsing a subBox that is a ColorHeader, a length is extracted
from the input file and fed directly into DataBuf() (which calls
malloc). A crafted input file can provide arbitrarily (up to
max(uint32_t)-8) large values and result in excessive memory
allocation.

This commit adds a check for the new size of DataBuf so that it is not
larger than the remaining size of the file.

This fixes #202 aka CVE-2018-4868
 2018-02-01 17:55:22 +01:00
Luis Diaz Mas
d09c4bb7cd Fix arithmetic operation overflow 2017-12-21 16:33:14 +01:00
tbeu
5b5987a596 Remove obsolete EXIV2_RCSID 2017-11-19 11:17:12 +01:00
tbeu
5df8b01b77 Remove obsolete svn revision 2017-11-19 11:17:11 +01:00
Robin Mills
e96e0daa8a Jp2Image::printStructure: Corrected used DataBuf for output 2017-11-19 08:29:06 +01:00
Robin Mills
befe8c64e3 Jp2Image::printStructure: only print output when bPrint is set 2017-11-19 08:29:06 +01:00
Robin Mills
13db7fdec2 Formatting changes 2017-11-19 08:29:06 +01:00
Dan Čermák
ff18fec24b Fix for CVE-2017-14860 
A heap buffer overflow could occur in memcpy when icc.size_ is larger
than data.size_ - pad, as then memcpy would read out of bounds of data.

This commit adds a sanity check to iccLength (= icc.size_): if it is
larger than data.size_ - pad (i.e. an overflow would be caused) an
exception is thrown.

