From 8be013493f07cee8f1e3459c1d530b151e57e99b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Luis=20D=C3=ADaz=20M=C3=A1s?= <piponazo@gmail.com>
Date: Mon, 4 Apr 2022 11:36:18 +0200
Subject: [PATCH 1/2] Detect integer-overflow and throw in that case

---
 src/exif.cpp | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/exif.cpp b/src/exif.cpp
index 47330e1a27..70293f14cc 100644
--- a/src/exif.cpp
+++ b/src/exif.cpp
@@ -35,6 +35,7 @@
 #include "types.hpp"
 #include "error.hpp"
 #include "basicio.hpp"
+#include "safe_op.hpp"
 #include "tiffimage.hpp"
 #include "tiffimage_int.hpp"
 #include "tiffcomposite_int.hpp" // for Tag::root
@@ -964,7 +965,7 @@ namespace {
     {
         long sum = 0;
         for (long i = 0; i < md.count(); ++i) {
-            sum += md.toLong(i);
+            sum = Safe::add(sum, md.toLong(i));
         }
         return sum;
     }

From f54868102449292fe13ad3b42f36d3303242da50 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Luis=20D=C3=ADaz=20M=C3=A1s?= <piponazo@gmail.com>
Date: Mon, 4 Apr 2022 11:37:36 +0200
Subject: [PATCH 2/2] Add POC file for issue 2190

---
 test/data/issue_2190_poc.jp2 | Bin 0 -> 2679 bytes
 1 file changed, 0 insertions(+), 0 deletions(-)
 create mode 100644 test/data/issue_2190_poc.jp2

diff --git a/test/data/issue_2190_poc.jp2 b/test/data/issue_2190_poc.jp2
new file mode 100644
index 0000000000000000000000000000000000000000..3d4e94eebbba34fe0540552e61a42fe2d5260b64
GIT binary patch
literal 2679
zcmZQzVBpCLP*C9IYUg5LVBp9qFv?(H;7Tqn%}ntsNDs+OOLMKrOw+aV3NTXm4}^FD
zPyrql_~d}bB6Py+L5Lu1#Snv-iXn{9fx!Z)1$l~r!Pl2T3+QWJuo4Cog^c_ROh73G
zAU1$F?f?J({yveu0inTQg+MOcQZO4tAcR0_kolmXIcA~&G>;L887?A8!@LU$UsMCY
z77<H;Y=b(G!P8Sgfsp~I6NI6rg5-e!BtQoE4|Fuh;rOs1K68OqYcMddK#hooD<$7a
za3g>W{N4ij8wij!3=%e8M-4^?4{W$WB5@Fg3wcf=PZt%V;P7FHVYp~2S_Lu+Z)%6z
z1r8OgO7Ujm0S`>L2T&LwH{$~+ibn<q7#u*44$}A{G71=h4JSxl#zLeHgt9^Fe_BKd
GRx<(9_|Y!_

literal 0
HcmV?d00001