packages/exiv2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!68 [sync] PR-64: Fix CVE-2022-3755 and CVE-2022-3756

Browse Source 
From: @openeuler-sync-bot 
Reviewed-by: @small_leek 
Signed-off-by: @small_leek
This commit is contained in:
openeuler-ci-bot 2022-11-10 10:39:08 +00:00 committed by Gitee
commit 5e9aafcc11
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
3 changed files with 64 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
CVE-2022-3755.patch Normal file
View File

@ -0,0 +1,28 @@
From 789ec5408f885709eef0a820416658b6e3882c0c Mon Sep 17 00:00:00 2001
From: qz_cx <wangqingzheng@kylinos.cn>
Date: Mon, 31 Oct 2022 15:13:45 +0800
Subject: [PATCH] Credit to
OSS-Fuzz:https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=52382
Avoid null pointer deref #2384
Merged
kevinbackhouse merged 2 commits into Exiv2
---
src/quicktimevideo.cpp | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/quicktimevideo.cpp b/src/quicktimevideo.cpp
index 335d884..ef1a6e5 100644
--- a/src/quicktimevideo.cpp
+++ b/src/quicktimevideo.cpp
@@ -915,6 +915,7 @@ namespace Exiv2 {
}
else if(equalsQTimeTag(buf, "CMbo") || equalsQTimeTag(buf, "Cmbo")) {
+ enforce(tv, Exiv2::ErrorCode::kerCorruptedMetadata);
io_->read(buf.pData_, 2);
buf.pData_[2] = '\0' ;
tv_internal = find(cameraByteOrderTags, Exiv2::toString( buf.pData_));
--
2.33.0

30
CVE-2022-3756.patch Normal file
View File

@ -0,0 +1,30 @@
From be374cc6cd51906eaacc7a4f77c9ac37ea7c69c7 Mon Sep 17 00:00:00 2001
From: qz_cx <wangqingzheng@kylinos.cn>
Date: Mon, 31 Oct 2022 14:29:31 +0800
Subject: [PATCH] Avoid potential integer overflow.
Merge pull request #2347 from kevinbackhouse/quicktimevideo-size-calc
Avoid potential integer overflow in QuickTimeVideo::userDataDecoder
@kevinbackhouse
kevinbackhouse committed on 7 Sep
---
src/quicktimevideo.cpp | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/quicktimevideo.cpp b/src/quicktimevideo.cpp
index 335d884..9b80947 100644
--- a/src/quicktimevideo.cpp
+++ b/src/quicktimevideo.cpp
@@ -895,7 +895,7 @@ namespace Exiv2 {
tv = find(userDataReferencetags, Exiv2::toString( buf.pData_));
- if(size == 0 || (size - 12) <= 0)
+ if (size <= 12)
break;
else if(equalsQTimeTag(buf, "DcMD") || equalsQTimeTag(buf, "NCDT"))
--
2.33.0

7
exiv2.spec
View File

@ -1,10 +1,12 @@
Name: exiv2
Version: 0.27.5
Release: 2
Release: 3
Summary: Exif, IPTC and XMP metadata and the ICC Profile
License: GPLv2+
URL: http://www.exiv2.org/
Source0: https://github.com/Exiv2/exiv2/archive/refs/tags/v%{version}.tar.gz
Patch0001: CVE-2022-3755.patch
Patch0002: CVE-2022-3756.patch
Provides: exiv2-libs
Obsoletes: exiv2-libs
@ -76,6 +78,9 @@ test -x %{buildroot}%{_libdir}/libexiv2.so
%{_pkgdocdir}/
%changelog
* Thu Nov 10 2022 jiangpeng <jiangpeng01@ncti-gba.cn> - 0.27.5-3
- Fix CVE-2022-3755 CVE-2022-3756
* Tue Oct 18 2022 yaoxin <yaoxin30@h-partners.com> - 0.27.5-2
- Remove rpath