exiv2/CVE-2019-13110.patch

--- a/src/crwimage.cpp	2019-07-17 16:22:44.284000000 +0800
+++ b/src/crwimage_1.cpp	2019-07-17 16:23:57.032000000 +0800
@@ -460,7 +460,7 @@ namespace Exiv2 {
 #endif
         o += 2;
         for (uint16_t i = 0; i < count; ++i) {
-            if (o + 10 > size) throw Error(33);
+            if (size < 10 || o > size-10) throw Error(33);
             uint16_t tag = getUShort(pData + o, byteOrder);
             CiffComponent::AutoPtr m;
             switch (CiffComponent::typeId(tag)) {
Package init 2019-09-30 10:38:30 -04:00			`--- a/src/crwimage.cpp 2019-07-17 16:22:44.284000000 +0800`
			`+++ b/src/crwimage_1.cpp 2019-07-17 16:23:57.032000000 +0800`
			`@@ -460,7 +460,7 @@ namespace Exiv2 {`
			`#endif`
			`o += 2;`
			`for (uint16_t i = 0; i < count; ++i) {`
			`- if (o + 10 > size) throw Error(33);`
			`+ if (size < 10 \|\| o > size-10) throw Error(33);`
			`uint16_t tag = getUShort(pData + o, byteOrder);`
			`CiffComponent::AutoPtr m;`
			`switch (CiffComponent::typeId(tag)) {`