Gitiles
Code Review Sign In
gerrit-public.fairphone.software / fp2-dev / platform / external / jhead / refs/tags/FP2-open-16.12.0
commit92f207cbcf8e03084709101abfd59124a5cbc3a9[log] [tgz]
authorTeow Wan Yee <wy.teow@hi-p.com>Wed Aug 24 09:50:36 2016 +0800
committerJeron Susan <jeron.susan@hi-p.com>Wed Aug 24 11:47:04 2016 +0800
treec697be7f10f9263b2dbb4b9f5ca9be486c6a018b
parentd0dbe6303812bf4f9a365ca686171b0d2f80b193 [diff]
FPII-2292 : Update- Remote code execution vulnerability in libjhead CVE-2016-3822 A-30074856

A-30074856 The offsetval length passed to ProcessExifDir in jhead could lead
to an out-of-bounds write.
This fix is designed to check offsetval for an integer overflow to prevent an
out-of-bounds write.

Change-Id: I168017a307b8a63dea793dd1a82b8c3dec3a69fa
2 files changed
tree: c697be7f10f9263b2dbb4b9f5ca9be486c6a018b
  1. Android.mk
  2. CleanSpec.mk
  3. exif.c
  4. gpsinfo.c
  5. iptc.c
  6. jhead.c
  7. jhead.h
  8. jpgfile.c
  9. main.c
  10. makernote.c
  11. MODULE_LICENSE_PUBLIC_DOMAIN
  12. NOTICE