summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2020-06-08Ensure the MakerNote data pointers are initialized with NULL.tizen_6.0.m2_releasesubmit/tizen_6.0_hotfix/20201103.115102submit/tizen_6.0_hotfix/20201102.192902submit/tizen_6.0/20201029.205502submit/tizen/20200608.074032accepted/tizen/unified/20200609.153652accepted/tizen/6.0/unified/hotfix/20201103.050952accepted/tizen/6.0/unified/hotfix/20201102.233921accepted/tizen/6.0/unified/20201030.110329tizen_6.0_hotfixtizen_6.0accepted/tizen_6.0_unified_hotfixaccepted/tizen_6.0_unifiedDan Fandrich5-1/+5
This ensures that an uninitialized pointer isn't dereferenced later in the case where the number of components (and therefore size) is 0. This fixes the second issue reported at https://sourceforge.net/p/libexif/bugs/125/ CVE-2020-13113 Change-Id: I93a19b0d66ef34b22a4485a492be92836711eb0a Signed-off-by: Jeongmo Yang <jm80.yang@samsung.com>
2020-06-08Fix MakerNote tag size overflow issues at read time.Dan Fandrich4-22/+68
Check for a size overflow while reading tags, which ensures that the size is always consistent for the given components and type of the entry, making checking further down superfluous. This provides an alternate fix for https://sourceforge.net/p/libexif/bugs/125/ CVE-2016-6328 and for all the MakerNote types. Likely, this makes both commits 41bd0423 and 89e5b1c1 redundant as it ensures that MakerNote entries are well-formed when they're populated. Some improvements on top by Marcus Meissner <marcus@jet.franken.de> CVE-2020-13112 Change-Id: I334efda3fbf2b0bae831f74e8fa866303d0ec93b Signed-off-by: Jeongmo Yang <jm80.yang@samsung.com>
2019-04-15Improve deep recursion detection in exif_data_load_data_content.tizen_5.5.m2_releasesubmit/tizen_5.5_wearable_hotfix/20201026.184307submit/tizen_5.5_mobile_hotfix/20201026.185107submit/tizen_5.5/20191031.000007submit/tizen/20190415.103526accepted/tizen/unified/20190416.071505accepted/tizen/5.5/unified/wearable/hotfix/20201027.100532accepted/tizen/5.5/unified/mobile/hotfix/20201027.074220accepted/tizen/5.5/unified/20191031.011749tizen_5.5_wearable_hotfixtizen_5.5_tvtizen_5.5_mobile_hotfixtizen_5.5accepted/tizen_5.5_unified_wearable_hotfixaccepted/tizen_5.5_unified_mobile_hotfixaccepted/tizen_5.5_unifiedDan Fandrich1-8/+37
The existing detection was still vulnerable to pathological cases causing DoS by wasting CPU. The new algorithm takes the number of tags into account to make it harder to abuse by cases using shallow recursion but with a very large number of tags. This improves on commit 5d28011c which wasn't sufficient to counter this kind of case. The limitation in the previous fix was discovered by Laurent Delosieres, Secunia Research at Flexera (Secunia Advisory SA84652) and is assigned the identifier CVE-2018-20030. Change-Id: I0ea69965f94d762c4f43c587504469259108456f Signed-off-by: Jeongmo Yang <jm80.yang@samsung.com>
2017-12-13Fix CVE-2017-7544submit/tizen_5.0/20181101.000007submit/tizen/20171213.045006accepted/tizen/unified/20171213.153238accepted/tizen/5.0/unified/20181102.030422tizen_5.0accepted/tizen_5.0_unifiedJeongmo Yang2-1/+7
Tue Jul 25 21:38:56 2017 UTC (2 months, 2 weeks ago) by marcusmeissner Branch: MAIN CVS Tags: HEAD Changes since 1.131: +6 -0 lines Diff to previous 1.131 On saving makernotes, make sure the makernote container tags has a type with 1 byte components. Fixes (at least): https://sourceforge.net/p/libexif/bugs/130 https://sourceforge.net/p/libexif/bugs/129 [Version] 0.6.21-3 [Profile] Common [Issue Type] CVE Change-Id: I2649b5cadbac7c7cd285d537b918dda56e637f3a Signed-off-by: Jeongmo Yang <jm80.yang@samsung.com>
