summaryrefslogtreecommitdiff
path: root/XMPFiles/source/FileHandlers
diff options
context:
space:
mode:
Diffstat (limited to 'XMPFiles/source/FileHandlers')
-rw-r--r--XMPFiles/source/FileHandlers/FLV_Handler.cpp2
-rw-r--r--XMPFiles/source/FileHandlers/P2_Handler.cpp38
-rw-r--r--XMPFiles/source/FileHandlers/PSD_Handler.cpp14
-rw-r--r--XMPFiles/source/FileHandlers/SWF_Handler.cpp10
-rw-r--r--XMPFiles/source/FileHandlers/TIFF_Handler.cpp2
-rw-r--r--XMPFiles/source/FileHandlers/UCF_Handler.cpp7
-rw-r--r--XMPFiles/source/FileHandlers/UCF_Handler.hpp1
7 files changed, 52 insertions, 22 deletions
diff --git a/XMPFiles/source/FileHandlers/FLV_Handler.cpp b/XMPFiles/source/FileHandlers/FLV_Handler.cpp
index 84ab95d..8581df4 100644
--- a/XMPFiles/source/FileHandlers/FLV_Handler.cpp
+++ b/XMPFiles/source/FileHandlers/FLV_Handler.cpp
@@ -212,6 +212,8 @@ static void GetTagInfo ( XMP_IO* fileRef, XMP_Uns64 tagPos, TagInfo * info )
static XMP_Uns32 GetASValueLen ( const XMP_Uns8 * asValue, const XMP_Uns8 * asLimit )
{
+ if (asValue > asLimit)
+ return 0;
XMP_Uns32 valueLen = 0;
const XMP_Uns8 * itemPtr;
XMP_Uns32 arrayCount;
diff --git a/XMPFiles/source/FileHandlers/P2_Handler.cpp b/XMPFiles/source/FileHandlers/P2_Handler.cpp
index 6479caf..d4e6190 100644
--- a/XMPFiles/source/FileHandlers/P2_Handler.cpp
+++ b/XMPFiles/source/FileHandlers/P2_Handler.cpp
@@ -1138,6 +1138,7 @@ void P2_MetaHandler::ProcessXMP()
XML_NodePtr legacyContext, clipMetadata, legacyProp;
if ( ! this->p2ClipManager.IsValidP2() ) return;
P2_Clip* p2Clip=this->p2ClipManager.GetManagedClip();
+ if( p2Clip->GetP2RootNode() == 0) return;
XMP_StringPtr p2NS = p2Clip->GetP2RootNode()->ns.c_str();
std::string oldDigest, newDigest;
bool digestFound = this->xmpObj.GetStructField ( kXMP_NS_XMP, "NativeDigests", kXMP_NS_XMP, "P2", &oldDigest, 0 );
@@ -1308,24 +1309,27 @@ void P2_MetaHandler::UpdateFile ( bool doSafeUpdate )
if (frameFormat == "50Timecode" || frameFormat == "5994DropTimecode" || frameFormat == "5994NonDropTimecode")
{
p2Clip = this->p2ClipManager.GetManagedClip();
- XMP_StringPtr p2NS = p2Clip->GetP2RootNode()->ns.c_str();
- XML_NodePtr legacyVideoContext = p2Clip->GetEssenceListNode();
- if (legacyVideoContext != 0)
+ if( p2Clip->GetP2RootNode() != 0 )
{
- legacyVideoContext = legacyVideoContext->GetNamedElement(p2NS, "Video");
- XML_NodePtr legacyProp = legacyVideoContext->GetNamedElement(p2NS, "StartTimecode");
- if ((legacyProp != 0) && legacyProp->IsLeafContentNode())
- {
- AdjustTimeCode( xmpStartTimeCode, true );
- if (xmpStartTimeCode != legacyProp->GetLeafContentValue())
- {
- legacyProp->SetLeafContentValue(xmpStartTimeCode.c_str());
- updateLegacyXML = true;
- }
- }
- }
- }
- }
+ XMP_StringPtr p2NS = p2Clip->GetP2RootNode()->ns.c_str();
+ XML_NodePtr legacyVideoContext = p2Clip->GetEssenceListNode();
+ if (legacyVideoContext != 0)
+ {
+ legacyVideoContext = legacyVideoContext->GetNamedElement(p2NS, "Video");
+ XML_NodePtr legacyProp = legacyVideoContext->GetNamedElement(p2NS, "StartTimecode");
+ if ((legacyProp != 0) && legacyProp->IsLeafContentNode())
+ {
+ AdjustTimeCode( xmpStartTimeCode, true );
+ if (xmpStartTimeCode != legacyProp->GetLeafContentValue())
+ {
+ legacyProp->SetLeafContentValue(xmpStartTimeCode.c_str());
+ updateLegacyXML = true;
