Menu
▾
▴
[libexif-cvs] libexif/libexif/pentax exif-mnote-data-pentax.c, 1.17, 1.18
|
From: Dan F. <dfa...@us...> - 2009-09-25 22:02:09
|
Update of /cvsroot/libexif/libexif/libexif/pentax In directory ddv4jf1.ch3.sourceforge.com:/tmp/cvs-serv5544/libexif/pentax Modified Files: exif-mnote-data-pentax.c Log Message: Jan Patera's keen eyes noticed that my MakerNote unification changes introduced a case where a NULL pointer would be dereferenced before being checked for NULL. Index: exif-mnote-data-pentax.c =================================================================== RCS file: /cvsroot/libexif/libexif/libexif/pentax/exif-mnote-data-pentax.c,v retrieving revision 1.17 retrieving revision 1.18 diff -u -p -d -r1.17 -r1.18 --- exif-mnote-data-pentax.c 25 Sep 2009 06:35:48 -0000 1.17 +++ exif-mnote-data-pentax.c 25 Sep 2009 22:01:53 -0000 1.18 @@ -215,17 +215,22 @@ exif_mnote_data_pentax_load (ExifMnoteDa const unsigned char *buf, unsigned int buf_size) { ExifMnoteDataPentax *n = (ExifMnoteDataPentax *) en; - size_t i, tcount, o, datao = 6 + n->offset, base = 0; + size_t i, tcount, o, datao, base = 0; ExifShort c; - if (!n || !buf || !buf_size || (datao + 8 < datao) || - (datao + 8 < 8) || (datao + 8 > buf_size)) { + if (!n || !buf || !buf_size) { + exif_log (en->log, EXIF_LOG_CODE_CORRUPT_DATA, + "ExifMnoteDataPentax", "Short MakerNote"); + return; + } + datao = 6 + n->offset; + if ((datao + 8 < datao) || (datao + 8 < 8) || (datao + 8 > buf_size)) { exif_log (en->log, EXIF_LOG_CODE_CORRUPT_DATA, "ExifMnoteDataPentax", "Short MakerNote"); return; } - /* Detect varient of Pentax/Casio MakerNote found */ + /* Detect variant of Pentax/Casio MakerNote found */ if (!memcmp(buf + datao, "AOC", 4)) { if ((buf[datao + 4] == 'I') && (buf[datao + 5] == 'I')) { n->version = pentaxV3; |
