third_party/exiv2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
5,250 Commits 2 Branches 0 Tags 122 MiB
f9fab45163
Commit Graph

130 Commits

Author SHA1 Message Date
Dan Čermák
c686843e20 Added exception throw on Value pointer being null 
v can be null if the typeId is invalid => throw an exception notifying
the user that his file is corrupted instead of the assertion
 2017-10-11 09:46:04 +02:00
Dan Čermák
75940da0a6 Added check for overflows in calculation of size 2017-10-11 09:46:04 +02:00
Dan Čermák
8a586c74bb Fix for CVE-2017-14864, CVE-2017-14862 and CVE-2017-14859 
The invalid memory dereference in
Exiv2::getULong()/Exiv2::StringValueBase::read()/Exiv2::DataValue::read()
is caused further up the call-stack, by
v->read(pData, size, byteOrder) in TiffReader::readTiffEntry()
passing an invalid pData pointer (pData points outside of the Tiff
file). pData can be set out of bounds in the (size > 4) branch where
baseOffset() and offset are added to pData_ without checking whether
the result is still in the file. As offset comes from an untrusted
source, an attacker can craft an arbitrarily large offset into the
file.

This commit adds a check into the problematic branch, whether the
result of the addition would be out of bounds of the Tiff
file. Furthermore the whole operation is checked for possible
overflows.
 2017-10-11 09:46:04 +02:00
Dan Čermák
e026160556 Use nullptr check instead of assertion, by Raphaël Hertzog 
Source:
https://github.com/Exiv2/exiv2/issues/57#issuecomment-333086302

tc can be a null pointer when the TIFF tag is unknown (the factory
then returns an auto_ptr(0)) => as this can happen for corrupted
files, an explicit check should be used because an assertion can be
turned of in release mode (with NDEBUG defined)

