From db527f446f33a7717205a6afba60f669d17ecf7f Mon Sep 17 00:00:00 2001
From: Kevin Backhouse <kevinbackhouse@github.com>
Date: Mon, 2 Aug 2021 17:12:13 +0100
Subject: [PATCH 1/3] Regression test for
 https://github.com/Exiv2/exiv2/issues/1827

---
 test/data/issue_1827_poc.crw             | Bin 0 -> 10078 bytes
 tests/bugfixes/github/test_issue_1827.py |  17 +++++++++++++++++
 2 files changed, 17 insertions(+)
 create mode 100644 test/data/issue_1827_poc.crw
 create mode 100644 tests/bugfixes/github/test_issue_1827.py

diff --git a/test/data/issue_1827_poc.crw b/test/data/issue_1827_poc.crw
new file mode 100644
index 0000000000000000000000000000000000000000..eafb76235397e63c04b7f0f196e464cf1c421ebb
GIT binary patch
literal 10078
zcmeHsc{r6__wc^YaSX>i98(CHhaxk{ka?bk$e1aTA)zv+5;BWY$jl)!Bq_<1A(44X
zC7}?J3g`UpbLtu2=Y5{{cU|9iecvDNTG!t9T6^ui*IxVH_ulK?OIMd20HC9(W^&|+
zh8ax$3ivVnB!~eNq@?7eC<<~iax?`6B{efGH5C;#2P1}#nTK;9FAoRVUOr)IF+M>_
zL9V^x%Hoo;a*B$Iydo+Zhvn6!<P>Bf3JMA;G!+vS6%#EQjizO1N2A%<joArc{C6Pm
zQ;2T?^yJ_y$VEat06`BS=^=a@ln(%ef{5_Th#>@$1Vu{rg#t}U2M`bvi6B9uP$VR9
z&GWAiNI*i5V&IWfBV{yoBI7;HbTBeGk9?nc^%IQQz$ZQ_Xa6V)G&2h;8#}*%ppdYL
zw2Z8ryn^Bp4NWa=9bG+h3rj2Oqc*lKu5KsXJv_Yv0)x&3pA89(j=30n>GGAhl+?8J
zjLhp<+4*-03X6(MO3P~Q)z;NF+;4o)`n0XRqqFN-_u$K+;gQj?@rl=O-p;+7f4{J}
zw6^|vWAn?_*Kgk;fc#+&od2-sr#<AbJ@l|W2oe$`2^q@Y1we>kI3ejtP&|^P3~Hui
zPNx}p4@QzRsVC=EKcUzsW%dc<>_32J=97NSzeX^LXwg3z)JQbw!{1v}`PUZxYS1tC
z0Q>}?LPGEhL(&5kkjI3as1@g)n4NR97Qdo-qe=FbUC2JSUX5E}Yo^lv(fy|q4yb4C
z5e+82uC}3)&f?78wHLf+BP*2s=wrirh6I;ZRf6#`cT3Zar&AD2FFs8rYWm=mNOU99
z3eO7CfTdb~M`R=QVvG<+s!iYWTtcb%-WyUuK8Aslq^TMHN@pq$&**Nlad{_csI(S0
zR^H^?A0oPxG51C!Oy2WO7>jc@pOOU-%@32wp2jo+suK?aIGGp*?61#q)tnDh$O$(d
zlS`C6fE*nfVHeP%)tignGRmq78`}8#)_C2kHUEp?=aTBnpB^QKD;|^E>f^b33AZWO
zzpM&PDWMattmLP+#3wv3CqKS&yZd@9#`v^hYn4)UoR#VksQZ}jUJ-Y;!|CT#8<mV!
z18j7sU#%!Ew)4-M47o_zcBe|8Zhw(FG{WCr636Fiwf<b9%|&K1x?-^>vtXi0s@=qr
zr*9<NhpBSE8EWdNpQ82gz09V!wza&YI&|-AdJV7m&pMAvg*tR9SJAo1bnR(3jY#h?
zwC6NG<6g@5bqV*)qSaB`^qZypJ*d@b>2bQep2~QsXZ)d8PTvN<-Fk%;1tGVOKhHk?
