[SCM] exiv2 packaging branch, master, updated. debian/0.25-3.1-3734-gdcbc29a
Maximiliano Curia
maxy at moszumanska.debian.org
Thu Jul 13 17:37:31 UTC 2017
Gitweb-URL: http://git.debian.org/?p=pkg-kde/kde-extras/exiv2.git;a=commitdiff;h=2faedb6
The following commit has been merged in the master branch:
commit 2faedb68186617fb929789c965aa0b1cf9ec8f08
Author: Andreas Huggel <ahuggel at gmx.net>
Date: Wed Apr 26 06:34:25 2006 +0000
Added threshold to prevent decoding unknown tags with large values (configurable, arbitrarily set to 4kB)
---
src/tiffparser.cpp | 2 +-
src/tiffvisitor.cpp | 13 +++++++++++++
src/tiffvisitor.hpp | 12 +++++++++---
3 files changed, 23 insertions(+), 4 deletions(-)
diff --git a/src/tiffparser.cpp b/src/tiffparser.cpp
index d384fda..ad11015 100644
--- a/src/tiffparser.cpp
+++ b/src/tiffparser.cpp
@@ -138,7 +138,7 @@ namespace Exiv2 {
TiffReader reader(pData, size, rootDir.get(), state);
rootDir->accept(reader);
- TiffMetadataDecoder decoder(pImage);
+ TiffMetadataDecoder decoder(pImage, 4096);
rootDir->accept(decoder);
} // TiffParser::decode
diff --git a/src/tiffvisitor.cpp b/src/tiffvisitor.cpp
index d262a56..b76a35b 100644
--- a/src/tiffvisitor.cpp
+++ b/src/tiffvisitor.cpp
@@ -176,6 +176,19 @@ namespace Exiv2 {
// Todo: ExifKey should have an appropriate c'tor, it should not be
// necessary to use groupName here
ExifKey k(object->tag(), object->groupName());
+ const Value* v = object->pValue();
+ if ( threshold_ > 0
+ && v != 0
+ && static_cast<uint32_t>(v->size()) > threshold_
+ && k.tagName().substr(0, 2) == "0x") {
+#ifndef SUPPRESS_WARNINGS
+ std::cerr << "Warning: "
+ << "Size " << v->size() << " of " << k.key()
+ << " exceeds " << threshold_
+ << " bytes limit. Not decoded.
";
+#endif
+ return;
+ }
assert(pImage_ != 0);
pImage_->exifData().add(k, object->pValue());
diff --git a/src/tiffvisitor.hpp b/src/tiffvisitor.hpp
index b808509..2ab8a4b 100644
--- a/src/tiffvisitor.hpp
+++ b/src/tiffvisitor.hpp
@@ -194,8 +194,14 @@ namespace Exiv2 {
public:
//! @name Creators
//@{
- //! Constructor, taking the image to add the metadata to
- TiffMetadataDecoder(Image* pImage) : pImage_(pImage) {}
+ /*!
+ Constructor, taking the image to add the metadata to
+ and an optional threshold. Unknown tags with values
+ larger (in bytes) than the threshold will be ignored.
+ Default is not to ignore any tags (0).
+ */
+ TiffMetadataDecoder(Image* pImage, uint32_t threshold =0)
+ : pImage_(pImage), threshold_(threshold) {}
//! Virtual destructor
virtual ~TiffMetadataDecoder() {}
//@}
@@ -228,7 +234,7 @@ namespace Exiv2 {
private:
// DATA
Image* pImage_; //!< Pointer to the image to which the metadata is added
-
+ const uint32_t threshold_; //!< Threshold, see constructor documentation.
}; // class TiffMetadataDecoder
/*!
--
exiv2 packaging
More information about the pkg-kde-commits
mailing list