~ubuntu-branches/ubuntu/hardy/libexif/hardy

Viewing changes to libexif/pentax/mnote-pentax-entry.c

Committer: Bazaar Package Importer
Author(s): Nico Golde
Date: 2007-12-21 17:13:58 UTC
mfrom: (5.1.5 hardy)
Revision ID: james.westby@ubuntu.com-20071221171358-zbjzk21kmnizelhk

Tags: 0.6.16-2.1

http://bugs.debian.org/457330

* Non-maintainer upload by security team.
* This update addresses the following security issues:
  - possible denial of service attack via crafted
    image file leading to an infinite recursion in the
    exif-loader.c (CVE-2007-6351; Closes: #457330).
  - integer overflow in exif-data.c triggered by a crafted
    image file could lead to arbitrary code execution
    (CVE-2007-6352; Closes: #457330).

files added:
ChangeLog.cvs

auto-m4

auto-m4/gettext.m4

auto-m4/iconv.m4

auto-m4/lib-ld.m4

auto-m4/lib-link.m4

auto-m4/lib-prefix.m4

auto-m4/nls.m4

auto-m4/po.m4

auto-m4/progtest.m4

debian/patches

debian/patches/00list

debian/patches/10_pkg_config_header_dir.dpatch

debian/patches/20_extra_colorspace_check.dpatch

debian/patches/30_olympus_makernote.dpatch

debian/patches/40_crash_looking_up_invalid_values.dpatch

debian/patches/50_relibtoolize.dpatch

debian/patches/CVE-2007-6351.dpatch

debian/patches/CVE-2007-6352.dpatch

libexif-uninstalled.pc.in

libexif.pc.in

po/cs.gmo

po/cs.po

po/ru.gmo

po/ru.po

po/sk.gmo

po/sk.po

po/vi.gmo

po/vi.po

test/test-integers.c

files removed:
config.log

libexif/libexif.pc.in

m4m/gettext.m4

m4m/iconv.m4

m4m/lib-ld.m4

m4m/lib-link.m4

m4m/lib-prefix.m4

m4m/nls.m4

m4m/po.m4

m4m/progtest.m4

files modified:
ChangeLog

INSTALL

Makefile.am

Makefile.in

NEWS

README

aclocal.m4

binary/Makefile.in

config.guess

config.sub

configure

configure.ac

debian/changelog

debian/compat

debian/control

debian/libexif12.docs

debian/rules

depcomp

doc/Doxyfile-internals.in

doc/Doxyfile.in

doc/Makefile.am

doc/Makefile.in

doc/libexif-api.html.tar.gz

install-sh

libexif.spec

libexif/Makefile.am

libexif/Makefile.in

libexif/canon/Makefile.in

libexif/canon/exif-mnote-data-canon.c

libexif/canon/exif-mnote-data-canon.h

libexif/canon/mnote-canon-entry.c

libexif/canon/mnote-canon-tag.c

libexif/canon/mnote-canon-tag.h

libexif/exif-content.c

libexif/exif-data.c

libexif/exif-data.h

libexif/exif-entry.c

libexif/exif-entry.h

libexif/exif-loader.c

libexif/exif-loader.h

libexif/exif-mem.c

libexif/exif-mem.h

libexif/exif-tag.c

libexif/exif-tag.h

libexif/exif-utils.c

libexif/exif-utils.h

libexif/i18n.h

libexif/olympus/Makefile.in

libexif/olympus/exif-mnote-data-olympus.c

libexif/olympus/exif-mnote-data-olympus.h

libexif/olympus/mnote-olympus-entry.c

libexif/olympus/mnote-olympus-tag.c

libexif/olympus/mnote-olympus-tag.h

libexif/pentax/Makefile.in

libexif/pentax/exif-mnote-data-pentax.c

libexif/pentax/exif-mnote-data-pentax.h

libexif/pentax/mnote-pentax-entry.c

libexif/pentax/mnote-pentax-tag.c

libexif/pentax/mnote-pentax-tag.h

ltmain.sh

m4m/Makefile.in

m4m/gp-documentation.m4

missing

po/Makevars

po/de.gmo

po/de.po

po/es.gmo

po/es.po

po/fr.gmo

po/fr.po

po/libexif-12.pot

po/pl.gmo

po/pl.po

test/Makefile.am

test/Makefile.in

test/nls/Makefile.am

test/nls/Makefile.in

test/nls/print-localedir.c

test/nls/test-nls.c

Show diffs side-by-side

added added

removed removed

libexif/pentax/mnote-pentax-entry.c

#define CF(format,target,v,maxlen) \

{ \

if (format != target) { \

snprintf (v, maxlen, \

_("Invalid format '%s', " \

"expected '%s'."), \

exif_format_get_name (format), \

exif_format_get_name (target)); \

break; \

} \

if (format != target) { \

snprintf (v, maxlen, \

_("Invalid format '%s', " \

"expected '%s'."), \

exif_format_get_name (format), \

exif_format_get_name (target)); \

break; \

} \

}

#define CC(number,target,v,maxlen) \

{ \

if (number != target) { \

snprintf (v, maxlen, \

_("Invalid number of components (%i, " \

"expected %i)."), (int) number, (int) target); \

break; \

} \

if (number != target) { \

snprintf (v, maxlen, \

_("Invalid number of components (%i, " \

"expected %i)."), (int) number, (int) target); \

break; \

} \

}

#define CC2(number,t1,t2,v,maxlen) \

{ \

if ((number != t1) && (number != t2)) { \

snprintf (v, maxlen, \

_("Invalid number of components (%i, " \

"expected %i or %i)."), (int) number, \

(int) t1, (int) t2); \

break; \

} \

}

static struct {

struct {

int index;

const char *string;

} elem[7];

} elem[33];

