1 files changed, 0 insertions, 239 deletions

diff --git a/user/exiv2/CVE-2018-19535.patch b/user/exiv2/CVE-2018-19535.patch
deleted file mode 100644
index ba9355012..000000000
--- a/user/exiv2/CVE-2018-19535.patch
+++ /dev/null
@@ -1,239 +0,0 @@
-From 03173751b4d7053d6ddf52a15904e8f751f78f56 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Luis=20D=C3=ADaz=20M=C3=A1s?= <piponazo@gmail.com>
-Date: Sun, 2 Sep 2018 14:39:52 +0200
-Subject: [PATCH 2/5] Fix bug in PngChunk::readRawProfile
-
-- Now it takes into account text.size_ when searching for a newline
-char.
----
- src/pngchunk.cpp | 12 ++++++++++--
- 1 file changed, 10 insertions(+), 2 deletions(-)
-
-diff --git a/src/pngchunk.cpp b/src/pngchunk.cpp
-index 58281b3ff..755872c94 100644
---- a/src/pngchunk.cpp
-+++ b/src/pngchunk.cpp
-@@ -629,11 +629,19 @@ namespace Exiv2 {
- 
- 
-         sp = (char*)text.pData_+1;
-+        int pointerPos = 1;
- 
-         // Look for newline
--
--        while (*sp != '\n')
-+        while (*sp != '\n' && pointerPos < (text.size_ - 1))
-+        {
-             sp++;
-+            pointerPos++;
-+        }
-+
-+        if (pointerPos == (text.size_ - 1))
-+        {
-+            return DataBuf();
-+        }
- 
-         // Look for length
- 
-
-From cf3ba049a2792ec2a4a877e343f5dd9654da53dc Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Luis=20D=C3=ADaz=20M=C3=A1s?= <piponazo@gmail.com>
-Date: Mon, 3 Sep 2018 08:51:08 +0200
-Subject: [PATCH 3/5] Fix more issues in PngChunk::readRawProfile
-
----
- src/pngchunk.cpp | 36 +++++++++++++-----------
- 1 file changed, 20 insertions(+), 16 deletions(-)
-
-diff --git a/src/pngchunk.cpp b/src/pngchunk.cpp
-index 755872c94..9b3faf1aa 100644
---- a/src/pngchunk.cpp
-+++ b/src/pngchunk.cpp
-@@ -606,11 +606,6 @@ namespace Exiv2 {
-     DataBuf PngChunk::readRawProfile(const DataBuf& text,bool iTXt)
-     {
-         DataBuf                 info;
--        register long           i;
--        register unsigned char *dp;
--        const char             *sp;
--        unsigned int            nibbles;
--        long                    length;
-         unsigned char           unhex[103]={0,0,0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0,0,0,
-                                             0,0,0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0,0,0,
-                                             0,0,0,0,0,0,0,0,0,1, 2,3,4,5,6,7,8,9,0,0,
-@@ -627,8 +622,7 @@ namespace Exiv2 {
-             return  info;
-         }
- 
--
--        sp = (char*)text.pData_+1;
-+        const char *sp = (char*)text.pData_+1;
-         int pointerPos = 1;
- 
-         // Look for newline
-@@ -638,20 +632,30 @@ namespace Exiv2 {
-             pointerPos++;
-         }
- 
-+        // Look for length
-+        while ((*sp == '\0' || *sp == ' ' || *sp == '\n') && pointerPos < (text.size_ - 1))
-+        {
-+            sp++;
-+            pointerPos++;
-+        }
-+
-         if (pointerPos == (text.size_ - 1))
-         {
-             return DataBuf();
-         }
- 
--        // Look for length
-+        long length = (long) atol(sp);
- 
--        while (*sp == '\0' || *sp == ' ' || *sp == '\n')
-+        while (*sp != ' ' && *sp != '\n' && pointerPos < (text.size_ - 1))
-+        {
-             sp++;
-+            pointerPos++;
-+        }
- 
--        length = (long) atol(sp);
--
--        while (*sp != ' ' && *sp != '\n')
--            sp++;
-+        if (pointerPos == (text.size_ - 1))
-+        {
-+            return DataBuf();
-+        }
- 
-         // Allocate space
- 
-@@ -674,10 +678,10 @@ namespace Exiv2 {
- 
-         // Copy profile, skipping white space and column 1 "=" signs
- 
--        dp      = (unsigned char*)info.pData_;
--        nibbles = length * 2;
-+        unsigned char *dp = (unsigned char*)info.pData_;
-+        unsigned int nibbles = length * 2;
- 
--        for (i = 0; i < (long) nibbles; i++)
-+        for (long i = 0; i < (long) nibbles; i++)
-         {
-             while (*sp < '0' || (*sp > '9' && *sp < 'a') || *sp > 'f')
