Update of /cvsroot/libexif/libexif/libexif/fuji
In directory ddv4jf1.ch3.sourceforge.com:/tmp/cvs-serv5544/libexif/fuji
Modified Files:
exif-mnote-data-fuji.c
Log Message:
Jan Patera's keen eyes noticed that my MakerNote unification changes
introduced a case where a NULL pointer would be dereferenced before
being checked for NULL.
Index: exif-mnote-data-fuji.c
===================================================================
RCS file: /cvsroot/libexif/libexif/libexif/fuji/exif-mnote-data-fuji.c,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -p -d -r1.9 -r1.10
--- exif-mnote-data-fuji.c 25 Sep 2009 06:35:48 -0000 1.9
+++ exif-mnote-data-fuji.c 25 Sep 2009 22:01:53 -0000 1.10
@@ -152,10 +152,15 @@ exif_mnote_data_fuji_load (ExifMnoteData
{
ExifMnoteDataFuji *n = (ExifMnoteDataFuji*) en;
ExifLong c;
- size_t i, tcount, o, datao = 6 + n->offset;
+ size_t i, tcount, o, datao;
- if (!n || !buf || !buf_size || (datao + 12 < datao) ||
- (datao + 12 < 12) || (datao + 12 > buf_size)) {
+ if (!n || !buf || !buf_size) {
+ exif_log (en->log, EXIF_LOG_CODE_CORRUPT_DATA,
+ "ExifMnoteDataFuji", "Short MakerNote");
+ return;
+ }
+ datao = 6 + n->offset;
+ if ((datao + 12 < datao) || (datao + 12 < 12) || (datao + 12 > buf_size)) {
exif_log (en->log, EXIF_LOG_CODE_CORRUPT_DATA,
"ExifMnoteDataFuji", "Short MakerNote");
return;
|