} items[] = {

{ MNOTE_PENTAX_TAG_MODE,

{ {0, N_("Auto")},

{1, N_("Night-scene")},

{2, N_("Manual")},

{4, N_("Multi-exposure")},

{0, NULL}}},

{ MNOTE_PENTAX_TAG_QUALITY,

{ {0, N_("Good")},

114

126

{2, N_("Black & White")},

115

127

{3, N_("Sepia")},

116

128

{0, NULL}}},

129

{ MNOTE_PENTAX2_TAG_MODE,

130

{ {0, N_("Auto")},

131

{1, N_("Night-scene")},

132

{2, N_("Manual")},

133

{4, N_("Multi-exposure")},

134

{0, NULL}}},

135

{ MNOTE_PENTAX2_TAG_QUALITY,

136

{ {0, N_("Good")},

137

{1, N_("Better")},

138

{2, N_("Best")},

139

{3, N_("TIFF")},

140

{4, N_("RAW")},

141

{0, NULL}}},

142

{ MNOTE_PENTAX2_TAG_IMAGE_SIZE,

143

{ {0, "640x480"},

144

{1, N_("Full")},

145

{2, "1024x768"},

146

{3, "1280x960"},

147

{4, "1600x1200"},

148

{5, "2048x1536"},

149

{8, N_("2560x1920 or 2304x1728")},

150

{9, "3072x2304"},

151

{10, "3264x2448"},

152

{19, "320x240"},

153

{20, "2288x1712"},

154

{21, "2592x1944"},

155

{22, N_("2304x1728 or 2592x1944")},

156

{23, "3056x2296"},

157

{25, N_("2816x2212 or 2816x2112")},

158

{27, "3648x2736"},

159

{36, "3008x2008"},

160

{0, NULL}}},

161

{ MNOTE_PENTAX2_TAG_PICTURE_MODE,

162

{ {0, N_("Program")},

163

{2, N_("Program AE")},

164

{3, N_("Manual")},

165

{5, N_("Portrait")},

166

{6, N_("Landscape")},

167

{8, N_("Sport")},

168

{9, N_("Night Scene")},

169

{11, N_("Soft")},

170

{12, N_("Surf & Snow")},

171

{13, N_("Sunset or Candlelight")},

172

{14, N_("Autumn")},

173

{15, N_("Macro")},

174

{17, N_("Fireworks")},

175

{18, N_("Text")},

176

{19, N_("Panorama")},

177

{30, N_("Self Portrait")},

178

{31, N_("Illustrations")},

179

{33, N_("Digital Filter")},

180

{37, N_("Museum")},

181

{38, N_("Food")},

182

{40, N_("Green Mode")},

183

{49, N_("Light Pet")},

184

{50, N_("Dark Pet")},

185

{51, N_("Medium Pet")},

186

{53, N_("Underwater")},

187

{54, N_("Candlelight")},

188

{55, N_("Natural Skin Tone")},

189

{56, N_("Synchro Sound Record")},

190

{58, N_("Frame Composite")},

191

{0, NULL}}},

192

{ MNOTE_PENTAX2_TAG_FLASH_MODE,

193