+ }
+ }
+ }
+ }
+ }
+ }
std::string newDigest;
this->p2ClipManager.GetManagedClip()->CreateDigest ( &newDigest );
diff --git a/XMPFiles/source/FileHandlers/PSD_Handler.cpp b/XMPFiles/source/FileHandlers/PSD_Handler.cpp
index e910073..e17a65a 100644
--- a/XMPFiles/source/FileHandlers/PSD_Handler.cpp
+++ b/XMPFiles/source/FileHandlers/PSD_Handler.cpp
@@ -142,7 +142,13 @@ void PSD_MetaHandler::CacheFileData()
cmLen = GetUns32BE ( &psdHeader[26] );
- XMP_Int64 psirOrigin = 26 + 4 + cmLen;
+ XMP_Int64 psirOrigin = 26 + 4 + static_cast<XMP_Int64>(cmLen);
+ XMP_Int64 fileLength = fileRef->Length();
+
+ if (psirOrigin > fileLength)
+ {
+ XMP_Throw("Invalid PSD chunk length", kXMPErr_BadPSD);
+ }
filePos = fileRef->Seek ( psirOrigin, kXMP_SeekFromStart );
if ( filePos != psirOrigin ) return; // Throw?
@@ -153,7 +159,9 @@ void PSD_MetaHandler::CacheFileData()
this->psirMgr.ParseFileResources ( fileRef, psirLen );
PSIR_Manager::ImgRsrcInfo xmpInfo;
- bool found = this->psirMgr.GetImgRsrc ( kPSIR_XMP, &xmpInfo );
+ bool found = this->psirMgr.GetImgRsrc(kPSIR_XMP, &xmpInfo);
+ if (psirLen < xmpInfo.dataLen)
+ return;
if ( found ) {
@@ -427,4 +435,4 @@ void PSD_MetaHandler::WriteTempFile ( XMP_IO* tempRef )
} // PSD_MetaHandler::WriteTempFile
-// =================================================================================================
+// ================================================================================================= \ No newline at end of file
diff --git a/XMPFiles/source/FileHandlers/SWF_Handler.cpp b/XMPFiles/source/FileHandlers/SWF_Handler.cpp
index 9a7443f..8ca52de 100644
--- a/XMPFiles/source/FileHandlers/SWF_Handler.cpp
+++ b/XMPFiles/source/FileHandlers/SWF_Handler.cpp
@@ -141,6 +141,7 @@ void SWF_MetaHandler::CacheFileData() {
// Look for the FileAttributes and Metadata tags.
+ if(this->expandedSize <= SWF_IO::HeaderPrefixSize ) return; // Throw?
this->firstTagOffset = SWF_IO::FileHeaderSize ( this->expandedSWF[SWF_IO::HeaderPrefixSize] );
XMP_Uns32 currOffset = this->firstTagOffset;
@@ -237,6 +238,9 @@ void SWF_MetaHandler::UpdateFile ( bool doSafeUpdate )
PutUns16LE ( ((SWF_IO::FileAttributesTagID << 6) | 4), &buffer[0] );
PutUns32LE ( SWF_IO::HasMetadataMask, &buffer[2] );
+ if(this->expandedSWF.size() < this->firstTagOffset ){
+ XMP_Throw ( "Index not valid.Invalid SWF, can't update.", kXMPErr_BadIndex );
+ }
this->expandedSWF.insert ( (this->expandedSWF.begin() + this->firstTagOffset), 6, 0 );
memcpy ( &this->expandedSWF[this->firstTagOffset], &buffer[0], 6 );
@@ -270,6 +274,9 @@ void SWF_MetaHandler::UpdateFile ( bool doSafeUpdate )
this->metadataTag.tagOffset += attrTagLength; // The FileAttributes tag will become in front.
}
+ if(this->expandedSWF.size() < this->firstTagOffset ){
+ XMP_Throw ( "Index not valid.Invalid SWF, can't update.", kXMPErr_BadIndex );
+ }
this->expandedSWF.insert ( (this->expandedSWF.begin() + this->firstTagOffset), attrTagLength, 0 );
memcpy ( &this->expandedSWF[this->firstTagOffset], &attrTag[0], attrTagLength );
@@ -300,6 +307,9 @@ void SWF_MetaHandler::UpdateFile ( bool doSafeUpdate )
this->metadataTag.contentLength = (XMP_Uns32)this->xmpPacket.size();
XMP_Uns32 newMetaLength = 6 + this->metadataTag.contentLength; // Always use a long tag header.
