exiv2/0002-CVE-2019-13112.patch

From bcaca801fb0a3a594b35ab06044d1e8055ec04a7 Mon Sep 17 00:00:00 2001
From: Kevin Backhouse <kev@semmle.com>
Date: Tue, 14 May 2019 09:58:42 +0100
Subject: [PATCH] Merge two enforces into one.

---
 src/pngchunk.cpp | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/src/pngchunk.cpp b/src/pngchunk.cpp
index 64a370e5f..714b95b48 100644
--- a/src/pngchunk.cpp
+++ b/src/pngchunk.cpp
@@ -668,8 +668,7 @@ namespace Exiv2 {
         }
 
         long length = (long) atol(startOfLength);
-        enforce(length >= 0, Exiv2::kerCorruptedMetadata);
-        enforce(length <= (eot - sp)/2, Exiv2::kerCorruptedMetadata);
+        enforce(0 <= length && length <= (eot - sp)/2, Exiv2::kerCorruptedMetadata);
 
         // Allocate space
         if (length == 0)
Package init 2019-12-25 15:45:26 +08:00			`From bcaca801fb0a3a594b35ab06044d1e8055ec04a7 Mon Sep 17 00:00:00 2001`
			`From: Kevin Backhouse <kev@semmle.com>`
			`Date: Tue, 14 May 2019 09:58:42 +0100`
			`Subject: [PATCH] Merge two enforces into one.`

			`---`
			`src/pngchunk.cpp \| 3 +--`
			`1 file changed, 1 insertion(+), 2 deletions(-)`

			`diff --git a/src/pngchunk.cpp b/src/pngchunk.cpp`
			`index 64a370e5f..714b95b48 100644`
			`--- a/src/pngchunk.cpp`
			`+++ b/src/pngchunk.cpp`
			`@@ -668,8 +668,7 @@ namespace Exiv2 {`
			`}`

			`long length = (long) atol(startOfLength);`
			`- enforce(length >= 0, Exiv2::kerCorruptedMetadata);`
			`- enforce(length <= (eot - sp)/2, Exiv2::kerCorruptedMetadata);`
			`+ enforce(0 <= length && length <= (eot - sp)/2, Exiv2::kerCorruptedMetadata);`

			`// Allocate space`
			`if (length == 0)`