zL9a#f_N$E|mMx~Eq-=oG`g2)}@=mM7&^Md8Yi~+3E|+L$Wj}Mwc;WV3LY^tv-mZqT
z0_k!a>wJdah1pK$!qBL-|F<RD9u~J9k*dx*%UfDq7uAy^Bq!>xHdzfm&A5Wo=Bqap
zD|<L9+0u^<t}&>#BO&9X3M#gozH=+P#$CD8fS<=ZK5eh$qoVr4Y8g3Yei`O{^AR{|
zv;DaNsZ_TMJp*oL1@W&k-A>m-q}dM|Z_lT92tAItl}NT7d;80_^Wil-cw`6;Op5Eg
zQ9WFH+p}Tc6>Ak+D^-ap?c19XIB6Dj`P1J9->Lbt=B1i7(y0!bTsX70`vI#@-pkw;
zBzI7yZH9l%IH!e+TX2(v%&u!YGHDEP_n}IG{qd=~>9$1VEtX11eNcQebf0y(etpHl
zsb$B8X!2;k)nmOG2WO7?TzTQ#4GH8NI2={>v3BI+%eyZwX0E#XtkYcQ5Vsy0i(Y4E
zY<g@IrPtG6nkw}zg`0a-`TU1d+Mld){42IZ+SWQ&Hiz{TIqC|18c1d>x;?W}kj6~l
z^<X9wh@sVUL2WQaBqY;*y4IbAshW6CuhIOemu%5o!M}XBT`fR~GpMj4R5LDLh$b}q
z`Otp7J5mjpu1tsbp;p@alQ~aWQ1&OYJ=>}rq&)j^S-k`#_c1I)2Cujs*Vqy>l}!CG
zQE}As^mr?R>ek25R9$@|%TYhCmEC&YM@klP?|suU_~J*B)iXMeyuMA{c3OFgr%>=v
z{Bq^JZDq#mPV|XmmD@IUtB0N`HSKoZ!0HsB`?Aq5L(aRT;=W36G+y5HDSj1qQM%jD
zJMY9H-7OvE?~2aJ0`Z4VvKfb->;AIDkvKKYI2`90TM{`kVy&3a)o?GNAZfE@`_9m)
zllN=cfn{cQ*W@&}C_JDj$x$$rt-n&JphbN=gzdqtJP4V=Va-{(MC*sM(3rhxt*GrS
zBVBvdu-<YXRfyn7J<0q#{~X%TZez2-1<8Gqef@fMd}UV?H{Lu*)aiMk^x0%FRDa2~
z!clnrj?eR_8<+uI2mP*jtf=O#i$0Ebi!<UdntIMc_fN1^4uxQEDe}4BJVHLTYn&gq
zxZxx0AU+o`b*rx3%ATcnm5!!r?r789F+Y^6y=vYxhAE9L7!zT2T5FkR&}VR&-P@6L
zD!%H-SF=t>AEc;|<wwttJ1_X}96w<fpR9h9lzO8)RN&hFhVVI!Gx-UFy1N57nPJ+{
z8F#8tQSUIW8mD60Mdlg%GBJ-k`#Vdw1oF?Tv8JyVI!?Lx2G|F`v(lnCZk{u|qu^Aw
z4_ou_;Fl-z{r9V6>djG1$@;h&Ha6o?x@Wf8aSsC@z4u{HG#VV~)OC{?t!BJis~XXl
zNb2pZblSHJv~Z&Q`n(=KAHoCZ-gAsGaIPtQY%Jw1AwQGNc)*k0@OeW(4ZmB=`9+<#
zpSWaRc}|G2yVZ1}T{yQ>?bDpxE>wK3W^Ae%_ci1bvs0=^j?R=DE7!8oOx}25ZD6^f
z&6jQ4Oe^{cdnt=7d#biVSNTIzLoJ;ulXaH3Yv`Jl4mObV^sz@+k{X-oPWDVsommbB
