From b81110a7c1af85ec62aa01f9a0ed328e405904d8 Mon Sep 17 00:00:00 2001
From: Packit Bot <centos-stream-packit@redhat.com>
Date: May 05 2021 22:16:38 +0000
Subject: Apply patch exiv2-CVE-2021-29473.patch


patch_name: exiv2-CVE-2021-29473.patch
present_in_specfile: true
location_in_specfile: 5

---

diff --git a/src/jp2image.cpp b/src/jp2image.cpp
index 475439d..73a689e 100644
--- a/src/jp2image.cpp
+++ b/src/jp2image.cpp
@@ -904,6 +904,7 @@ static void boxes_check(size_t b,size_t m)
 
                 case kJp2BoxTypeUuid:
                 {
+                    enforce(boxBuf.size_ >= 24, Exiv2::kerCorruptedMetadata);
                     if(memcmp(boxBuf.pData_ + 8, kJp2UuidExif, 16) == 0)
                     {
 #ifdef EXIV2_DEBUG_MESSAGES