1 Star 0 Fork 20

shirely/exiv2

forked from src-openEuler/exiv2 
加入 Gitee
与超过 1200万 开发者一起发现、参与优秀开源项目,私有仓库也完全免费 :)
免费加入
文件
该仓库未声明开源许可证文件(LICENSE),使用请关注具体项目描述及其代码上游依赖。
克隆/下载
CVE-2019-13114.patch 2.19 KB
一键复制 编辑 原始数据 按行查看 历史
hexiaowen 提交于 2019-09-30 10:38 . Package init
Backported of:
From c1bee7319a8b9e0d38f1988d70dc4fa5c52b83d1 Mon Sep 17 00:00:00 2001
From: Kevin Backhouse <kev@semmle.com>
Date: Tue, 30 Apr 2019 11:15:06 +0100
Subject: [PATCH] Avoid null pointer exception due to NULL return value from
strchr.
This fixes #793.
diff --git a/src/http.cpp b/src/http.cpp
index b8a429b..9c76f99 100644
--- a/src/http.cpp
+++ b/src/http.cpp
@@ -339,10 +339,14 @@ int Exiv2::http(dict_t& request,dict_t& response,std::string& errors)
// search for the body
for ( size_t b = 0 ; bSearching && b < lengthof(blankLines) ; b++ ) {
- if ( strstr(buffer,blankLines[b]) ) {
+ const char* blankLinePos = strstr(buffer,blankLines[b]);
+ if ( blankLinePos ) {
bSearching = false ;
- body = (int) ( strstr(buffer,blankLines[b]) - buffer ) + strlen(blankLines[b]) ;
- status = atoi(strchr(buffer,' ')) ;
+ body = blankLinePos - buffer + strlen(blankLines[b]);
+ const char* firstSpace = strchr(buffer,' ');
+ if (firstSpace) {
+ status = atoi(firstSpace);
+ }
}
}
@@ -352,9 +356,19 @@ int Exiv2::http(dict_t& request,dict_t& response,std::string& errors)
char N = '\n';
int i = 0 ; // initial byte in buffer
while(buffer[i] == N ) i++;
- h = strchr(h+i,N)+1;
+ h = strchr(h+i,N);
+ if (!h) {
+ status = 0;
+ break;
+ }
+ h++;
response[""]=std::string(buffer+i).substr(0,h-buffer-2);
- result = atoi(strchr(buffer,' '));
+ const char* firstSpace = strchr(buffer,' ');
+ if ( !firstSpace ) {
+ status = 0;
+ break;
+ }
+ result = atoi(firstSpace);
char* c = strchr(h,C);
char* n = strchr(h,N);
while ( c && n && c < n && h < buffer+body ) {
Loading...
马建仓 AI 助手
尝试更多
代码解读
代码找茬
代码优化
1
https://gitee.com/shirely16/exiv2.git
git@gitee.com:shirely16/exiv2.git
shirely16
exiv2
exiv2
master

搜索帮助