1 files changed, 27 insertions, 0 deletions

diff --git a/media-gfx/exiv2/files/exiv2-0.24-CVE-2014-9449.patch b/media-gfx/exiv2/files/exiv2-0.24-CVE-2014-9449.patch
new file mode 100644
index 000000000000..cf1b46fbf69c
--- /dev/null
+++ b/media-gfx/exiv2/files/exiv2-0.24-CVE-2014-9449.patch
@@ -0,0 +1,27 @@
+diff -up exiv2-0.24/src/riffvideo.cpp.CVE-2014-9449 exiv2-0.24/src/riffvideo.cpp
+--- exiv2-0.24/src/riffvideo.cpp.CVE-2014-9449	2013-12-01 06:13:42.000000000 -0600
++++ exiv2-0.24/src/riffvideo.cpp	2015-01-05 11:21:42.306728309 -0600
+@@ -856,7 +856,7 @@ namespace Exiv2 {
+ 
+     void RiffVideo::infoTagsHandler()
+     {
+-        const long bufMinSize = 100;
++        const long bufMinSize = 10000;
+         DataBuf buf(bufMinSize);
+         buf.pData_[4] = '\0';
+         io_->seek(-12, BasicIo::cur);
+@@ -879,10 +879,14 @@ namespace Exiv2 {
+             if(infoSize >= 0) {
+                 size -= infoSize;
+                 io_->read(buf.pData_, infoSize);
++                if(infoSize < 4)
++                    buf.pData_[infoSize] = '\0';
+             }
+ 
+             if(tv)
+                 xmpData_[exvGettext(tv->label_)] = buf.pData_;
++            else
++                continue;
+         }
+         io_->seek(cur_pos + size_external, BasicIo::beg);
+     } // RiffVideo::infoTagsHandler