Skip to content

Commit

Permalink
CVE-2021-33367 Patch Fix
Browse files Browse the repository at this point in the history 
Buffer Overflow vulnerability in Freeimage v3.18.0 allows attacker to cause a denial of service via a crafted JXR file.

Tryna to start something bah

https://sourceforge.net/p/freeimage/discussion/36109/thread/1a4db03d58/
  • Loading branch information
@danoli3
danoli3 committed Apr 14, 2023
1 parent 7f22cb3 commit 669b06a
Showing 1 changed file with 6 additions and 1 deletion.
7 changes: 6 additions & 1 deletion Source/Metadata/Exif.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -719,8 +719,13 @@ jpeg_read_exif_dir(FIBITMAP *dib, const BYTE *tiffp, DWORD dwOffsetIfd0, DWORD d
//

const WORD entriesCount0th = ReadUint16(msb_order, ifd0th);

const BYTE* de_addr = DIR_ENTRY_ADDR(ifd0th, entriesCount0th);
if(de_addr+4 >= (BYTE*)(dwLength + ifd0th - tiffp)) {
return TRUE; //< no thumbnail
}

DWORD next_offset = ReadUint32(msb_order, DIR_ENTRY_ADDR(ifd0th, entriesCount0th));
DWORD next_offset = ReadUint32(msb_order, de_addr);
if((next_offset == 0) || (next_offset >= dwLength)) {
return TRUE; //< no thumbnail
}
Expand Down

0 comments on commit 669b06a

Please sign in to comment.