Skip to content

ext_gd: exif_process_IFD_TAG: Use the right offset if reading from stream #7208

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
MatmaRex wants to merge 1 commit into from
Closed

ext_gd: exif_process_IFD_TAG: Use the right offset if reading from stream #7208

MatmaRex wants to merge 1 commit into from

Conversation

@MatmaRex
Copy link
Contributor

@MatmaRex MatmaRex commented Jul 5, 2016

When the location of the data is outside of the range we have
preloaded (for example, if it's before the beginning of the IFD
structure), we have to read it from the stream into a separate buffer.
The offset calculations in this case were incorrect, resulting in
bogus values being read for the affected fields (sometimes parts of
other fields, sometimes binary data).

The included test image, sourced from [1], is in the public domain.

[1] https://commons.wikimedia.org/wiki/File:U.S._Marines_Prepare_to_board_an_MV-22_Osprey_160509-M-AF202-041.jpg

(This is the same fix as PHP commit c794d53c0377be960a17c3279715436e405b83f4 / php/php-src#1943.)

@MatmaRex
ext_gd: exif_process_IFD_TAG: Use the right offset if reading from st…
8323170 
…ream

When the location of the data is outside of the range we have
preloaded (for example, if it's before the beginning of the IFD
structure), we have to read it from the stream into a separate buffer.
The offset calculations in this case were incorrect, resulting in
bogus values being read for the affected fields (sometimes parts of
other fields, sometimes binary data).

The included test image, sourced from [1], is in the public domain.

[1] https://commons.wikimedia.org/wiki/File:U.S._Marines_Prepare_to_board_an_MV-22_Osprey_160509-M-AF202-041.jpg

(This is the same fix as PHP commit c794d53c0377be960a17c3279715436e405b83f4.)
@facebook-github-bot
Copy link
Contributor

facebook-github-bot commented Jul 5, 2016

Thank you for your pull request and welcome to our community. We require contributors to sign our Contributor License Agreement, and we don't seem to have you on file. In order for us to review and merge your code, please sign up at https://code.facebook.com/cla - and if you have received this in error or have any questions, please drop us a line at cla@fb.com. Thanks!

@MatmaRex
Copy link
Contributor Author

MatmaRex commented Jul 5, 2016

I have signed the CLA a couple minutes before submitting this pull request…

@ghost
Copy link

ghost commented Jul 5, 2016

This pull request has been imported into Phabricator, and discussion and review of the diff will take place at https://reviews.facebook.net/D60363

@ghost
Copy link

ghost commented Jul 5, 2016

Thank you for signing our Contributor License Agreement. We can now accept your code for this (and any) Facebook open source project. Thanks!

@ghost ghost added the CLA Signed label Jul 5, 2016
@MatmaRex
Copy link
Contributor Author

MatmaRex commented Jul 12, 2016

(For reference, I worked on this for https://phabricator.wikimedia.org/T97253.)

@Orvid
Copy link
Contributor

Orvid commented Jul 12, 2016

Yep, just took a bit to get it imported as I spent most of last week getting the OSS build of HHVM working correctly, which is why Github has a whole bunch of commits marked as being pushed on Saturday when I got the last of the issues resolved.

@hhvm-bot hhvm-bot closed this in 255373a Jul 14, 2016
@MatmaRex
Copy link
Contributor Author

MatmaRex commented Jul 14, 2016

Thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

CLA Signed

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@MatmaRex @facebook-github-bot @Orvid