zvXjG|fePn@20q2!kV#CZYjWgxcb#h{dcECtxZ9mO&ive<&q;YvO~K}PVP`fHS!hYy
zYb8)0t77!xt<YM&>OA+{y|C}uAD+sTXO7!)oV{E>dSF62aC;y;=%IkP<yo=ApYdSx
zan9io1viH*c_cQd{d3qfSEqEQ=)0u`k;{S;?c`=!s1U2-{24p%^@0+E^=B#Cd#<b=
z9W^ZcP+iAdxxJyxWzQphigIG2h?1FBG(4o*MoOh;qe_LY@kFM_oqIIj@?V8W?VmT8
zL-%E%!Y*gMICv*kfm2h1Gy6p9uykl;wD1jMUBpK-QYM=8koSAo8o<?IJfgLkB;??W
z`MPkrgO}_qPtv~GEX!!nnjaTv;fXa;vf2<4n6fHU>gnyF*X^KB{aS$I>Uw{UZy~VB
zeeZO8khmY!IqQ^-aH;XcuCAd28hk<uCuY(1lCM*IQh~9#<;xeR8vHqfM)Z5^j`B%<
z!=@%ykeM#q9NwQcW}{IuS&-A_CG~QqD0|1|)Ve^!WkY8zF#d!$E6?-g5_{+PwdXJ7
zq|TV$s;h9Gd}nXqC9|iYMp<!>YhArgl9Q>QFv*@8)s_|S5j~HWF5SK>yKN^VBghPf
zy|-BfniEeX=%>#nca?gD2|5L_CUnF<36Tu=YAtxko%CU^bM4D@WvYE!>>qo_U7nN;
zIwFrPEVz5Vw)YanvWrTmGICQ2;}+h3M_(u}+tX+mN#-iK)*1RCU7J1Fu9@-B*VfIG
zUlOsbEHP20J*d@*1a|GX*~!wjv)$49lmbN=Q|)iw<j8Kl8|Jta6O<mMQqwyb(#>ce
zI`d93N|d5pe`w~$gAJi?H#W6X)RIK7r1uUTZfJ1e&v+L>SLzt@Jml?SySLHEg-E4(
zY~7}kQWN<N*ST{`2Su-qV&{i~L^Xxeuk<i4+i3O7d57O0N-&#vmVP7kIV#YByjGa$
zUUI_ws)lcUK~CxKFLcc-J`NtvaZhf_TpTlx6Xr33HY(>=*X6||mt*GI9&)(L=&6e;
z-r1e&QdyS%4i+R_g<b{SSJ9i7(KmPZ8+dGxQ#@oXaF8V~Wm_rdtj&ax@)ybdXJs;#
z-mN+KE7>&VP43UWrXqgmYAa2g^6t`L&V4_9Wv?Ye`3_14d)J-ue%8aDhKqfls`&V4
zZFpxcd@7R&Sq+nSGBkvJ)QDex8}NS(JAWwt#Z4zZeg44xZy1#ymFfPIHs5~^;GgRL
zHqL)n)A~2~cUAsePN7*}@FlU6bpHd>IlG>KE=w=f^wbm27_`dx%sw<idoGn=OM|W_
zobOM&?3dJWA1$gNusr8uSTchLyu**0i#zGfPYJz^U)RO@?6t0caLJ3r3YnbfEv%*Q
z&>kS{5sYIU=FMPaj8}xBl;S>A+*R1D(z@BWSUeo)XLRUZ!<5H9Wjsi9QQy;8X4Ep=
zwk_d%hxh&~whw0;ah)~JiCVs#XL-V#Hf5x4i`gw#2j=zhPnO<xay#WoE|M$BF`Uec
z{(PfpXqh*|a<Sd)*0PIWvW}Mh^NKj5qs~|Dlx}>(<go7vc;+&6&1)e~^ZD^<yL;@L
