Limit the size of Exif data.
This commit is contained in:
parent
d6746c4004
commit
904f4b577e
|
@ -37,6 +37,8 @@ use crate::util::read64;
|
||||||
// Same for "msf1" [ISO23008-12 B.4.2] [ISO23008-12 B.4.4].
|
// Same for "msf1" [ISO23008-12 B.4.2] [ISO23008-12 B.4.4].
|
||||||
static HEIF_BRANDS: &[[u8; 4]] = &[*b"mif1", *b"msf1"];
|
static HEIF_BRANDS: &[[u8; 4]] = &[*b"mif1", *b"msf1"];
|
||||||
|
|
||||||
|
const MAX_EXIF_SIZE: usize = 65535;
|
||||||
|
|
||||||
// Most errors in this file are Error::InvalidFormat.
|
// Most errors in this file are Error::InvalidFormat.
|
||||||
impl From<&'static str> for Error {
|
impl From<&'static str> for Error {
|
||||||
fn from(err: &'static str) -> Error {
|
fn from(err: &'static str) -> Error {
|
||||||
|
@ -222,6 +224,9 @@ impl<R> Parser<R> where R: io::BufRead + io::Seek {
|
||||||
return Err(io::Error::new(io::ErrorKind::UnexpectedEof,
|
return Err(io::Error::new(io::ErrorKind::UnexpectedEof,
|
||||||
"truncated extent").into());
|
"truncated extent").into());
|
||||||
}
|
}
|
||||||
|
if buf.len() > MAX_EXIF_SIZE {
|
||||||
|
return Err("Exif data too large".into());
|
||||||
|
}
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
1 => {
|
1 => {
|
||||||
|
@ -236,6 +241,9 @@ impl<R> Parser<R> where R: io::BufRead + io::Seek {
|
||||||
0 => idat.get(off..),
|
0 => idat.get(off..),
|
||||||
_ => idat.get(off..end),
|
_ => idat.get(off..end),
|
||||||
}.ok_or("Out of ItemDataBox")?);
|
}.ok_or("Out of ItemDataBox")?);
|
||||||
|
if buf.len() > MAX_EXIF_SIZE {
|
||||||
|
return Err("Exif data too large".into());
|
||||||
|
}
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
2 => return Err(Error::NotSupported(
|
2 => return Err(Error::NotSupported(
|
||||||
|
|
Loading…
Reference in New Issue