{ {0x0000, N_("Auto, Did not fire")},

194

{0x0001, N_("Off")},

195

{0x0003, N_("Auto, Did not fire, Red-eye reduction")},

196

{0x0100, N_("Auto, Fired")},

197

{0x0102, N_("On")},

198

{0x0103, N_("Auto, Fired, Red-eye reduction")},

199

{0x0104, N_("On, Red-eye reduction")},

200

{0x0105, N_("On, Wireless")},

201

{0x0108, N_("On, Soft")},

202

{0x0109, N_("On, Slow-sync")},

203

{0x010a, N_("On, Slow-sync, Red-eye reduction")},

204

{0x010b, N_("On, Trailing-curtain Sync")},

205

{0, NULL}}},

206

{ MNOTE_PENTAX2_TAG_FOCUS_MODE,

207

{ {0, N_("Normal")},

208

{1, N_("Macro")},

209

{2, N_("Infinity")},

210

{3, N_("Manual")},

211

{5, N_("Pan Focus")},

212

{16, N_("AF-S")},

213

{17, N_("AF-C")},

214

{0, NULL}}},

215

{ MNOTE_PENTAX2_TAG_AFPOINT_SELECTED,

216

{ {1, N_("Upper-left")},

217

{2, N_("Top")},

218

{3, N_("Upper-right")},

219

{4, N_("Left")},

220

{5, N_("Mid-left")},

221

{6, N_("Center")},

222

{7, N_("Mid-right")},

223

{8, N_("Right")},

224

{9, N_("Lower-left")},

225

{10, N_("Bottom")},

226

{11, N_("Lower-right")},

227

{0xfffe, N_("Fixed Center")},

228

{0xffff, N_("Auto")},

229

{0, NULL}}},

230

{ MNOTE_PENTAX2_TAG_AUTO_AFPOINT,

231

{ {0, N_("Multiple")},

232

{1, N_("Top-left")},

233

{2, N_("Top-center")},

234

{3, N_("Top-right")},

235

{4, N_("Left")},

236

{5, N_("Center")},

237

{6, N_("Right")},

238

{7, N_("Bottom-left")},

239

{8, N_("Bottom-center")},

240

{9, N_("Bottom-right")},

241

{0xffff, N_("None")},

242

{0, NULL}}},

243

{ MNOTE_PENTAX2_TAG_WHITE_BALANCE,

244

{ {0, N_("Auto")},

245

{1, N_("Daylight")},

246

{2, N_("Shade")},

247

{3, N_("Fluorescent")},

248

{4, N_("Tungsten")},

249

{5, N_("Manual")},

250

{6, N_("Daylight Fluorescent")},

251

{7, N_("Daywhite Fluorescent")},

252

{8, N_("White Fluorescent")},

253

{9, N_("Flash")},

254

{10, N_("Cloudy")},

255

{0xfffe, N_("Unknown")},

256

{0xffff, N_("User Selected")},

257

{0, NULL}}},

258

{MNOTE_CASIO2_TAG_BESTSHOT_MODE,

259

{ {0, N_("Off")},

260

{1, N_("On")},

261

{0, NULL}}},

262

{0, {{0, NULL}}}

263

};