z>GF6GvLiGeZCqD(e8Uwvv?=|Ti)^O9NL%lV3x<>V%E_}S>C-dPEB!1-6ZClHtEhXo
z(lpoCbgbi;E;+@VwnR<0R~B)NB|YVMA8i}if4;(9oL2plb^>=CPGNuIz?K`=Ox=ew
z-{XVnPh$&cVq7r_UD&(0CBJaD#RV5TtAYnueae!#pi+h%IrH{F|LdQbc^@G61&7<N
z_gx4-(2<?^xkrb*zX%mD>ag0o@U&;<8+}jt!RKWPW+BDT%JRAFFz@Zm8}ympkH{hK
zQ7?!p+N@R`KPhCg_ss>-%0w=+^O*rD^}G^R(_dt2edu|UU9Ypfdmb#O`5nE$?&?re
zvg18`Q3m7o`B2tSK=65;0!q0)rmIb3L*X7Gvb~QJypmIg)-`U?nt!v%*BLvPJNi6K
zB<JL{J74Z@a=!Cjj7z}w8^jGt<mu(p*`)3qFVq%D5=fFv&uT!_$9Z&{HM$rN(62h1
zth5{1E!v;YSzf;R?QTxqCNe1;oheXQl)yq>%o$`baDR=atlD>)E9~{@?AtnPu3Mvv
zuKNOWA`d&AENQ{MwQ0s_$p{rxCbSLtny=`;*P+?tIBT`{a^S|Jp}{40QU7jaKG*$4
zyV|0PUZ$IzBX6-A;~a>kHkyK4qKEB{I&3~n<Fei8myx(bvZ0>iS=Y!@Kk+yi6WXa4
z{8WDI(dJlsqQHuewr_Q3wHAsmspIJ$t;6YIjE(9(ilho4Z__+3@@)!FBu~&rC|J9g
z$+^_#zdf23`mQjuSiV%FO!4l{B2_ZKI$I<wr=iBySCyux0g;Ki#bM-2()whv%7fQt
z<ez;h|D>)a(3pXJ^l?eAd-_V@8xAf*&DWP-oXrv5$1AVfS;_}gY)6E;%U_I-Y%F4n
zSY+29UU2{37q8mqbR+!23x0-Y^X{we*-ICf7yOwk9dNGe32hg{B0Ie1(~BPZ(ak0_
z2M1vttN7o&=*Fh86{3<_&S_1DVBEK^4ri`cUS0BEbYi=?nMB)~@4Q>ED|}VGqF;hT
zUPjOJJy&exLO6aL%#s68LQ2>dB8a;d%mP+85q|Keu6n5xBm_8OW_?^rLPlc$k$ctv
z4@6i;SZ^qvlr6ilzaFDgVuATpZlPlc*rEhxd(2E$eJog3vYad@yfnyu^z!$4-`|S?
zp#G-{e~|b5f%`wr)c@}~gaFe~LJLpd))vB3$J5<|8@{LU^!1eXJmt#`-)wPv`Z&3}
z0c)GPoZPy)Kt%C(bprobM_d*GP~_Z%j$ptLDQ=ijg_D}EtG}C50Jlz%ySv*-P~|%>
z)J|zrQ3J`}JBDQx9XjIVd&<{}m~)$)3U>21_c#^EZ7wYVm{iJIf)QGt{yxD@{%+h>
zZvFuTwUYZYB>)J^wGWzbiy0Cn0hC9NdDI-qfeu=6n7G0kMedP9)H;^tYCsK>P)hmh
zxVT{%63`Kr6cNzBj<Zh42rf~DQzD$~JqI+;Xz+LZ*T4I(fA?Si4iA43e+j?2ch-L?
zCl<=$kKncO$p8YzKn<S+aR5iS1dm4mJD`j=K_)?$@s9Z7T~Zt=ZW~SnT!13+y2xL!
