From 762cbe96aada224ff1166d5547cbf6d8bc75527d Mon Sep 17 00:00:00 2001
From: Helmut Pozimski <helmut@pozimski.eu>
Date: Sat, 1 Apr 2017 08:02:08 +0200
Subject: [PATCH] jhead: add CVE-2016-3822.patch

fixes CVE-2016-3822, patch origin:
https://android.googlesource.com/platform/external/jhead/+/bae671597d47b9e5955c4cb742e468cebfd7ca6b
---
 srcpkgs/jhead/patches/CVE-2016-3822.patch | 19 +++++++++++++++++++
 srcpkgs/jhead/template                    |  2 +-
 2 files changed, 20 insertions(+), 1 deletion(-)
 create mode 100644 srcpkgs/jhead/patches/CVE-2016-3822.patch

diff --git a/srcpkgs/jhead/patches/CVE-2016-3822.patch b/srcpkgs/jhead/patches/CVE-2016-3822.patch
new file mode 100644
index 00000000000..f016b82404f
--- /dev/null
+++ b/srcpkgs/jhead/patches/CVE-2016-3822.patch
@@ -0,0 +1,19 @@
+--- exif.c
++++ exif.c
+@@ -9,6 +9,7 @@
+ #include "jhead.h"
+ 
+ #include <math.h>
++#include <stdint.h>
+ 
+ static unsigned char * DirWithThumbnailPtrs;
+ static double FocalplaneXRes;
+@@ -527,7 +528,7 @@
+             unsigned OffsetVal;
+             OffsetVal = Get32u(DirEntry+8);
+             // If its bigger than 4 bytes, the dir entry contains an offset.
+-            if (OffsetVal+ByteCount > ExifLength){
++            if (OffsetVal > UINT32_MAX - ByteCount || OffsetVal+ByteCount > ExifLength){
+                 // Bogus pointer offset and / or bytecount value
+                 ErrNonfatal("Illegal value pointer for tag %04x in Exif", Tag,0);
+                 continue;
diff --git a/srcpkgs/jhead/template b/srcpkgs/jhead/template
index 9eee13acc55..c7d5794bece 100644
--- a/srcpkgs/jhead/template
+++ b/srcpkgs/jhead/template
@@ -1,7 +1,7 @@
 # Template file for 'jhead'
 pkgname=jhead
 version=3.00
-revision=2
+revision=3
 build_style=gnu-makefile
 short_desc="Display and manipulate EXIF header of JPEG images"
 maintainer="Oliver Kiddle <okiddle@yahoo.co.uk>"