From 55a409eb486ade654cef90cc060689b462643c6c Mon Sep 17 00:00:00 2001
From: Fabian Affolter <fabian@affolter-engineering.ch>
Date: Fri, 23 Jan 2015 15:06:05 +0000
Subject: main/exiv2: add patch to fix CVE-2014-9449

---
 main/exiv2/exiv2-0.24-CVE-2014-9449.patch | 27 +++++++++++++++++++++++++++
 1 file changed, 27 insertions(+)
 create mode 100644 main/exiv2/exiv2-0.24-CVE-2014-9449.patch

diff --git a/main/exiv2/exiv2-0.24-CVE-2014-9449.patch b/main/exiv2/exiv2-0.24-CVE-2014-9449.patch
new file mode 100644
index 0000000000..cf1b46fbf6
--- /dev/null
+++ b/main/exiv2/exiv2-0.24-CVE-2014-9449.patch
@@ -0,0 +1,27 @@
+diff -up exiv2-0.24/src/riffvideo.cpp.CVE-2014-9449 exiv2-0.24/src/riffvideo.cpp
+--- exiv2-0.24/src/riffvideo.cpp.CVE-2014-9449	2013-12-01 06:13:42.000000000 -0600
++++ exiv2-0.24/src/riffvideo.cpp	2015-01-05 11:21:42.306728309 -0600
+@@ -856,7 +856,7 @@ namespace Exiv2 {
+ 
+     void RiffVideo::infoTagsHandler()
+     {
+-        const long bufMinSize = 100;
++        const long bufMinSize = 10000;
+         DataBuf buf(bufMinSize);
+         buf.pData_[4] = '\0';
+         io_->seek(-12, BasicIo::cur);
+@@ -879,10 +879,14 @@ namespace Exiv2 {
+             if(infoSize >= 0) {
+                 size -= infoSize;
+                 io_->read(buf.pData_, infoSize);
++                if(infoSize < 4)
++                    buf.pData_[infoSize] = '\0';
+             }
+ 
+             if(tv)
+                 xmpData_[exvGettext(tv->label_)] = buf.pData_;
++            else
++                continue;
+         }
+         io_->seek(cur_pos + size_external, BasicIo::beg);
+     } // RiffVideo::infoTagsHandler
-- 
cgit v1.2.3