~ubuntu-branches/ubuntu/hardy/libexif/hardy

Committer: Bazaar Package Importer
Author(s): Nico Golde
Date: 2007-12-21 17:13:58 UTC
mfrom: (5.1.5 hardy)
Revision ID: james.westby@ubuntu.com-20071221171358-zbjzk21kmnizelhk

Tags: 0.6.16-2.1

http://bugs.debian.org/457330

* Non-maintainer upload by security team.
* This update addresses the following security issues:
  - possible denial of service attack via crafted
    image file leading to an infinite recursion in the
    exif-loader.c (CVE-2007-6351; Closes: #457330).
  - integer overflow in exif-data.c triggered by a crafted
    image file could lead to arbitrary code execution
    (CVE-2007-6352; Closes: #457330).

files added:
ChangeLog.cvs

auto-m4

auto-m4/gettext.m4

auto-m4/iconv.m4

auto-m4/lib-ld.m4

auto-m4/lib-link.m4

auto-m4/lib-prefix.m4

auto-m4/nls.m4

auto-m4/po.m4

auto-m4/progtest.m4

debian/patches

debian/patches/00list

debian/patches/10_pkg_config_header_dir.dpatch

debian/patches/20_extra_colorspace_check.dpatch

debian/patches/30_olympus_makernote.dpatch

debian/patches/40_crash_looking_up_invalid_values.dpatch

debian/patches/50_relibtoolize.dpatch

debian/patches/CVE-2007-6351.dpatch

debian/patches/CVE-2007-6352.dpatch

libexif-uninstalled.pc.in

libexif.pc.in

po/cs.gmo

po/cs.po

po/ru.gmo

po/ru.po

po/sk.gmo

po/sk.po

po/vi.gmo

po/vi.po

test/test-integers.c

files removed:
config.log

libexif/libexif.pc.in

m4m/gettext.m4

m4m/iconv.m4

m4m/lib-ld.m4

m4m/lib-link.m4

m4m/lib-prefix.m4

m4m/nls.m4

m4m/po.m4

m4m/progtest.m4

files modified:
ChangeLog

INSTALL

Makefile.am

Makefile.in

NEWS

README

aclocal.m4

binary/Makefile.in

config.guess

config.sub

configure

configure.ac

debian/changelog

debian/compat

debian/control

debian/libexif12.docs

debian/rules

depcomp

doc/Doxyfile-internals.in

doc/Doxyfile.in

doc/Makefile.am

doc/Makefile.in

doc/libexif-api.html.tar.gz

install-sh

libexif.spec

libexif/Makefile.am

libexif/Makefile.in

libexif/canon/Makefile.in

libexif/canon/exif-mnote-data-canon.c

libexif/canon/exif-mnote-data-canon.h

libexif/canon/mnote-canon-entry.c

libexif/canon/mnote-canon-tag.c

libexif/canon/mnote-canon-tag.h

libexif/exif-content.c

libexif/exif-data.c

libexif/exif-data.h

libexif/exif-entry.c

libexif/exif-entry.h

libexif/exif-loader.c

libexif/exif-loader.h

libexif/exif-mem.c

libexif/exif-mem.h

libexif/exif-tag.c

libexif/exif-tag.h

libexif/exif-utils.c

libexif/exif-utils.h

libexif/i18n.h

libexif/olympus/Makefile.in

libexif/olympus/exif-mnote-data-olympus.c

libexif/olympus/exif-mnote-data-olympus.h

libexif/olympus/mnote-olympus-entry.c

libexif/olympus/mnote-olympus-tag.c

libexif/olympus/mnote-olympus-tag.h

libexif/pentax/Makefile.in

libexif/pentax/exif-mnote-data-pentax.c

libexif/pentax/exif-mnote-data-pentax.h

libexif/pentax/mnote-pentax-entry.c

libexif/pentax/mnote-pentax-tag.c

libexif/pentax/mnote-pentax-tag.h

ltmain.sh

m4m/Makefile.in

m4m/gp-documentation.m4

missing

po/Makevars

po/de.gmo

