diff -r -U3 LibRaw-0.17.1.orig/dcraw/dcraw.c LibRaw-0.17.1/dcraw/dcraw.c --- LibRaw-0.17.1.orig/dcraw/dcraw.c 2015-05-24 21:30:26.000000000 -0500 +++ LibRaw-0.17.1/dcraw/dcraw.c 2015-12-01 07:47:00.086513959 -0600 @@ -2901,6 +2901,10 @@ diff = diff ? -diff : 0x80; if (ftell(ifp) + 12 >= seg[1][1]) diff = 0; +#ifdef LIBRAW_LIBRARY_BUILD + if(pix>=raw_width*raw_height) + throw LIBRAW_EXCEPTION_IO_CORRUPT; +#endif raw_image[pix] = pred[pix & 1] += diff; if (!(pix & 1) && HOLE(pix / raw_width)) pix += 2; } --- LibRaw-0.16.2/internal/dcraw_common.cpp~ 2015-05-16 12:23:39.000000000 -0500 +++ LibRaw-0.16.2/internal/dcraw_common.cpp 2015-12-01 08:49:33.201430217 -0600 @@ -2814,6 +2814,10 @@ diff = diff ? -diff : 0x80; if (ftell(ifp) + 12 >= seg[1][1]) diff = 0; +#ifdef LIBRAW_LIBRARY_BUILD + if(pix>=raw_width*raw_height) + throw LIBRAW_EXCEPTION_IO_CORRUPT; +#endif raw_image[pix] = pred[pix & 1] += diff; if (!(pix & 1) && HOLE(pix / raw_width)) pix += 2; } --- LibRaw-0.16.2/src/libraw_cxx.cpp~ 2015-05-16 07:32:15.000000000 -0500 +++ LibRaw-0.16.2/src/libraw_cxx.cpp 2015-12-01 08:54:53.025423081 -0600 @@ -1246,6 +1246,7 @@ if(!imgdata.rawdata.raw_image && !imgdata.rawdata.color4_image && !imgdata.rawdata.color3_image) //RawSpeed failed! { // Not allocated on RawSpeed call, try call LibRaw + int zero_rawimage = 0; if(decoder_info.decoder_flags & LIBRAW_DECODER_OWNALLOC) { // x3f foveon decoder @@ -1268,6 +1269,8 @@ // allocate image as temporary buffer, size imgdata.rawdata.raw_alloc = 0; imgdata.image = (ushort (*)[4]) calloc(S.iwidth*S.iheight,sizeof(*imgdata.image)); + imgdata.rawdata.raw_image = (ushort*) imgdata.image ; + zero_rawimage = 1; } ID.input->seek(libraw_internal_data.unpacker_data.data_offset, SEEK_SET); @@ -1275,6 +1278,8 @@ if(load_raw == &LibRaw::unpacked_load_raw && !strcasecmp(imgdata.idata.make,"Nikon")) C.maximum=65535; (this->*load_raw)(); + if(zero_rawimage) + imgdata.rawdata.raw_image = 0; if(load_raw == &LibRaw::unpacked_load_raw && !strcasecmp(imgdata.idata.make,"Nikon")) C.maximum = m_save; if(decoder_info.decoder_flags & LIBRAW_DECODER_OWNALLOC)