|
Revision tags: php-7.3.13RC1, php-7.2.26RC1, php-7.4.0, php-7.2.25, php-7.3.12, php-7.4.0RC6, php-7.3.12RC1, php-7.2.25RC1, php-7.4.0RC5, php-7.1.33, php-7.2.24, php-7.3.11, php-7.4.0RC4, php-7.3.11RC1, php-7.2.24RC1, php-7.4.0RC3, php-7.2.23, php-7.3.10, php-7.4.0RC2, php-7.2.23RC1, php-7.3.10RC1, php-7.4.0RC1, php-7.1.32, php-7.2.22, php-7.3.9, php-7.4.0beta4, php-7.2.22RC1, php-7.3.9RC1, php-7.4.0beta2, php-7.1.31, php-7.2.21, php-7.3.8, php-7.4.0beta1, php-7.2.21RC1, php-7.3.8RC1, php-7.4.0alpha3 |
|
| #
aeb6d131 |
| 08-Jul-2019 |
Stanislav Malyshev |
Fix bug #78256 (heap-buffer-overflow on exif_process_user_comment)
|
| #
dea2989a |
| 08-Jul-2019 |
Stanislav Malyshev |
Fix bug #78222 (heap-buffer-overflow on exif_scan_thumbnail)
|
|
Revision tags: php-7.3.7, php-7.2.20, php-7.4.0alpha2, php-7.3.7RC3, php-7.3.7RC2, php-7.2.20RC2, php-7.4.0alpha1, php-7.3.7RC1, php-7.2.20RC1, php-7.2.19, php-7.3.6, php-7.1.30 |
|
| #
73ff4193 |
| 28-May-2019 |
Stanislav Malyshev |
Fix bug #77988 - heap-buffer-overflow on php_jpg_get16
|
|
Revision tags: php-7.2.19RC1, php-7.3.6RC1, php-7.1.29, php-7.2.18, php-7.3.5 |
|
| #
f80ad18a |
| 30-Apr-2019 |
Stanislav Malyshev |
Fix bug #77950 - Heap-buffer-overflow in _estrndup via exif_process_IFD_TAG
I do not completely understand what is going on there, but I am pretty
sure dir_entry <= offset_base if not a
Fix bug #77950 - Heap-buffer-overflow in _estrndup via exif_process_IFD_TAG
I do not completely understand what is going on there, but I am pretty
sure dir_entry <= offset_base if not a normal situation, so we better not
to rely on such dir_entry.
show more ...
|
|
Revision tags: php-7.2.18RC1, php-7.3.5RC1, php-7.2.17, php-7.3.4, php-7.1.28 |
|
| #
dc1cd3da |
| 02-Apr-2019 |
Remi Collet |
fix paste issue
|
| #
01a4de5c |
| 02-Apr-2019 |
Christoph M. Becker |
Pointer arithmetic on void pointers is illegal
We quick-fix this by casting to char*; it might be more appropriate to
use char pointers in the first place.