po/de.po

po/es.gmo

po/es.po

po/fr.gmo

po/fr.po

po/libexif-12.pot

po/pl.gmo

po/pl.po

test/Makefile.am

test/Makefile.in

test/nls/Makefile.am

test/nls/Makefile.in

test/nls/print-localedir.c

test/nls/test-nls.c

Show diffs side-by-side

added added

removed removed

libexif/exif-entry.c

395

N_("right - bottom"), N_("left - bottom"), NULL}},

396

{ EXIF_TAG_YCBCR_POSITIONING,

397

{ "", N_("centered"), N_("co-sited"), NULL}},

398

{ EXIF_TAG_PHOTOMETRIC_INTERPRETATION, {"", N_("RGB"), N_("YCbCr"), NULL}},

398

{ EXIF_TAG_PHOTOMETRIC_INTERPRETATION,

399

{N_("Reversed mono"), N_("Normal mono"), N_("RGB"), N_("Palette"), "",

400

N_("CMYK"), N_("YCbCr"), "", N_("CieLAB"), NULL}},

399

401

{ EXIF_TAG_CUSTOM_RENDERED,

400

402

{ N_("Normal process"), N_("Custom process"), NULL}},

401

403

{ EXIF_TAG_EXPOSURE_MODE,

436

438

{ {1, {N_("Uncompressed"), NULL}},

437

439

{5, {N_("LZW compression"), NULL}},

438

440

{6, {N_("JPEG compression"), NULL}},

441

{7, {N_("JPEG compression"), NULL}},

442

{8, {N_("Deflate/ZIP compression"), NULL}},

443

{32773, {N_("PackBits compression"), NULL}},

439

444

{0, {NULL}}}},

440

445

{ EXIF_TAG_LIGHT_SOURCE,

441

446

{ { 0, {N_("Unknown"), NULL}},

488

493

{0x0005, {N_("Strobe return light not detected."), N_("W/o strobe"),

489

494

NULL}},

490

495

{0x0007, {N_("Strobe return light detected."), N_("W. strobe"), NULL}},

491

{0x0009, {N_("Flash fired, compulsatory flash mode"), NULL}},

492

{0x000d, {N_("Flash fired, compulsatory flash mode, return light "

496

{0x0008, {N_("Flash did not fire."), NULL}}, /* Olympus E-330 */

497

{0x0009, {N_("Flash fired, compulsory flash mode."), NULL}},

498

{0x000d, {N_("Flash fired, compulsory flash mode, return light "

493

499

"not detected."), NULL}},

494

{0x000f, {N_("Flash fired, compulsatory flash mode, return light "

500

{0x000f, {N_("Flash fired, compulsory flash mode, return light "

495

501

"detected."), NULL}},

496

{0x0010, {N_("Flash did not fire, compulsatory flash mode."), NULL}},

502

{0x0010, {N_("Flash did not fire, compulsory flash mode."), NULL}},

497

503

{0x0018, {N_("Flash did not fire, auto mode."), NULL}},

498

504

{0x0019, {N_("Flash fired, auto mode."), NULL}},

499

505

{0x001d, {N_("Flash fired, auto mode, return light not detected."),

508

514

{0x0049, {N_("Flash fired, compulsory flash mode, red-eye reduction "

509

515

"mode."), NULL}},

510

516

{0x004d, {N_("Flash fired, compulsory flash mode, red-eye reduction "

511

"mode, return light not detected"), NULL}},

512

{0x004f, {N_("Flash fired, compulsory flash mode, red-eye reduction, "

513

"return light detected"), NULL}},

514

{0x0058, {N_("Flash did not fire, auto mode, red-eye reduction mode"), NULL}},

515

{0x0059, {N_("Flash fired, auto mode, red-eye reduction mode"), NULL}},

517

"mode, return light not detected."), NULL}},

518

{0x004f, {N_("Flash fired, compulsory flash mode, red-eye reduction mode, "

