Skip to content

Commit

Permalink
exif: protect against EXIF data overflow
Browse files Browse the repository at this point in the history 
Relates #1042
  • Loading branch information
@bradh
bradh committed Dec 18, 2023
1 parent e3a17ca commit 4dca3dd
Showing 1 changed file with 2 additions and 3 deletions.
5 changes: 2 additions & 3 deletions examples/encoder_jpeg.cc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -177,12 +177,11 @@ bool JpegEncoder::Encode(const struct heif_image_handle* handle,
static const uint8_t kExifMarker = JPEG_APP0 + 1;

uint32_t skip = (exifdata[0]<<24) | (exifdata[1]<<16) | (exifdata[2]<<8) | exifdata[3];
skip += 4;

if (skip > exifsize) {
if (skip > (exifsize - 4)) {
fprintf(stderr, "Invalid EXIF data (offset too large)\n");
return false;
}
skip += 4;

uint8_t* ptr = exifdata + skip;
size_t size = exifsize - skip;
Expand Down

0 comments on commit 4dca3dd

Please sign in to comment.