Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

mrwimage bounds checking #946

Merged
merged 2 commits into from Jul 7, 2019
Merged

mrwimage bounds checking #946

merged 2 commits into from Jul 7, 2019

Conversation

kevinbackhouse
Copy link
Collaborator

The bug in #943 was caused by a missing bounds check in MemIo. But I noticed that the code in mrwimage.cpp also ought to be more careful about bounds checking.

@codecov
Copy link

codecov bot commented Jul 5, 2019
edited

Codecov Report

Merging #946 into 0.27-maintenance will increase coverage by 0.14%.
The diff coverage is 77.77%.

Impacted file tree graph

@@                 Coverage Diff                  @@
##           0.27-maintenance     #946      +/-   ##
====================================================
+ Coverage             62.89%   63.03%   +0.14%     
====================================================
  Files                   156      156              
  Lines                 21626    21628       +2     
====================================================
+ Hits                  13602    13634      +32     
+ Misses                 8024     7994      -30
Impacted Files Coverage Δ
src/mrwimage.cpp 57.35% <77.77%> (+45.23%) ⬆️
include/exiv2/mrwimage.hpp 100% <0%> (+100%) ⬆️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 1a9bae4...be875ce. Read the comment docs.

piponazo
piponazo approved these changes Jul 7, 2019
View reviewed changes
Copy link
Collaborator

@piponazo piponazo left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks a lot for your contribution! LGTM

@piponazo piponazo merged commit b7a9785 into Exiv2:0.27-maintenance Jul 7, 2019
@mergify mergify bot mentioned this pull request Jul 7, 2019
Merged
piponazo added a commit that referenced this pull request Jul 7, 2019
@piponazo
Merge pull request #948 from Exiv2/mergify/bp/master/pr-946
513cff6 
mrwimage bounds checking (bp #946)
@yevgenypats
Copy link
Contributor

This has been assigned CVE-2019-13504. thx!

@kevinbackhouse kevinbackhouse mentioned this pull request Jul 11, 2019
Closed
@clanmills clanmills mentioned this pull request Jul 11, 2019
Merged
@kevinbackhouse kevinbackhouse deleted the mrmimage_bounds_checking branch September 18, 2021 12:51
@kevinbackhouse kevinbackhouse added this to the v0.27.2 milestone Nov 4, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@piponazo piponazo piponazo approved these changes

Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
v0.27.2
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@kevinbackhouse @yevgenypats @piponazo