519

"return light detected."), NULL}},

520

{0x0058, {N_("Flash did not fire, auto mode, red-eye reduction mode."), NULL}},

521

{0x0059, {N_("Flash fired, auto mode, red-eye reduction mode."), NULL}},

516

522

{0x005d, {N_("Flash fired, auto mode, return light not detected, "

517

523

"red-eye reduction mode."), NULL}},

518

524

{0x005f, {N_("Flash fired, auto mode, return light detected, "

527

533

{ EXIF_TAG_COLOR_SPACE,

528

534

{ {1, {N_("sRGB"), NULL}},

529

535

{2, {N_("Adobe RGB"), NULL}},

530

{0xffff, {N_("Uncalibrated"), NULL}}}},

536

{0xffff, {N_("Uncalibrated"), NULL}},

537

{0x0000, {NULL}}}},

531

538

{0, }

532

539

};

533

540

704

711

(float) v_rat.denominator);

705

712

break;

706

713

case EXIF_TAG_APERTURE_VALUE:

714

case EXIF_TAG_MAX_APERTURE_VALUE:

707

715

CF (e, EXIF_FORMAT_RATIONAL, val, maxlen);

708

716

CC (e, 1, val, maxlen);

709

717

v_rat = exif_get_rational (e->data, o);

710

718

if (!v_rat.denominator) return val;

711

snprintf (val, maxlen, "f/%.01f",

712

pow (2 , ((float) v_rat.numerator /

713

(float) v_rat.denominator) / 2.));

719

d = (double) v_rat.numerator / (double) v_rat.denominator;

720

snprintf (val, maxlen, _("%.02f EV"), d);

721

snprintf (b, sizeof (b), _(" (f/%.01f)"), pow (2, d / 2.));

722

if (maxlen > strlen (val) + strlen (b))

723

strncat (val, b, maxlen - strlen (val) - 1);

714

724

break;

715

725

case EXIF_TAG_FOCAL_LENGTH:

716

726

CF (e, EXIF_FORMAT_RATIONAL, val, maxlen);

775

785

CC (e, 1, val, maxlen);

776

786

v_srat = exif_get_srational (e->data, o);

777

787

if (!v_srat.denominator) return val;

778

snprintf (val, maxlen, "%.0f/%.0f", (float) v_srat.numerator,

779

(float) v_srat.denominator);

780

if (maxlen > strlen (val) + strlen (_(" sec.")))

781

strncat (val, _(" sec."), maxlen - strlen (val) - 1);

782

snprintf (b, sizeof (b), " (APEX: %i)",

783

(int) pow (sqrt(2), (float) v_srat.numerator /

784

(float) v_srat.denominator));

788

d = (double) v_srat.numerator / (double) v_srat.denominator;

789

snprintf (val, maxlen, _("%.02f EV"), d);

790

snprintf (b, sizeof (b), " (APEX: %i)", (int) pow (sqrt(2), d));

785

791

if (maxlen > strlen (val) + strlen (b))

786

792

strncat (val, b, maxlen - strlen (val) - 1);

793

d = 1. / pow (2, d);

794

if (d < 1)

795

snprintf (b, sizeof (b), _(" 1/%d sec.)"), (int) (1. / d));

796

else

797

snprintf (b, sizeof (b), _(" %d sec.)"), (int) d);

798

if (maxlen > strlen (val) + strlen (b)) {

799

val[strlen (val) - 1] = ',';

800

strncat (val, b, maxlen - strlen (val) - 1);

801

}

787

802

break;

788

803

case EXIF_TAG_BRIGHTNESS_VALUE:

789

804

CF (e, EXIF_FORMAT_SRATIONAL, val, maxlen);

790

805

CC (e, 1, val, maxlen);

791

806

v_srat = exif_get_srational (e->data, o);

792

snprintf (val, maxlen, "%i/%i", (int) v_srat.numerator,

793

(int) v_srat.denominator);