|
| #
887a7b57 |
| 02-Apr-2019 |
Stanislav Malyshev |
Fixed bug #77831 - Heap-buffer-overflow in exif_iif_add_value in EXIF
|
|
Revision tags: php-7.3.4RC1, php-7.2.17RC1 |
|
| #
f3aefc6d |
| 18-Mar-2019 |
Stanislav Malyshev |
Fix bug #77753 - Heap-buffer-overflow in php_ifd_get32s
|
|
Revision tags: php-7.1.27, php-7.3.3, php-7.2.16 |
|
| #
8ac6fee8 |
| 02-Mar-2019 |
Stanislav Malyshev |
Fix bug #77563 - Uninitialized read in exif_process_IFD_in_MAKERNOTE
Also fix for bug #77659
|
| #
5f0e62a3 |
| 02-Mar-2019 |
Stanislav Malyshev |
Fix bug #77540 - Invalid Read on exif_process_SOFn
|
| #
5e824a88 |
| 02-Mar-2019 |
Stanislav Malyshev |
Fix integer overflows on 32-bits
|
|
Revision tags: php-7.3.3RC1, php-7.2.16RC1, php-7.2.15, php-7.3.2, php-7.2.15RC1, php-7.3.2RC1, php-5.6.40, php-7.1.26, php-7.3.1, php-7.2.14, php-7.2.14RC1, php-7.3.1RC1, php-5.6.39, php-7.1.25, php-7.2.13, php-7.0.33, php-7.3.0, php-7.1.25RC1, php-7.2.13RC1, php-7.3.0RC6, php-7.1.24, php-7.2.12, php-7.3.0RC5, php-7.1.24RC1, php-7.2.12RC1, php-7.3.0RC4, php-7.1.23, php-7.2.11, php-7.3.0RC3, php-7.1.23RC1, php-7.2.11RC1, php-7.3.0RC2, php-5.6.38, php-7.1.22, php-7.3.0RC1, php-7.2.10, php-7.0.32, php-7.1.22RC1, php-7.3.0beta3, php-7.2.10RC1, php-7.1.21, php-7.2.9, php-7.3.0beta2, php-7.1.21RC1, php-7.3.0beta1, php-7.2.9RC1, php-5.6.37, php-7.1.20, php-7.3.0alpha4, php-7.0.31, php-7.2.8, php-7.1.20RC1, php-7.2.8RC1, php-7.3.0alpha3 |
|
| #
3462efa3 |
| 02-Jul-2018 |
Stanislav Malyshev |
Fix bug #76557: heap-buffer-overflow (READ of size 48) while reading exif data
Use MAKERNOTE length as data size.
|
|
Revision tags: php-7.3.0alpha2, php-7.1.19 |
|
| #
1baeae42 |
| 19-Jun-2018 |
Stanislav Malyshev |
Fix bug #76423 - Int Overflow lead to Heap OverFlow in exif_thumbnail_extract of exif.c
|
|
Revision tags: php-7.2.7, php-7.1.19RC1, php-7.3.0alpha1, php-7.2.7RC1, php-7.1.18, php-7.2.6, php-7.2.6RC1, php-7.1.18RC1, php-5.6.36, php-7.2.5, php-7.1.17, php-7.0.30, php-7.1.17RC1, php-7.2.5RC1, php-5.6.35 |
|
| #
b4e4788c |
| 27-Mar-2018 |
Christoph M. Becker |
Fix #76130: Heap Buffer Overflow (READ: 1786) in exif_iif_add_value
The MakerNote is not necessarily null-terminated, so we must not use
`strlen()` to avoid OOB reads. Instead `php_strn
Fix #76130: Heap Buffer Overflow (READ: 1786) in exif_iif_add_value
The MakerNote is not necessarily null-terminated, so we must not use
`strlen()` to avoid OOB reads. Instead `php_strnlen()` is the proper
way to handle this.
show more ...
|
|
Revision tags: php-7.0.29, php-7.2.4, php-7.1.16, php-7.1.16RC1, php-7.2.4RC1, php-7.1.15, php-5.6.34, php-7.2.3, php-7.0.28, php-7.2.3RC1, php-7.1.15RC1, php-7.1.14, php-7.2.2, php-7.1.14RC1, php-7.2.2RC1, php-7.1.13, php-5.6.33, php-7.2.1, php-7.0.27 |
|
| #
ccd4716e |
| 02-Jan-2018 |
Xinchen Hui |
year++
|
|