264

265

/* Two-component values */

266

static struct {

267

ExifTag tag;

268

struct {

269

int index1, index2;

270

const char *string;

271

} elem[39];

272

} items2[] = {

273

{ MNOTE_PENTAX2_TAG_IMAGE_SIZE,

274

{ {0, 0, "2304x1728"},

275

{4, 0, "1600x1200"},

276

{5, 0, "2048x1536"},

277

{8, 0, "2560x1920"},

278

{36, 0, N_("3008x2008 or 3040x2024")},

279

{37, 0, "3008x2000"},

280

{35, 1, "2400x1600"},

281

{32, 2, "960x480"},

282

{33, 2, "1152x768"},

283

{34, 2, "1536x1024"},

284

{0, 0, NULL}}},

285

{ MNOTE_PENTAX2_TAG_PICTURE_MODE,

286

{ {0, 0, N_("Auto")},

287

{5, 0, N_("Portrait")},

288

{53, 0, N_("Underwater")},

289

{255, 0, N_("Digital Filter?")},

290

{5, 1, N_("Portrait")},

291

{9, 1, N_("Night Scene")},

292

{13, 1, N_("Candlelight")},

293

{15, 1, N_("Macro")},

294

{53, 1, N_("Underwater")},

295

{0, 2, N_("Program AE")},

296

{5, 2, N_("Portrait")},

297

{6, 2, N_("Landscape")},

298

{0, 0, NULL}}},

299

{0, {{0, 0, NULL}}}

117

300

};

118

301

119

302

char *

121

304

char *val, unsigned int maxlen)

122

305

{

123

306

ExifLong vl;

124

ExifShort vs;

307

ExifShort vs, vs2;

125

308

int i = 0, j = 0;

126

309

127

310

if (!entry) return (NULL);

140

323

case MNOTE_PENTAX_TAG_SATURATION:

141

324

case MNOTE_PENTAX_TAG_ISO_SPEED:

142

325

case MNOTE_PENTAX_TAG_COLOR:

326

case MNOTE_PENTAX2_TAG_MODE:

327

case MNOTE_PENTAX2_TAG_QUALITY:

328

case MNOTE_PENTAX2_TAG_FLASH_MODE:

329

case MNOTE_PENTAX2_TAG_FOCUS_MODE:

330

case MNOTE_PENTAX2_TAG_AFPOINT_SELECTED:

331

case MNOTE_PENTAX2_TAG_AUTO_AFPOINT:

332

case MNOTE_PENTAX2_TAG_WHITE_BALANCE:

333

case MNOTE_PENTAX2_TAG_PICTURE_MODE:

334

case MNOTE_PENTAX2_TAG_IMAGE_SIZE:

335

case MNOTE_CASIO2_TAG_BESTSHOT_MODE:

143

336

CF (entry->format, EXIF_FORMAT_SHORT, val, maxlen);

144

CC (entry->components, 1, val, maxlen);

145

vs = exif_get_short (entry->data, entry->order);

146

147

/* search the tag */

148

for (i = 0; (items[i].tag && items[i].tag != entry->tag); i++);

149

if (!items[i].tag) {

150

strncpy (val, "Internal error", maxlen);

151

break;

152

}

153

154

/* find the value */

155

for (j = 0; items[i].elem[j].string &&

337

CC2 (entry->components, 1, 2, val, maxlen);

338

if (entry->components == 1) {

339

vs = exif_get_short (entry->data, entry->order);

340

341

/* search the tag */

342

for (i = 0; (items[i].tag && items[i].tag != entry->tag); i++);