794

/* FIXME: How do I calculate the APEX value? */

807

if (!v_srat.denominator) return val;

808

d = (double) v_srat.numerator / (double) v_srat.denominator;

809

snprintf (val, maxlen, _("%.02f EV"), d);

810

snprintf (b, sizeof (b), _(" (%.02f cd/m^2)"),

811

1. / (M_PI * 0.3048 * 0.3048) * pow (2, d));

812

if (maxlen > strlen (val) + strlen (b))

813

strncat (val, b, maxlen - strlen (val) - 1);

795

814

break;

796

815

case EXIF_TAG_FILE_SOURCE:

797

816

CF (e, EXIF_FORMAT_UNDEFINED, val, maxlen);

824

843

CC (e, 1, val, maxlen);

825

844

v_srat = exif_get_srational (e->data, o);

826

845

if (!v_srat.denominator) return val;

827

snprintf (val, maxlen, "%s%.01f",

828

v_srat.denominator * v_srat.numerator > 0 ? "+" : "",

829

(double) v_srat.numerator /

830

(double) v_srat.denominator);

846

d = (double) v_srat.numerator / (double) v_srat.denominator;

847

snprintf (val, maxlen, _("%.02f EV"), d);

831

848

break;

832

849

case EXIF_TAG_YCBCR_SUB_SAMPLING:

833

850

CF (e, EXIF_FORMAT_SHORT, val, maxlen);

902

919

}

903

920

904

921

/* Find the value */

905

for (j = 0; list2[i].elem[j].values &&

922

for (j = 0; list2[i].elem[j].values[0] &&

906

923

(list2[i].elem[j].index < v_short); j++);

907

if (list2[i].elem[j].index != v_short || v_short == 65535) {

924

if (list2[i].elem[j].index != v_short) {

908

925

snprintf (val, maxlen, _("Internal error (unknown "

909

926

"value %i)."), v_short);

910

927

break;

912

929

913

930

/* Find a short enough value */

914

931

memset (val, 0, maxlen);

915

for (k = 0; list2[i].elem[j].values &&

916

list2[i].elem[j].values[k]; k++) {

932

for (k = 0; list2[i].elem[j].values[k]; k++) {

917

933

l = strlen (_(list2[i].elem[j].values[k]));

918

934

if ((maxlen > l) && (strlen (val) < l))

919

935

strncpy (val, _(list2[i].elem[j].values[k]), maxlen - 1);

951

967

snprintf (val, maxlen, "%i", v_short);

952

968

else

953

969

strncpy (val, _(list[i].strings[j]), maxlen - 1);

954

break;

970

break;

971

case EXIF_TAG_XP_TITLE:

972

case EXIF_TAG_XP_COMMENT:

973

case EXIF_TAG_XP_AUTHOR:

974

case EXIF_TAG_XP_KEYWORDS:

975

case EXIF_TAG_XP_SUBJECT:

976

/* Warning! The texts are converted from UTF16 to UTF8 */

977

exif_convert_utf16_to_utf8(val, (unsigned short*)e->data, MIN(maxlen, e->size));

978

break;

979

case EXIF_TAG_INTEROPERABILITY_VERSION:

980

if (e->format == EXIF_FORMAT_UNDEFINED) {

981

strncpy (val, (char *) e->data, MIN (maxlen, e->size));

982

break;

983

}

984

/* Fall through - EXIF_TAG_GPS_LATITUDE is same as INTEROPERABILITY_VERSION */

955

985

default:

956

if (!e->components) break;

986

if (!e->size) break;

957

987

switch (e->format) {

958

988

case EXIF_FORMAT_UNDEFINED:

989

if ((e->tag == EXIF_TAG_SCENE_TYPE) && (e->size == 1)) {

990

snprintf (val, maxlen, "%i", e->data[0]);

991

}

959

992

break;

960

993

case EXIF_FORMAT_BYTE:

961

994

case EXIF_FORMAT_SBYTE:

Older »