Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Sign up
Appearance settings

Commit 7dcdc1a

Browse files
committed
exif/heic: Prevent overflow when computing meta bounds
1 parent df6aeaa commit 7dcdc1a

File tree

1 file changed

+2
-1
lines changed

1 file changed

+2
-1
lines changed

‎ext/exif/exif.c

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -4408,7 +4408,8 @@ static bool exif_scan_HEIF_header(image_info_type *ImageInfo, unsigned char *buf
44084408
exif_isobmff_parse_meta(data, data + limit, &pos);
44094409
}
44104410
if ((pos.size) &&
4411-
(ImageInfo->FileSize >= pos.offset + pos.size) &&
4411+
(pos.size < ImageInfo->FileSize) &&
4412+
(ImageInfo->FileSize - pos.size >= pos.offset) &&
44124413
(php_stream_seek(ImageInfo->infile, pos.offset + 2, SEEK_SET) >= 0)) {
44134414
if (limit >= pos.size - 2) {
44144415
limit = pos.size - 2;

0 commit comments

Comments
(0)

AltStyle によって変換されたページ (->オリジナル) /