1 files changed, 42 insertions, 0 deletions
diff --git a/media-libs/exempi/files/exempi-2.4.5-CVE-2018-12648.patch b/media-libs/exempi/files/exempi-2.4.5-CVE-2018-12648.patch
new file mode 100644
index 000000000000..36f0d0734350
--- /dev/null
+++ b/media-libs/exempi/files/exempi-2.4.5-CVE-2018-12648.patch
@@ -0,0 +1,42 @@
+From 8ed2f034705fd2d032c81383eee8208fd4eee0ac Mon Sep 17 00:00:00 2001
+From: Victor Rodriguez <victor.rodriguez.bahena@intel.com>
+Date: Sat, 18 Aug 2018 13:54:55 +0000
+Subject: [PATCH] Issue #9 - Fix null-pointer-dereference (CVE-2018-12648)
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+The WEBP::GetLE32 function in
+XMPFiles/source/FormatSupport/WEBP_Support.hpp in Exempi 2.4.5 has a
+NULL pointer dereference.
+
+https://bugs.freedesktop.org/show_bug.cgi?id=106981
+https://gitlab.freedesktop.org/libopenraw/exempi/issues/9
+
+Signed-off-by: Victor Rodriguez <victor.rodriguez.bahena@intel.com>
+Signed-off-by: Hubert FiguiÃ¨re <hub@figuiere.net>
+---
+ XMPFiles/source/FormatSupport/WEBP_Support.cpp | 8 +++++---
+ 1 file changed, 5 insertions(+), 3 deletions(-)
+
+diff --git a/XMPFiles/source/FormatSupport/WEBP_Support.cpp b/XMPFiles/source/FormatSupport/WEBP_Support.cpp
+index ffaf220..4fe705b 100644
+--- a/XMPFiles/source/FormatSupport/WEBP_Support.cpp
++++ b/XMPFiles/source/FormatSupport/WEBP_Support.cpp
+@@ -160,9 +160,11 @@ bool VP8XChunk::xmp()
+ }
+ void VP8XChunk::xmp(bool hasXMP)
+ {
+-    XMP_Uns32 flags = GetLE32(&this->data[0]);
+-    flags ^= (-hasXMP ^ flags) & (1 << XMP_FLAG_BIT);
+-    PutLE32(&this->data[0], flags);
++    if (&this->data[0] != NULL) {
++        XMP_Uns32 flags = GetLE32(&this->data[0]);
++        flags ^= (-hasXMP ^ flags) & (1 << XMP_FLAG_BIT);
++        PutLE32(&this->data[0], flags);
++    }
+ }
+ 
+ Container::Container(WEBP_MetaHandler* handler) : Chunk(NULL, handler)
+-- 
+2.18.0