Revision tags: php-7.2.1RC1, php-7.1.13RC1, php-7.0.27RC1, php-7.2.0, php-7.1.12, php-7.0.26, php-7.1.12RC1, php-7.2.0RC6, php-7.0.26RC1, php-7.1.11, php-5.6.32, php-7.2.0RC5, php-7.0.25, php-7.1.11RC1, php-7.2.0RC4, php-7.0.25RC1, php-7.1.10, php-7.2.0RC3, php-7.0.24, php-7.2.0RC2, php-7.1.10RC1, php-7.0.24RC1, php-7.1.9, php-7.2.0RC1, php-7.0.23, php-7.1.9RC1, php-7.2.0beta3, php-7.0.23RC1, php-7.1.8, php-7.2.0beta2, php-7.0.22, php-7.1.8RC1, php-7.2.0beta1, php-7.0.22RC1, php-5.6.31, php-7.0.21, php-7.1.7, php-7.2.0alpha3, php-7.1.7RC1, php-7.0.21RC1, php-7.2.0alpha2, php-7.1.6, php-7.2.0alpha1, php-7.0.20, php-7.1.6RC1, php-7.0.20RC1, php-7.1.5, php-7.0.19, php-7.0.19RC1, php-7.1.5RC1, php-7.1.4, php-7.0.18, php-7.1.4RC1, php-7.0.18RC1, php-7.1.3, php-7.0.17, php-7.1.3RC1, php-7.0.17RC1, php-7.1.2, php-7.0.16, php-7.0.16RC1, php-7.1.2RC1, php-5.6.30, php-7.0.15 |
|
| #
0ab1af7d |
| 16-Jan-2017 |
Stanislav Malyshev |
Update more functions with path check
|
|
Revision tags: php-5.6.30RC1, php-7.1.1RC1, php-7.0.15RC1 |
|
| #
900b17b1 |
| 05-Jan-2017 |
Nikita Popov |
Fix printf modifier
|
| #
dac6c639 |
| 04-Jan-2017 |
Sammy Kaye Powers |
Update copyright headers to 2017
|
| #
478f119a |
| 04-Jan-2017 |
Sammy Kaye Powers |
Update copyright headers to 2017
|
| #
1cda0d7c |
| 01-Jan-2017 |
Stanislav Malyshev |
Fix bug #73737 FPE when parsing a tag format
|
|
Revision tags: php-7.1.1, php-5.6.29, php-7.0.14, php-7.1.0, php-5.6.29RC1, php-7.0.14RC1, php-7.1.0RC6, php-5.6.28, php-7.0.13, php-5.6.28RC1, php-7.1.0RC5, php-7.0.13RC1, php-7.1.0RC4, php-5.6.27, php-7.0.12, php-7.1.0RC3, php-5.6.27RC1, php-7.0.12RC1, php-5.6.26, php-7.1.0RC2, php-7.0.11 |
|
| #
b578580e |
| 05-Sep-2016 |
Stanislav Malyshev |
Same issue as #72926 in another place.
|
|
Revision tags: php-5.6.26RC1, php-7.1.0RC1, php-7.0.11RC1, php-7.1.0beta3, php-5.6.25, php-7.0.10 |
|
| #
6dbb1ee4 |
| 08-Aug-2016 |
Stanislav Malyshev |
Fixed bug #72627: Memory Leakage In exif_process_IFD_in_TIFF
|
| #
24fb60ff |
| 08-Aug-2016 |
Stanislav Malyshev |
Fixed bug #72627: Memory Leakage In exif_process_IFD_in_TIFF
(cherry picked from commit 620b01337cc39f856ca68c34c35e154f5f0682fc)
Conflicts:
ext/exif/exif.c
|
|
Revision tags: php-7.1.0beta2, php-5.6.25RC1, php-7.0.10RC1 |
|
| #
662e5ae9 |
| 03-Aug-2016 |
Anatol Belski |
improve the check, avoid strlen on NULL
|
| #
835ef149 |
| 03-Aug-2016 |
Kalle Sommer Nielsen |
Changed the way MAKERNOTE is handled in case we do not have a matching signature (Remi).
Before this patch, exif_process_IFD_in_MAKERNOTE() would return false, then causing the rest of the E
Changed the way MAKERNOTE is handled in case we do not have a matching signature (Remi).
Before this patch, exif_process_IFD_in_MAKERNOTE() would return false, then causing the rest of the EXIF parsing to be interrupted. This is a regression from earlier which was most likely a part of a security fix for MAKERNOTE.
The new behavior is to instead of stopping to parse, to continue so we can still fetch data like thumbnail and GPS, thrus allowing yet unsupported formats to parse. If EXIF's debugging mode is enabled, a notice will display in case we do not match against a valid MAKERNOTE signature.
This should temporarily fix bug #72682 (exif_read_data() fails to read all data for some images) until I get around to debug it further.
show more ...
|