2017-03-28Update spec file for license macrotizen_4.0.m2_releasetizen_4.0.m1_releasetizen_4.0.IoT.p1_releasesubmit/tizen_4.0/20170828.100006submit/tizen_4.0/20170811.094300submit/tizen/20170328.103759accepted/tizen/wearable/20170329.221914accepted/tizen/unified/20170329.221947accepted/tizen/tv/20170329.221858accepted/tizen/mobile/20170329.221821accepted/tizen/ivi/20170329.221930accepted/tizen/common/20170329.171857accepted/tizen/4.0/unified/20170828.222846accepted/tizen/4.0/unified/20170816.013605accepted/tizen_wearableaccepted/tizen_tvaccepted/tizen_mobileaccepted/tizen_iviaccepted/tizen_commonJeongmo Yang1-5/+3
[Version] 0.6.21-2 [Profile] Common [Issue Type] Update [Dependency module] N/A Change-Id: Ib8876c56489a4a5d2d8d2fe4eb03bb5b10f5a6e9 Signed-off-by: Jeongmo Yang <jm80.yang@samsung.com>
2016-06-171. Remove samsung extension code, 2. Block unnecessary build and exclude doc ↵submit/tizen_unified/20170308.100414submit/tizen_3.0_wearable/20161015.000003submit/tizen_3.0_tv/20161015.000003submit/tizen_3.0_mobile/20161015.000003submit/tizen_3.0_ivi/20161010.000003submit/tizen_3.0_common/20161104.104000submit/tizen_3.0.m2/20170104.093753submit/tizen/20160627.065544submit/tizen/20160623.063229submit/submit/tizen/20160623.063229/20160623.063406accepted/tizen/wearable/20160629.015958accepted/tizen/unified/20170309.040048accepted/tizen/tv/20160629.015929accepted/tizen/mobile/20160629.015834accepted/tizen/ivi/20160629.015912accepted/tizen/common/20160629.222220accepted/tizen/common/20160627.191504accepted/tizen/3.0/wearable/20161015.083213accepted/tizen/3.0/tv/20161016.004914accepted/tizen/3.0/mobile/20161015.033422accepted/tizen/3.0/ivi/20161011.044313accepted/tizen/3.0/common/20161114.110951accepted/tizen/3.0.m2/wearable/20170105.025020accepted/tizen/3.0.m2/tv/20170105.024852accepted/tizen/3.0.m2/mobile/20170105.024711tizen_3.0_tvtizen_3.0.m2accepted/tizen_3.0_wearableaccepted/tizen_3.0_tvaccepted/tizen_3.0_mobileaccepted/tizen_3.0_iviaccepted/tizen_3.0_commonaccepted/tizen_3.0.m2_wearableaccepted/tizen_3.0.m2_tvaccepted/tizen_3.0.m2_mobileJeongmo Yang18-17832/+44
related files Change-Id: Iab15d7e450e11c86b648a31f4fbd82eb6ae3b1a7 Signed-off-by: Jeongmo Yang <jm80.yang@samsung.com>
2013-06-29resetting manifest requested domain to floortizen_3.0_ivi_releasetizen_3.0.m2.a1_tv_releasetizen_3.0.m2.a1_mobile_releasetizen_3.0.m1_tv_releasetizen_3.0.m1_mobile_releasetizen_3.0.m14.3_ivi_releasetizen_3.0.m14.2_ivi_releasetizen_3.0.2014.q3_common_releasesubmit/tizen_mobile/20141120.000000submit/tizen_ivi_genivi/20140131.023309submit/tizen_ivi/20160217.000006submit/tizen_ivi/20160217.000000submit/tizen_common/20151026.085049submit/tizen_common/20151023.083358submit/tizen_common/20151019.135620submit/tizen_common/20151015.190624submit/tizen/20130912.090251submit/tizen/20130912.075943submit/tizen/20130710.132410ivi_oct_m2accepted/tizen/ivi/genivi/20140131.024025accepted/tizen/ivi/20160218.025300accepted/tizen/20130912.195828accepted/tizen/20130912.191731accepted/tizen/20130912.150234accepted/tizen/20130912.095640accepted/tizen/20130912.094035accepted/tizen/20130710.215910tizen_ivi_genivitizen_3.0_ivitizen_3.0.m1_tvtizen_3.0.m1_mobiletizen_3.0.m14.3_ivitizen_3.0.m14.2_ivitizen_3.0.2015.q2_commontizen_3.0.2015.q1_commontizen_3.0.2014.q4_commontizen_3.0.2014.q3_commonaccepted/tizen_genericaccepted/tizen_3.0.m14.3_iviaccepted/tizen_3.0.2014.q3_commonaccepted/tizen/ivi/stableaccepted/tizen/ivi/geniviAlexandru Cornea2-0/+9
2013-06-20add samsung device supportsubmit/tizen/20130620.182649Anas Nashif14-8/+1506
2013-05-15Set license using %licensesubmit/tizen/20130517.023025submit/tizen/20130515.050142accepted/tizen/20130520.095854Anas Nashif2-1/+4
2012-11-03add packagingsubmit/trunk/20130325.083309submit/tizen/20130509.181038submit/tizen/20130503.223707accepted/trunk/20130325.212953accepted/tizen/20130503.222322Anas Nashif1-1/+1
2012-11-03add packagingAnas Nashif2-0/+62
2012-11-03Imported Upstream version 0.6.21upstream/0.6.21Anas Nashif210-0/+223101
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-04 20:23:47 +0000