343

if (!items[i].tag) {

344

strncpy (val, _("Internal error"), maxlen);

345

break;

346

}

347

348

/* find the value */

349

for (j = 0; items[i].elem[j].string &&

156

350

(items[i].elem[j].index < vs); j++);

157

if (items[i].elem[j].index != vs) {

158

snprintf (val, maxlen,

159

"Internal error (unknown value %i)", vs);

160

break;

351

if (items[i].elem[j].index != vs) {

352

snprintf (val, maxlen,

353

_("Internal error (unknown value %i)"), vs);

354

break;

355

}

356

strncpy (val, items[i].elem[j].string, maxlen);

357

} else {

358

/* Two-component values */

359

CF (entry->format, EXIF_FORMAT_SHORT, val, maxlen);

360

CC2 (entry->components, 1, 2, val, maxlen);

361

vs = exif_get_short (entry->data, entry->order);

362

vs2 = exif_get_short (entry->data+2, entry->order) << 16;

363

364

/* search the tag */

365

for (i = 0; (items2[i].tag && items2[i].tag != entry->tag); i++);

366

if (!items2[i].tag) {

367

strncpy (val, _("Internal error"), maxlen);

368

break;

369

}

370

371

/* find the value */

372

for (j = 0; items2[i].elem[j].string && ((items2[i].elem[j].index2 < vs2)

373

|| ((items2[i].elem[j].index2 == vs2) && (items2[i].elem[j].index1 < vs))); j++);

374

if ((items2[i].elem[j].index1 != vs) || (items2[i].elem[j].index2 != vs2)) {

375

snprintf (val, maxlen,

376

_("Internal error (unknown value %i %i)"), vs, vs2);

377

break;

378

}

379

strncpy (val, items2[i].elem[j].string, maxlen);

161

380

}

162

snprintf (val, maxlen, "%s", items[i].elem[j].string);

163

381

break;

164

382

165

383

case MNOTE_PENTAX_TAG_ZOOM:

171

389

case MNOTE_PENTAX_TAG_PRINTIM:

172

390

CF (entry->format, EXIF_FORMAT_UNDEFINED, val, maxlen);

173

391

CC (entry->components, 124, val, maxlen);

174

snprintf (val, maxlen, "%li bytes unknown data",

175

entry->components);

392

snprintf (val, maxlen, _("%i bytes unknown data"),

393

entry->size);

176

394

break;

177

395

case MNOTE_PENTAX_TAG_TZ_CITY:

178

396

CF (entry->format, EXIF_FORMAT_UNDEFINED, val, maxlen);

179

397

CC (entry->components, 4, val, maxlen);

180

snprintf (val, entry->components, "%s", entry->data);

398

strncpy (val, (char*)entry->data, MIN(maxlen, entry->size));

181

399

break;

182

400

case MNOTE_PENTAX_TAG_TZ_DST:

183

401

CF (entry->format, EXIF_FORMAT_UNDEFINED, val, maxlen);

184

402

CC (entry->components, 4, val, maxlen);

185

snprintf (val, entry->components, "%s", entry->data);

403

strncpy (val, (char*)entry->data, MIN(maxlen, entry->size));

186

404

break;

187

405

default:

188

406

switch (entry->format) {

189

407

case EXIF_FORMAT_ASCII:

190

strncpy (val, (char *)entry->data, MIN(maxlen, entry->components));

408

strncpy (val, (char *)entry->data, MIN(maxlen, entry->size));

191

409

break;

192

410

case EXIF_FORMAT_SHORT:

193

411

vs = exif_get_short (entry->data, entry->order);

199

417

break;

200

418

case EXIF_FORMAT_UNDEFINED:

201

419

default:

202

snprintf (val, maxlen, "%li bytes unknown data",

203

entry->components);

420

snprintf (val, maxlen, _("%i bytes unknown data"),

421

entry->size);

204

422

break;

205

423

}

206

424

break;

Older »