This fixes #71.
 2017-10-11 00:11:15 +02:00
Robin Mills
82dbe6199d https://github.com/Exiv2/exiv2/issues/11 Closed. Coincidentally Raphael reported issues with Visual Studio 2015 Community Edition. Issue 11 and Raphael's issues should now be resolved. 2017-06-29 22:13:26 +01:00
Robin Mills
44da4724b3 #1175 Correction to r4756 Another three casts required to build with Visual Studio (size_t code ripple) 2017-04-23 10:58:54 +00:00
Robin Mills
6d5c2c3256 Getting ready to release v0.26 2017-03-08 20:42:28 +00:00
Robin Mills
2ebacb6b0b #1272 Use in-memory temporary files. 2017-03-05 17:42:12 +00:00
Robin Mills
dd0a22814c #1247 Another correction to r4655 concerning clang/apple. 2016-10-31 18:42:32 +00:00
Robin Mills
9853ca55bd #1247. Correction to r4655 to handle clang on plaforms other than MacOS-X. 2016-10-31 18:21:00 +00:00
Robin Mills
92659f24c8 #1247 Restrict clang pragma to __APPLE__ 2016-10-21 19:24:48 +00:00
Robin Mills
4abb560cf7 #1243. Fixing compilation warnings from clang in jp2image.cpp 2016-10-21 19:20:32 +00:00
Robin Mills
764f079dff #1243 Fixing typo/build breaker. 2016-10-21 17:58:10 +00:00
Robin Mills
6a1b7d262f #1243 Correction to msvc build breaker in r4648 2016-10-21 17:35:03 +00:00
Robin Mills
18ecd0e890 #1243 Adding ICC Profile support to jp2image.cpp 2016-10-21 16:04:34 +00:00
Robin Mills
b9f584fbbf #1430 Correcting MSVC build breaker in r4639 2016-10-18 10:11:39 +00:00
Robin Mills
f5956d5db2 #1230 Fixes to read tiff with web-ready. Includes the BasicIo expiremental API readUnmarked() and markRead() which I will remove later. 2016-10-17 15:48:42 +00:00
Robin Mills
774f96094c #1243 Work-in-progress on iccProfile related code. 2016-10-15 08:51:19 +00:00
Robin Mills
163f3ce7f1 #1243 Work-in-progress on writing ICC profiles. Fixed elusive issue in exiv2 -pS foo.jp2 2016-10-14 12:44:41 +00:00
Robin Mills
05f56e95af #1242 Issue warning when we encounter erroneous Exif\0\0 in the Exif UUID box. 2016-10-14 10:26:11 +00:00
Robin Mills
099dd70c59 #1230 Fix bigEndian issue in toAscii() 2016-10-13 15:42:24 +00:00
Robin Mills
3d77c41e31 #1243 Work-in-progress. 2016-10-13 12:00:56 +00:00
Robin Mills
2e9138cf91 #1243 Work-in-progress. Still to add code to writeMetadata for icc profiles. 2016-10-13 11:03:39 +00:00
Robin Mills
ebea8991e5 #1243 Work-in-progress. Added test/data/relax.jp2 which has an embedded ICC profile. 2016-10-13 08:54:00 +00:00
Robin Mills
442b0155d0 #1243 Added XMP and IPTC data to Reagan.jp2. Corrected printStructure() appropriately. 
Will add jp2image::writeMetadata()/iccProfile tomorrow and update tests.
 2016-10-12 21:26:37 +00:00
Robin Mills
699e1c744e #1243 Work in progress. Implemented jp2image::printStructure. Still to add iccProfile support to jp2image::writeMetadata() 2016-10-12 20:24:27 +00:00
Robin Mills
ed63a113e1 #1242 Work in progress. Fixing src/jp2image.cpp. Added test file. Test suite to be updated to use Reagan.jp2 (and hopefully additional test files) 2016-10-11 21:04:54 +00:00
Andreas Huggel
fd80993ab0 Updated copyright notice. 2015-05-02 11:55:40 +00:00
Robin Mills
0df8356a56 #1029. Thank You, Thomas for reporting this and providing the patch. 2015-02-12 01:24:26 +00:00
Robin Mills
97aa1149c9 #1019. Thank You Thomas for finding this issue. 2015-01-08 12:44:29 +00:00
Robin Mills
d393b0fa7e trunk: exiv2 v0.25 2014-12-25 13:55:57 +00:00
Mahesh
cff1efe122 Coverity scan fixes CID : 981999 (size overflow warning : typecasted) and 981993( divided by zeor warning : added check beore operation) 2014-07-20 15:45:33 +00:00
Robin Mills
4e530fbce0 Bumping the copyright notice again. (re-doing 3089 without breaking the build!) 2013-07-24 05:15:04 +00:00
Robin Mills
a297d2b69e Rollback 3089 - somehow it's broken the build! 2013-07-24 05:05:52 +00:00
Robin Mills
da1ed8c536 Bumping the copyright notice in src &samples from 2012 to 2013 2013-07-24 03:12:38 +00:00
Robin Mills
6ca49acd13 Work on Issue 846 (porting video code to MSVC). See http://dev.exiv2.org/issues/846 (item #8) for more discussion. 2012-09-18 07:17:59 +00:00
Andreas Huggel
0d397b95c7 Updated copyright message for 2012. 2012-03-22 15:19:35 +00:00
Robin Mills
ebfb513a21 Removing the casts which were regrettably added with SVN: 2525. 2011-06-29 01:02:04 +00:00
Robin Mills
e2c570a1ce EPS project. 
added long ul2Data(byte* buf, size_t s, ByteOrder byteOrder) to the DevStudio 64 bit build.
This rippled requiring casts to differentiate ul2Data(byte*, uint32_t,size_t) and ul2Data(byte*,size_t,size_t)
Team review requested.
 2011-06-28 04:40:25 +00:00
Andreas Huggel
7770151915 Updated Copyright message for 2011. 2011-02-13 14:08:44 +00:00
Andreas Huggel
dc264bc00d #476, #614: Introduced class LogMsg for enhanced logging, migrated all existing warnings and error messages (not the exceptions) to use the new logic. Every log message now has a type (debug, info, warning, error). Applications can set a logging level to determine which messages are processed and supply a custom log message handler at runtime. (Based on a contribution by Simson Garfinkel.) 2010-09-10 14:02:09 +00:00
Andreas Huggel
06ce0d18b6 - Introduced exiv2.hpp as a wrapper to include all Exiv2 objects. (Renamed existing exiv2.hpp to exiv2app.hpp) 
- Changed Sony/Minolta pretty-print function to print EV value
- Renamed rcsid.hpp to rcsid_int.hpp, do not publish it anymore
 2010-06-27 10:04:39 +00:00
Andreas Huggel
6d496a4888 Updated Copyright notice for 2010. 2010-04-03 07:53:30 +00:00
Andreas Huggel
370af5c8a3 Merged all changes from the unstable branch into the trunk. 2009-11-27 05:59:23 +00:00
HumanDynamo
67dfeaf3bd fix comment 2009-06-18 08:52:31 +00:00