-             {
-
-From 8b480bc5b2cc2abb8cf6fe4e16c24e58916464d2 Mon Sep 17 00:00:00 2001
-From: Robin Mills <robin@clanmills.com>
-Date: Mon, 10 Sep 2018 20:54:53 +0200
-Subject: [PATCH 4/5] Fixes in PngChunk::readRawProfile
-
----
- src/pngchunk.cpp | 55 ++++++++++++++++++++++----------------------
- 1 file changed, 27 insertions(+), 28 deletions(-)
-
-diff --git a/src/pngchunk.cpp b/src/pngchunk.cpp
-index 9b3faf1aa..f81b560aa 100644
---- a/src/pngchunk.cpp
-+++ b/src/pngchunk.cpp
-@@ -607,11 +607,11 @@ namespace Exiv2 {
-     {
-         DataBuf                 info;
-         unsigned char           unhex[103]={0,0,0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0,0,0,
--                                            0,0,0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0,0,0,
--                                            0,0,0,0,0,0,0,0,0,1, 2,3,4,5,6,7,8,9,0,0,
--                                            0,0,0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0,0,0,
--                                            0,0,0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,10,11,12,
--                                            13,14,15};
-+            0,0,0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0,0,0,
-+            0,0,0,0,0,0,0,0,0,1, 2,3,4,5,6,7,8,9,0,0,
-+            0,0,0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0,0,0,
-+            0,0,0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,10,11,12,
-+            13,14,15};
-         if (text.size_ == 0) {
-             return DataBuf();
-         }
-@@ -622,52 +622,51 @@ namespace Exiv2 {
-             return  info;
-         }
- 
--        const char *sp = (char*)text.pData_+1;
--        int pointerPos = 1;
-+        const char *sp  = (char*) text.pData_+1;          // current byte (space pointer)
-+        const char *eot = (char*) text.pData_+text.size_; // end of text
- 
-         // Look for newline
--        while (*sp != '\n' && pointerPos < (text.size_ - 1))
-+        while (*sp != '\n' && sp < eot )
-         {
-             sp++;
--            pointerPos++;
-+            if ( sp == eot )
-+            {
-+                return DataBuf();
-+            }
-         }
-+        sp++ ; // step over '\n'
- 
-         // Look for length
--        while ((*sp == '\0' || *sp == ' ' || *sp == '\n') && pointerPos < (text.size_ - 1))
-+        while ( (*sp == '\0' || *sp == ' ' || *sp == '\n') && sp < eot )
-         {
-             sp++;
--            pointerPos++;
--        }
--
--        if (pointerPos == (text.size_ - 1))
--        {
--            return DataBuf();
-+            if (sp == eot )
-+            {
-+                return DataBuf();
-+            }
-         }
- 
--        long length = (long) atol(sp);
--
--        while (*sp != ' ' && *sp != '\n' && pointerPos < (text.size_ - 1))
-+        const char* startOfLength = sp;
-+        while ( ('0' <= *sp && *sp <= '9') && sp < eot)
-         {
-             sp++;
--            pointerPos++;
-+            if (sp == eot )
-+            {
-+                return DataBuf();
-+            }
-         }
-+        sp++ ; // step over '\n'
- 
--        if (pointerPos == (text.size_ - 1))
--        {
--            return DataBuf();
--        }
-+        long length = (long) atol(startOfLength);
- 
-         // Allocate space
--
-         if (length == 0)
-         {
- #ifdef DEBUG
-             std::cerr << "Exiv2::PngChunk::readRawProfile: Unable To Copy Raw Profile: invalid profile length\n";
- #endif
-         }
--
-         info.alloc(length);
--
-         if (info.size_ != length)
-         {
- #ifdef DEBUG
-@@ -678,7 +677,7 @@ namespace Exiv2 {
- 
-         // Copy profile, skipping white space and column 1 "=" signs
- 
--        unsigned char *dp = (unsigned char*)info.pData_;
-+        unsigned char *dp = (unsigned char*)info.pData_; // decode pointer
-         unsigned int nibbles = length * 2;
- 
-         for (long i = 0; i < (long) nibbles; i++)
-