This also fixes #57
 2017-10-06 00:43:31 +02:00
Robin Mills
6d5c2c3256 Getting ready to release v0.26 2017-03-08 20:42:28 +00:00
Robin Mills
5f1d52e497 #1230 Added stdin-test and fixing issue identified by the test. 2016-09-25 22:43:40 +00:00
Robin Mills
973dbc9847 Fixing clang warning in tiffvisitor.cpp 2016-05-04 19:14:24 +00:00
Robin Mills
2ff64957aa #1175. Thank You, LaserSoft, for reporting this and providing the patch. 2016-03-31 14:27:43 +00:00
Robin Mills
04f871cc4c #1152 Fix submitted. Also added new static function FileIo::temporaryPath() which I require for tgt - code and fixed typo in tiffvisitor.cpp 2016-01-11 10:03:48 +00:00
Robin Mills
0798b95b50 #1143. Partial solution. I have suppressed the warning and allocated memory for Exif.Sony1.Preview. So now the size is revealed to the user. However: for reasons documented in the code, I am unable to locate the image in the source file and copy it into the metadata. 2015-12-28 21:21:08 +00:00
Andreas Huggel
b768fb1067 #1095: Do not create a TIFF component for unexpected next IFD pointers. 2015-07-31 07:51:58 +00:00
Andreas Huggel
a57317f685 Some API policing 2015-06-08 14:39:59 +00:00
Andreas Huggel
fd80993ab0 Updated copyright notice. 2015-05-02 11:55:40 +00:00
Robin Mills
a82fa51c8c #900. Preserve XMP data in TIFF files when XMPsdk is not build into the library. 2015-04-26 18:17:17 +00:00
Robin Mills
d393b0fa7e trunk: exiv2 v0.25 2014-12-25 13:55:57 +00:00
Andreas Huggel
dc6cd4cf67 #945: Set the makernote 'state' before post-processing Makernote components during reading. 2014-01-17 10:23:30 +00:00
Robin Mills
89c796a3ab Issue: #940. Fix compilation warnings. 2013-12-28 03:41:01 +00:00
Andreas Huggel
f09fceda6b Updated copyright year in a few files, version in runner.txt. 2013-12-01 12:13:42 +00:00
Andreas Huggel
8e325e1c32 #876: Reverted changes made with r2966, r2976 and r2973 and added a fix to only output characters up to the first \0 in ASCII values. 2013-10-06 14:04:48 +00:00
Robin Mills
a297d2b69e Rollback 3089 - somehow it's broken the build! 2013-07-24 05:05:52 +00:00
Robin Mills
da1ed8c536 Bumping the copyright notice in src &samples from 2012 to 2013 2013-07-24 03:12:38 +00:00
nkbj
7abdb0b17e Fix translatable names for Exif.Canon.LensModel. 2013-06-19 04:02:05 +00:00
Robin Mills
09d7aeb8d1 Issue: #883. Fix for Coverity Scan Issue:982064 2013-02-20 05:30:14 +00:00
Robin Mills
818c0e8590 Adding case asciiBytes to switches to fix compiler warnings from CMake/Unix. 2013-01-16 02:23:10 +00:00
Robin Mills
e6e6d7b45c Issue: #876 Fix for Exiv.Canon.LensModel displaying garbage bytes. 2013-01-13 01:31:18 +00:00
Andreas Huggel
02f48be40c #831: Also delete image tags from the Exif container during encoding. 2012-07-05 11:09:04 +00:00
Andreas Huggel
0d397b95c7 Updated copyright message for 2012. 2012-03-22 15:19:35 +00:00
Andreas Huggel
a558a1d066 #797: Truncate entries with an out-of-bounds upper boundary, rather than trying to adjust their size. 2011-11-17 07:20:52 +00:00
Andreas Huggel
7770151915 Updated Copyright message for 2011. 2011-02-13 14:08:44 +00:00
Andreas Huggel
3b5540a392 #752: Do not decode duplicate binary array tags. 2011-01-30 12:28:08 +00:00
Andreas Huggel
f25fca8808 #726: Added support for thumbnail found in sub-IFD of IFD1 of Samsung .SRW files. 2010-09-21 15:45:07 +00:00
Andreas Huggel
dc264bc00d #476, #614: Introduced class LogMsg for enhanced logging, migrated all existing warnings and error messages (not the exceptions) to use the new logic. Every log message now has a type (debug, info, warning, error). Applications can set a logging level to determine which messages are processed and supply a custom log message handler at runtime. (Based on a contribution by Simson Garfinkel.) 2010-09-10 14:02:09 +00:00
Andreas Huggel
717d789c8e #721: Renamed ifdItem to groupName and big internal clean-up: consolidated groups and IfdIds. 2010-08-30 19:33:07 +00:00
Andreas Huggel
45c2eb2d34 #721: Use Pimpl idiom for class ExifKey in preparation for more changes. 2010-08-24 15:45:30 +00:00
Andreas Huggel
6fc96993a1 #711: Quickfix for Exif.OlympusIp.0x1104 which points to the beginning of the image. With this change the value is truncated now, i.e., it's size is set to 0. 2010-07-22 02:34:55 +00:00
Andreas Huggel
06ce0d18b6 - Introduced exiv2.hpp as a wrapper to include all Exiv2 objects. (Renamed existing exiv2.hpp to exiv2app.hpp) 
- Changed Sony/Minolta pretty-print function to print EV value
- Renamed rcsid.hpp to rcsid_int.hpp, do not publish it anymore
 2010-06-27 10:04:39 +00:00
Andreas Huggel
03057632f5 Backed out revisions 2210:2208. 2010-05-25 14:53:56 +00:00
Andreas Huggel
81163717eb #701: Sort Sub-IFDs by group before writing, as the order may not be correct after copying image tags. 2010-05-12 16:27:57 +00:00
Andreas Huggel
e0fa36074e #668: Fixed obscure issue when copying SubIFDs. (digiKam bug 236127) 2010-05-07 11:48:54 +00:00
Andreas Huggel
8ba70c74b1 Updated max number of sub-IFDs. 2010-05-02 15:33:44 +00:00
Andreas Huggel
fc0d55dd8e #611: SonySR2 support, part 2, still experimental and incomplete. 2010-05-02 15:22:57 +00:00
Andreas Huggel
395b5b3a6a #611: Support for SonySR2 private data and encrypted sub-IFD, part 1, still experimental and incomplete. 2010-05-01 04:57:44 +00:00
Andreas Huggel
6d496a4888 Updated Copyright notice for 2010. 2010-04-03 07:53:30 +00:00
Andreas Huggel
f8197d8463 #668: In TIFF and TIFF-like images, never modify 'image tags'. This patch implements the basic idea. 2010-04-01 16:20:54 +00:00
Andreas Huggel
13704dcba4 #684: Extended SubIFD support to 9 SubIFDs. 2010-03-04 14:46:01 +00:00
Andreas Huggel
b8d802c12c #684: Quickfix to prevent the assertion failure. 2010-03-04 13:34:54 +00:00
Andreas Huggel
5f1d09b6f0 #666: Added configuration setting to concatenate gaps between known tags in binary arrays. Needs testing and a test-case. 2010-02-04 16:41:14 +00:00
Andreas Huggel
7a71340247 #677: Reversed changes from r2018. 2010-01-31 06:31:40 +00:00
Andreas Huggel
2d91fb1f6d #677: Avoid deleting Exif metadata from the container when writing. 2010-01-30 10:05:48 +00:00
Andreas Huggel
763b4f7933 Removed trailing whitespace. 2009-12-28 14:47:58 +00:00