| OLD | NEW |
|---|
| 1 /* exif-data.c | 1 /* exif-data.c |
| 2 * | 2 * |
| 3 * Copyright (c) 2001 Lutz Mueller <lutz@users.sourceforge.net> | 3 * Copyright (c) 2001 Lutz Mueller <lutz@users.sourceforge.net> |
| 4 * | 4 * |
| 5 * This library is free software; you can redistribute it and/or | 5 * This library is free software; you can redistribute it and/or |
| 6 * modify it under the terms of the GNU Lesser General Public | 6 * modify it under the terms of the GNU Lesser General Public |
| 7 * License as published by the Free Software Foundation; either | 7 * License as published by the Free Software Foundation; either |
| 8 * version 2 of the License, or (at your option) any later version. | 8 * version 2 of the License, or (at your option) any later version. |
| 9 * | 9 * |
| 10 * This library is distributed in the hope that it will be useful, | 10 * This library is distributed in the hope that it will be useful, |
| (...skipping 346 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 357 static void | 357 static void |
| 358 exif_data_load_data_content (ExifData *data, ExifIfd ifd, | 358 exif_data_load_data_content (ExifData *data, ExifIfd ifd, |
| 359 const unsigned char *d, | 359 const unsigned char *d, |
| 360 unsigned int ds, unsigned int offset, unsigned int
recursion_depth) | 360 unsigned int ds, unsigned int offset, unsigned int
recursion_depth) |
| 361 { | 361 { |
| 362 ExifLong o, thumbnail_offset = 0, thumbnail_length = 0; | 362 ExifLong o, thumbnail_offset = 0, thumbnail_length = 0; |
| 363 ExifShort n; | 363 ExifShort n; |
| 364 ExifEntry *entry; | 364 ExifEntry *entry; |
| 365 unsigned int i; | 365 unsigned int i; |
| 366 ExifTag tag; | 366 ExifTag tag; |
| 367 const unsigned int original_offset = offset; |
| 367 | 368 |
| 368 if (!data || !data->priv) | 369 if (!data || !data->priv) |
| 369 return; | 370 return; |
| 370 | 371 |
| 371 /* check for valid ExifIfd enum range */ | 372 /* check for valid ExifIfd enum range */ |
| 372 if ((((int)ifd) < 0) || ( ((int)ifd) >= EXIF_IFD_COUNT)) | 373 if ((((int)ifd) < 0) || ( ((int)ifd) >= EXIF_IFD_COUNT)) |
| 373 return; | 374 return; |
| 374 | 375 |
| 375 if (recursion_depth > 30) { | 376 if (recursion_depth > 30) { |
| 376 exif_log (data->priv->log, EXIF_LOG_CODE_CORRUPT_DATA, "ExifData
", | 377 exif_log (data->priv->log, EXIF_LOG_CODE_CORRUPT_DATA, "ExifData
", |
| (...skipping 32 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 409 data->priv->order); | 410 data->priv->order); |
| 410 /* FIXME: IFD_POINTER tags aren't marked as being in a | 411 /* FIXME: IFD_POINTER tags aren't marked as being in a |
| 411 * specific IFD, so exif_tag_get_name_in_ifd won't work | 412 * specific IFD, so exif_tag_get_name_in_ifd won't work |
| 412 */ | 413 */ |
| 413 exif_log (data->priv->log, EXIF_LOG_CODE_DEBUG, "ExifDat
a", | 414 exif_log (data->priv->log, EXIF_LOG_CODE_DEBUG, "ExifDat
a", |
| 414 "Sub-IFD entry 0x%x ('%s') at %u.", tag, | 415 "Sub-IFD entry 0x%x ('%s') at %u.", tag, |
| 415 exif_tag_get_name(tag), o); | 416 exif_tag_get_name(tag), o); |
| 416 switch (tag) { | 417 switch (tag) { |
| 417 case EXIF_TAG_EXIF_IFD_POINTER: | 418 case EXIF_TAG_EXIF_IFD_POINTER: |
| 418 CHECK_REC (EXIF_IFD_EXIF); | 419 CHECK_REC (EXIF_IFD_EXIF); |
| 420 if (o == original_offset) |
| 421 return; |
| 419 exif_data_load_data_content (data, EXIF_IFD_EXIF
, d, ds, o, recursion_depth + 1); | 422 exif_data_load_data_content (data, EXIF_IFD_EXIF
, d, ds, o, recursion_depth + 1); |
| 420 break; | 423 break; |
| 421 case EXIF_TAG_GPS_INFO_IFD_POINTER: | 424 case EXIF_TAG_GPS_INFO_IFD_POINTER: |
| 422 CHECK_REC (EXIF_IFD_GPS); | 425 CHECK_REC (EXIF_IFD_GPS); |
| 426 if (o == original_offset) |
| 427 return; |
| 423 exif_data_load_data_content (data, EXIF_IFD_GPS,
d, ds, o, recursion_depth + 1); | 428 exif_data_load_data_content (data, EXIF_IFD_GPS,
d, ds, o, recursion_depth + 1); |
| 424 break; | 429 break; |
| 425 case EXIF_TAG_INTEROPERABILITY_IFD_POINTER: | 430 case EXIF_TAG_INTEROPERABILITY_IFD_POINTER: |
| 426 CHECK_REC (EXIF_IFD_INTEROPERABILITY); | 431 CHECK_REC (EXIF_IFD_INTEROPERABILITY); |
| 432 if (o == original_offset) |
| 433 return; |
| 427 exif_data_load_data_content (data, EXIF_IFD_INTE
ROPERABILITY, d, ds, o, recursion_depth + 1); | 434 exif_data_load_data_content (data, EXIF_IFD_INTE
ROPERABILITY, d, ds, o, recursion_depth + 1); |
| 428 break; | 435 break; |
| 429 case EXIF_TAG_JPEG_INTERCHANGE_FORMAT: | 436 case EXIF_TAG_JPEG_INTERCHANGE_FORMAT: |
| 430 thumbnail_offset = o; | 437 thumbnail_offset = o; |
| 431 if (thumbnail_offset && thumbnail_length) | 438 if (thumbnail_offset && thumbnail_length) |
| 432 exif_data_load_data_thumbnail (data, d, | 439 exif_data_load_data_thumbnail (data, d, |
| 433 ds, thumb
nail_offset, | 440 ds, thumb
nail_offset, |
| 434 thumbnail
_length); | 441 thumbnail
_length); |
| 435 break; | 442 break; |
| 436 case EXIF_TAG_JPEG_INTERCHANGE_FORMAT_LENGTH: | 443 case EXIF_TAG_JPEG_INTERCHANGE_FORMAT_LENGTH: |
| (...skipping 830 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1267 return; | 1274 return; |
| 1268 | 1275 |
| 1269 d->priv->data_type = dt; | 1276 d->priv->data_type = dt; |
| 1270 } | 1277 } |
| 1271 | 1278 |
| 1272 ExifDataType | 1279 ExifDataType |
| 1273 exif_data_get_data_type (ExifData *d) | 1280 exif_data_get_data_type (ExifData *d) |
| 1274 { | 1281 { |
| 1275 return (d && d->priv) ? d->priv->data_type : EXIF_DATA_TYPE_UNKNOWN; | 1282 return (d && d->priv) ? d->priv->data_type : EXIF_DATA_TYPE_UNKNOWN; |
| 1276 } | 1283 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1583893003:
libexif: exif_data_load_data_content() should not recurse with the same offset. (Closed)
Base URL: https://chromium.googlesource.com/chromium/deps/libexif/sources.git@master