From fd722e9ce8e7760658d1d97c88e4a52ee78b1b7e Mon Sep 17 00:00:00 2001 From: Christophe Grenier Date: Sun, 31 Aug 2008 11:44:19 +0200 Subject: [PATCH] PhotoRec: avoid out-of-bound read access when extracting jpeg date --- src/file_jpg.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/src/file_jpg.c b/src/file_jpg.c index e697798c..d6c45aab 100644 --- a/src/file_jpg.c +++ b/src/file_jpg.c @@ -2,7 +2,7 @@ File: file_jpg.c - Copyright (C) 1998-2007 Christophe GRENIER + Copyright (C) 1998-2008 Christophe GRENIER This software is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -104,7 +104,7 @@ static time_t get_date_from_tiff_header(const struct tiff_entry *tiff, const uns const struct ifd_entry *ifd; unsigned int j; for(j=0, ifd=&ifd0->ifd; - jnbr_fields) && (const char*)(ifd+1) <= (const char*)tiff+tiff_size; + (const char*)(ifd+1) <= (const char*)tiff+tiff_size && jnbr_fields); j++, ifd++) { if(be16(ifd->tag)==0x132) @@ -120,7 +120,7 @@ static time_t get_date_from_tiff_header(const struct tiff_entry *tiff, const uns if(ifd1!=NULL) { /* Exif */ for(j=0, ifd=&ifd1->ifd; - jnbr_fields) && (const char*)(ifd+1) <= (const char*)tiff+tiff_size; + (const char*)(ifd+1) <= (const char*)tiff+tiff_size && jnbr_fields); j++, ifd++) { if(be16(ifd->tag)==0x9003) /* DateTimeOriginal */ @@ -141,13 +141,13 @@ static time_t get_date_from_tiff_header(const struct tiff_entry *tiff, const uns { if(tiff_size < le32(tiff->ifd0_offset)+sizeof(struct ifd_entry)) return (time_t)0; - { + { const struct ifd_header *ifd0=(const struct ifd_header *)((const char*)tiff + le32(tiff->ifd0_offset)); const struct ifd_header *ifd1=NULL; const struct ifd_entry *ifd; unsigned int j; for(j=0, ifd=&ifd0->ifd; - jnbr_fields) && (const char*)(ifd+1) <= (const char*)tiff+tiff_size; + (const char*)(ifd+1) <= (const char*)tiff+tiff_size && jnbr_fields); j++, ifd++) { if(le16(ifd->tag)==0x132) @@ -163,7 +163,7 @@ static time_t get_date_from_tiff_header(const struct tiff_entry *tiff, const uns if(ifd1!=NULL) { /* Exif */ for(j=0, ifd=&ifd1->ifd; - jnbr_fields) && (const char*)(ifd+1) <= (const char*)tiff+tiff_size; + (const char*)(ifd+1) <= (const char*)tiff+tiff_size && jnbr_fields); j++, ifd++) { if(le16(ifd->tag)==0x9003) /* DateTimeOriginal */