+ if(this->expandedSWF.size() < this->metadataTag.tagOffset ){
+ XMP_Throw ( "Index not valid.Invalid SWF, can't update.", kXMPErr_BadIndex );
+ }
this->expandedSWF.insert ( (this->expandedSWF.begin() + this->metadataTag.tagOffset), newMetaLength, 0 );
PutUns16LE ( ((SWF_IO::MetadataTagID << 6) | SWF_IO::TagLengthMask), &this->expandedSWF[this->metadataTag.tagOffset] );
diff --git a/XMPFiles/source/FileHandlers/TIFF_Handler.cpp b/XMPFiles/source/FileHandlers/TIFF_Handler.cpp
index 98b3e65..bea3a8c 100644
--- a/XMPFiles/source/FileHandlers/TIFF_Handler.cpp
+++ b/XMPFiles/source/FileHandlers/TIFF_Handler.cpp
@@ -238,7 +238,7 @@ void TIFF_MetaHandler::ProcessXMP()
iptcDigestState = PhotoDataUtils::CheckIPTCDigest ( iptcInfo.dataPtr, iptcInfo.dataLen, digestInfo.dataPtr );
- if ( (iptcDigestState == kDigestDiffers) && (kTIFF_TypeSizes[iptcInfo.type] > 1) ) {
+ if ( (iptcDigestState == kDigestDiffers) && (kTIFF_TypeSizes[iptcInfo.type] > 1) && iptcInfo.dataLen > 0) {
XMP_Uns8 * endPtr = (XMP_Uns8*)iptcInfo.dataPtr + iptcInfo.dataLen - 1;
XMP_Uns8 * minPtr = endPtr - kTIFF_TypeSizes[iptcInfo.type] + 1;
while ( (endPtr >= minPtr) && (*endPtr == 0) ) --endPtr;
diff --git a/XMPFiles/source/FileHandlers/UCF_Handler.cpp b/XMPFiles/source/FileHandlers/UCF_Handler.cpp
index 8063ed8..ee03e24 100644
--- a/XMPFiles/source/FileHandlers/UCF_Handler.cpp
+++ b/XMPFiles/source/FileHandlers/UCF_Handler.cpp
@@ -490,6 +490,9 @@ void UCF_MetaHandler::CacheFileData()
}
have = CHUNK - strm.avail_out;
+ if ((bytesWritten + have) > sizeUncompressed){
+ XMP_Throw("UCF Bad XMP block", kXMPErr_BadBlockFormat);
+ }
memcpy( (unsigned char*) packetStr + bytesWritten , out , have );
bytesWritten += have;
@@ -551,7 +554,6 @@ void UCF_MetaHandler::UpdateFile ( bool doSafeUpdate )
uncomprPacketLen = (XMP_StringLen) xmpPacket.size();
finalPacketStr = uncomprPacketStr; // will be overriden if compressedXMP==true
finalPacketLen = uncomprPacketLen;
- std::string compressedPacket; // moot if non-compressed, still here for scope reasons (having to keep a .c_str() alive)
if ( !x ) // if new XMP...
{
@@ -588,6 +590,9 @@ void UCF_MetaHandler::UpdateFile ( bool doSafeUpdate )
unsigned int have;
z_stream strm;
unsigned char out[CHUNK];
+ /* initilalisation for fix to CTECHXMP-4170441*/
+ strm.total_out = 0;
+ strm.total_in = 0;
/* allocate deflate state */
strm.zalloc = Z_NULL; strm.zfree = Z_NULL; strm.opaque = Z_NULL;
diff --git a/XMPFiles/source/FileHandlers/UCF_Handler.hpp b/XMPFiles/source/FileHandlers/UCF_Handler.hpp
index 54a1a11..0177112 100644
--- a/XMPFiles/source/FileHandlers/UCF_Handler.hpp
+++ b/XMPFiles/source/FileHandlers/UCF_Handler.hpp
@@ -711,6 +711,7 @@ private:
XMP_StringLen uncomprPacketLen;
XMP_StringPtr finalPacketStr;
XMP_StringLen finalPacketLen;
+ std::string compressedPacket;
std::vector<CDFileHeader> cdEntries;
EndOfCD endOfCD;
void writeOut( XMP_IO* sourceFile, XMP_IO* targetFile, bool isRewrite, bool isInPlace);
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-21 21:52:27 +0000