From: Ilia Alshanetsky <iliaa@php.net>
Date: Tue, 8 Apr 2003 00:18:57 +0000 (+0000)
Subject: Fixed bug #23102 (integer overflow in exif_iif_add_value()).
X-Git-Tag: RELEASE_0_5~100
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=b2e521a17875d3592c168c89fd3d9ba31978cd95;p=php

Fixed bug #23102 (integer overflow in exif_iif_add_value()).
---

diff --git a/ext/exif/exif.c b/ext/exif/exif.c
index 409f085588..f89670e9af 100644
--- a/ext/exif/exif.c
+++ b/ext/exif/exif.c
@@ -1529,6 +1529,10 @@ static void exif_iif_add_value(image_info_type *image_info, int section_index, c
 	image_info_data  *info_data;
 	image_info_data  *list;
 
+	if (length >= LONG_MAX) {
+		return;
+	}
+
 	list = erealloc(image_info->info_list[section_index].list, (image_info->info_list[section_index].count+1)*sizeof(image_info_data));
 	image_info->info_list[section_index].list = list;