!61 fix：CVE-2022-3755

From: @qz_cx Reviewed-by: @small_leek Signed-off-by: @small_leek
2022-11-10 06:28:20 +00:00 · 2022-11-10 06:28:20 +00:00 · dd52ab16bf
commit dd52ab16bf
parent 869435fa98 6b6795dd5b
2 changed files with 36 additions and 1 deletions
--- a/CVE-2022-3755.patch
+++ b/CVE-2022-3755.patch
@ -0,0 +1,28 @@
+From 789ec5408f885709eef0a820416658b6e3882c0c Mon Sep 17 00:00:00 2001
+From: qz_cx <wangqingzheng@kylinos.cn>
+Date: Mon, 31 Oct 2022 15:13:45 +0800
+Subject: [PATCH] Credit to
+ OSS-Fuzz:https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=52382
+
+Avoid null pointer deref #2384
+ Merged
+kevinbackhouse merged 2 commits into Exiv2
+---
+ src/quicktimevideo.cpp | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/src/quicktimevideo.cpp b/src/quicktimevideo.cpp
+index 335d884..ef1a6e5 100644
+--- a/src/quicktimevideo.cpp
+++ b/src/quicktimevideo.cpp
+@@ -915,6 +915,7 @@ namespace Exiv2 {
+             }
+ 
+             else if(equalsQTimeTag(buf, "CMbo") || equalsQTimeTag(buf, "Cmbo")) {
+		enforce(tv, Exiv2::ErrorCode::kerCorruptedMetadata);
+                 io_->read(buf.pData_, 2);
+                 buf.pData_[2] = '\0' ;
+                 tv_internal = find(cameraByteOrderTags, Exiv2::toString( buf.pData_));
+-- 
+2.33.0
+
--- a/exiv2.spec
+++ b/exiv2.spec
@ -1,11 +1,12 @@
 Name:    exiv2
 Version: 0.27.5
-Release: 1
+Release: 2
 Summary: Exif, IPTC and XMP metadata and the ICC Profile
 License: GPLv2+
 URL:     http://www.exiv2.org/
 Source0: https://github.com/Exiv2/exiv2/archive/refs/tags/v%{version}.tar.gz

+Patch: CVE-2022-3755.patch
 Provides: exiv2-libs
 Obsoletes: exiv2-libs

@ -74,6 +75,12 @@ test -x %{buildroot}%{_libdir}/libexiv2.so
 %{_pkgdocdir}/

 %changelog
+* Sat Sep 17 2022 qz_cx <wangqingzheng@kylinos.cn> - 0.27.5-2
+- Type:CVE
+- ID:NA
+- SUG:NA
+- DESC: fix CVE-2022-3755
+
 * Tue Nov 23 2021 wangkai <wangkai385@huawei.com> - 0.27.5-1
 - Upgrade to 0.27.5