zdRG_8fQ!c!;ly$Cpca-JLaKOX{21;!LIe`SFYQL+Rq^6DLSByx!B66~K^I^^C?n6|
zPT*^Q<x;_CkP4oHw@pgW5twG({qj4M*!4r!00incd<qz$X!wGe5hsE7!JFaq5DEA%
zyN?kbKpxEE6-Y7>rl5Ye26%vGkO9naH4{H56Cm^xU4a&0`jry`asUlbFml1=T7Zm5
z6L=Iz!O4S4XdS@>A9SkFJRk-4@w)hRge@e8>)){lry)ut8WoS)2Wu{Ys7dU%Hc2Ka
zCMgIq7g&b*3t0eo3jlnP4<`Z=X>%Y&v}qqa5B0liI1k_mYpo~ILiQtuK^gw@E}BAu
za*dLdo)?qGo<=`L^9h|spGzA-6%F@RzZ-<}!8<}P5n&|1r$doxcy;IzJQLR;c6`OQ
z4ASa}8uS>@gH`ANessGPaSN{nJ%IPu7KjSJf9KEq6yhtM23iN%-~{v$Pq#zh;n@J$
z6el1CnE!}hAud8XKnFN}E;VvMeh&etz&d^%PXlNGGY}!p^j@$R*aK4{!uvls3C{eA
zazKHIx<D76a|E#`H1VDM=yV&ujTZ%Czak#`4fVlqD35%F=YeK{3&?@E@TYd7k-B(q
zC>>tm)zC|v-A*2|8*c>NgLS7tYq+z2;$3z=ASU5^AP71Sq9GN$^>4iR4}Kkw!|%X|
zgOTf}y@bctpP%9eegpr@y5a+T|DnA<R@$HQzqI!N9{SB%eE<-uAQyJB2yh5$gXggG
zXSjt}M9fU#SylkF@H?<ooAj;91u@*<IsASAyv~1FhNLhJ!E2jv3d5Ze(`R@V(J*xu
z1VVJc5pcura+W-o^d9`><&rv*;9#}!^cq^&BFFGOZA@(!jv~S|ZpIkBMQtc=D6d8D
zQwuNqCK1_hXG9L-=dH@Anc7qH<g^f>2~p|Q327JfY_^Yo6kC*`8Rj{cQ7(DRVlyEt
z$aU&NlJ`idm(|z|M{C?`M;0fO&C(j<3hG2rS$^Z}wkIyijdpP{T{TI`VIq9Elb1<1
z(Fg3~+C3os2Z8*p2*WW9#(#2_Kb(HLfWg$YOl($(s^bQSmwjHP)+C)yXL`nc5ysq)
zWzjzVjix>o1MIA81!k86G`ntD-xg+Yg~W0z1RBnyHht7d^EHWy_>j=uGN8n%-YL*r
z&LpCg*?X5HN@dKEdBXgh2&KbBTE$@v202|X&E}cbS{pCJRXPcu3ZFfc>0uv4tWO4W
zyBigRb<qbfiTVjgxE38%<%q74Egx`=*W=D|({CQOs3_uMnmqXCVsD&oH*>0+EQ;=A
zT37-7sMU>?z975g;n4a+ZC4CV>)K)+y7Qu<GEsXnW1A1Uuzt&(e<EZtZ@r6V{hnUY
zdV<DcRC&1FapI-Z3M)2oC1k|DNhslrbN;cp$SKV*u<E_SrdKrCre|#;KEgPmZEU-;
zq1MeRQ!&n8=_*=cCp;`-Q%lLBrTDI()>3p#bZRWF{QT9rHP;UD11{YuCk=HTuBlh(
zqOVA;PfSJ)ql02c?oY)@%$(=bkEMg%{}Ch-UOj|FKmbeti54A*00eg~0^S#(<0SC@
z@H-xmtpAaxgjW}exc&&MkA&C@VJ#By2hhTMGznY-1@QQ<_(Sksa)77}1$Obf@Ha<*
z-`D>$Z}M|&a10L?LEv9C(g0pqM)(SMVGZo?7xVWT2_ql?3J`XLA3q$wAA#RLYNY-<
zjdlNO<3DLk`h&(}@Yu4U>%`6B5FBysB~oX>7W5cC;{mt>sG$`i)ddV-iZIiMPz%5p
