Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[BP] ExifParser: Fix several out of bounds accesses while parsing exif information #22960

Merged
merged 2 commits into from Mar 11, 2023
Merged

[BP] ExifParser: Fix several out of bounds accesses while parsing exif information #22960

merged 2 commits into from Mar 11, 2023

Conversation

fuzzard
Copy link
Contributor

@fuzzard fuzzard commented Mar 11, 2023

Description

Backport #22380

Motivation and context

How has this been tested?

What is the effect on users?

Screenshots (if appropriate):

Types of change

  • Bug fix (non-breaking change which fixes an issue)
  • Clean up (non-breaking change which removes non-working, unmaintained functionality)
  • Improvement (non-breaking change which improves existing functionality)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that will cause existing functionality to change)
  • Cosmetic change (non-breaking change that doesn't touch code)
  • None of the above (please explain below)

Checklist:

  • My code follows the Code Guidelines of this project
  • My change requires a change to the documentation, either Doxygen or wiki
  • I have updated the documentation accordingly
  • I have read the Contributing document
  • I have added tests to cover my change
  • All new and existing tests passed

@fritsch
ExifParse: Don't run outside exif information
8021cb7 
When parsing exif information the number of entries could be tainted. Make
sure to not run behind the exif data by properly checking out of bounds.

Upstream? fix: https://android.googlesource.com/platform/external/jhead/+/34a2564d3268a5ca1472c5076675782fbaf724d6
@fritsch
ExifParse: Backport further upstream fixes
fd8fce6 
Partially via upstream commit:
https://android.googlesource.com/platform/external/jhead/+/2a4c12f5e5808e309b9ba04fe8b1539debf466d1
@fuzzard fuzzard added Type: Fix non-breaking change which fixes an issue Type: Backport v20 Nexus Security labels Mar 11, 2023
@fuzzard fuzzard added this to the Nexus 20.1 milestone Mar 11, 2023
@fuzzard fuzzard closed this Mar 11, 2023
@fuzzard fuzzard reopened this Mar 11, 2023
@fuzzard fuzzard merged commit 84523f9 into xbmc:Nexus Mar 11, 2023
1 check passed
@fuzzard fuzzard deleted the backport_fritsch_at25 branch March 11, 2023 10:27
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
Security Type: Backport Type: Fix non-breaking change which fixes an issue v20 Nexus
Projects
None yet
Milestone
Nexus 20.1
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@fuzzard @fritsch