From a3d59a864a661ad30cc8193aab2a5515c385cbc6 Mon Sep 17 00:00:00 2001
From: heckflosse <heckflosse67@gmx.de>
Date: Fri, 8 Dec 2017 20:40:03 +0100
Subject: [PATCH] heap-buffer-overflow, fixes #4217

---
 rtexif/rtexif.cc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/rtexif/rtexif.cc b/rtexif/rtexif.cc
index bc0e2002f..d44515f6a 100644
--- a/rtexif/rtexif.cc
+++ b/rtexif/rtexif.cc
@@ -1671,7 +1671,7 @@ void Tag::toString (char* buffer, int ofs)
 
     strcpy (buffer, "");
 
-    for (size_t i = 0; i < maxcount; i++) {
+    for (size_t i = 0; i < std::min(maxcount, static_cast<size_t>(valuesize - ofs)); i++) {
         if (i > 0) {
             strcat (buffer, ", ");
         }