Tom spot Callaway
4 years ago
commit
2b2f65c726
@ -0,0 +1,28 @@
|
|||||||
|
diff -up Image-ExifTool-12.16/lib/Image/ExifTool/DjVu.pm.CVE-2021-22204 Image-ExifTool-12.16/lib/Image/ExifTool/DjVu.pm
|
||||||
|
--- Image-ExifTool-12.16/lib/Image/ExifTool/DjVu.pm.CVE-2021-22204 2021-04-26 11:06:57.868813858 -0400
|
||||||
|
+++ Image-ExifTool-12.16/lib/Image/ExifTool/DjVu.pm 2021-04-26 11:07:46.734614214 -0400
|
||||||
|
@@ -18,7 +18,7 @@ use strict;
|
||||||
|
use vars qw($VERSION);
|
||||||
|
use Image::ExifTool qw(:DataAccess :Utils);
|
||||||
|
|
||||||
|
-$VERSION = '1.06';
|
||||||
|
+$VERSION = '1.07';
|
||||||
|
|
||||||
|
sub ParseAnt($);
|
||||||
|
sub ProcessAnt($$$);
|
||||||
|
@@ -227,10 +227,11 @@ Tok: for (;;) {
|
||||||
|
last unless $tok =~ /(\\+)$/ and length($1) & 0x01;
|
||||||
|
$tok .= '"'; # quote is part of the string
|
||||||
|
}
|
||||||
|
- # must protect unescaped "$" and "@" symbols, and "\" at end of string
|
||||||
|
- $tok =~ s{\\(.)|([\$\@]|\\$)}{'\\'.($2 || $1)}sge;
|
||||||
|
- # convert C escape sequences (allowed in quoted text)
|
||||||
|
- $tok = eval qq{"$tok"};
|
||||||
|
+ # convert C escape sequences, allowed in quoted text
|
||||||
|
+ # (note: this only converts a few of them!)
|
||||||
|
+ my %esc = ( a => "\a", b => "\b", f => "\f", n => "\n",
|
||||||
|
+ r => "\r", t => "\t", '"' => '"', '\\' => '\\' );
|
||||||
|
+ $tok =~ s/\\(.)/$esc{$1}||'\\'.$1/egs;
|
||||||
|
} else { # key name
|
||||||
|
pos($$dataPt) = pos($$dataPt) - 1;
|
||||||
|
# allow anything in key but whitespace, braces and double quotes
|
||||||
@ -1 +1 @@
|
|||||||
SHA512 (Image-ExifTool-12.00.tar.gz) = 458a0cbab18202f796645656ba431b5179b79392d91064f7c4d6d3cab60a28b1cd0a45e6ea1d0ba9296b7ccd00088e320e95f020fddfc4a41e22c00d2e9d1c1d
|
SHA512 (Image-ExifTool-12.16.tar.gz) = adfd21834ccf06277903712b3c5e328b29c56f3b30ee68f6802dca0820823b627622e55f53238690525d1d19df2a59cb57f9d80a1bb2e99da37fb7d963ee16ee
|
||||||
|
|||||||
Loading…
Reference in new issue