Merge "Fix first IFD offset checking code"

author: Jaesung Chung <jaesung@google.com> 2016-01-26 02:56:20 +0000
committer: Android (Google) Code Review <android-gerrit@google.com> 2016-01-26 02:56:20 +0000
commit: 8d4868eb8368074ee3635646296899a03ea10cca (patch)
tree: 0d3497634f88e12c91902f44a3df74e4344337aa
parent: 4919937382b06b025ec4a08a098162707d3106bc (diff)
parent: 0e283e429e2d17ed746ffde362fb1bc7125f8035 (diff)
download: jhead-8d4868eb8368074ee3635646296899a03ea10cca.tar.gz
1 files changed, 3 insertions, 4 deletions
diff --git a/exif.c b/exif.c
index 2b076b7..55491fb 100644
--- a/exif.c
+++ b/exif.c
@@ -1081,7 +1081,7 @@ static void ProcessExifDir(unsigned char * DirStart, unsigned char * OffsetBase,
 //--------------------------------------------------------------------------
 void process_EXIF (unsigned char * ExifSection, unsigned int length)
 {
-    int FirstOffset;
+    unsigned FirstOffset;
 
     FocalplaneXRes = 0;
     FocalplaneUnits = 0;
@@ -1120,9 +1120,8 @@ void process_EXIF (unsigned char * ExifSection, unsigned int length)
     }
 
     FirstOffset = Get32u(ExifSection+12);
-    if (FirstOffset < 8 || FirstOffset > 16){
-        // Usually set to 8, but other values valid too.
-        ErrNonfatal("Suspicious offset of first IFD value",0,0);
+    if (FirstOffset < 8 || FirstOffset+8 >= length) {
+        ErrNonfatal("Invalid offset of first IFD value: %u", FirstOffset, 0);
         return;
     }
author	Jaesung Chung <jaesung@google.com>	2016-01-26 02:56:20 +0000
committer	Android (Google) Code Review <android-gerrit@google.com>	2016-01-26 02:56:20 +0000
commit	8d4868eb8368074ee3635646296899a03ea10cca (patch)
tree	0d3497634f88e12c91902f44a3df74e4344337aa
parent	4919937382b06b025ec4a08a098162707d3106bc (diff)
parent	0e283e429e2d17ed746ffde362fb1bc7125f8035 (diff)
download	jhead-8d4868eb8368074ee3635646296899a03ea10cca.tar.gz