zeiCMg(Ec`*{ImUc=r*44ZqEWz=sl4t0p`#&vHbwxhCajXo8k5=Kozd_OZx-RULto8
zh(k|^Jp}`HXo1+i!aD{UBetIe`p_G={r_*lX*k&ae<?WqBibJI?}O8(aJc>72B+zN
zMB9H2P9y#<IIZ<B!D*HM7s2VS(>l2pPcdx_MoU8?S?9CgI+__ccke->g_q>ea;d1=
zSY5^t6B!x9INOgYe1-ngQUz2OiycmFG7O<4_|I5SN@iKc@`+&uv}$ZF@^aKpS6edp
z`nahvNmC>*PYg-)>aY*zi46xy?{N$4UW;a7QH;nx)0ZY9r_z#rIbfFa7`vdoAzL+-
z*YLQb%9w^veagqMB=akEMkDd)@my<13#0R1F)IW5{C!0Yh!??bm=#<4BL31$>!Z$A
zTO_Lei_F_@0+>;r$wdA5fyry4Sdq_8LXWx^3!UHYHA_9_+$3Do8}-spgs(?+uFy0z
zWu;4_pfakcmuL0p!Di>!tp_#7MUaYyC--*L-AHfMUDN7I(?DHHph{gD4lBH{S}HX3
z-io!@g||CS$!*j?Cw{2MJC9m+Nl5RQK7UO1=8Ak!&0Q7i20ZYJkR4Q0*^OoJF_CDw
z5?8q5L?cq1Br=d&Fl<vyHY0~+I3E-@WO?YOrIJjELWGMPx|tzNapmC65v)@ddB>PY
zjnx&By3Uhj<pDP%Z;vTa#(J2?uzzs5X4z8Nft6_I-@2a8NGht&51x3BXyw(|Ca*-;
zUY9jq=KHA3y5-7y>GZ-SLl>`?6Z!$dMIR>ZxC|9{qiC8r5sFh$5=_0RDfYoP?Bkb(
z4X=BQOzdW#zg+PJd-x4^1a%4d9=fRHTFnxAW)CGy;nnLD?7a_}#)h8SM!N82IdJLI
z501x<R*7e{Fsg44WtRDrayOPTJG{2dO_N0h2uKCwU14*te@V;37PrNA%}Kl*F_U}p
zOa=4gX&d_@aeJ-01Ls{^6Ne-)&OB)>{wB;~7UfRm!-56UMq}GoH2u6+FUpoRr&uVJ
zpuW&$)S7gZ?K7z3&J!qDCdp^7AE)QdAFXvk6<kgqi$l5&$j&#>oAo%Uza)Pt=1(ss
zq(DaP{`@{VHQ5&TZum(@_EJ#XJ5R@p;~1_8Q85DpU3RCX;)%v;u`lHxYj`E^r&a}U
zmjuTaG#8}HT-m+In6G1DAefimq<jW((_S&&A9&|g9i+JYsnz|9G@~z5muHENh3rMt
z<T84Q<=9hO3RXdbDAm_K5pJ%6ycoNKqcu;ZubCxPOQCubDx<KZ$mKTGCq5Q7k@wtU
zL%g}C((>EyTW~l(@w`5#Q`waVcAR~yc>JFXRC|c?Q^lAyq*oZ!d)7HbKV@67Hhpm?
z$g;lu=E&n@%(zE}<A>x+>JD>kmh^S@%uX3q8Hb}M4b~PtT5a4gt*+P3Jd~lyrd~nR
zIp>bHW8PND@;*?qM#|St&;f3L??Szx6Ywcd4w6Wmk!Y~GP4(bEPv-wvmjw0-ejqQ<
zp=co`cozgO6i;49%11#11S#r>_mMx&8{$C&5b)6!a7YyX=Yai@h(HL6_)%_6K{)dW
z{wxlU2Ap8y=Q%~VDujsMFrl812_Ywdun7YGui}D6fe4)}%oF@&@pA;RI-JDl;6@+?
zrVavvo09@_a4iBw0e}SE30RUs4}dg$lSdCh7l!C0>3HF?uW*?RD<Rs$&Hz9-od`^c
zz?21?r~&fm5ATFqjgA!sO9+65Rc1*Tb$m}JA>InwX0F(<97Vrj1dawR&NQrqaS{H!
zn29%LLNLWbq;y~kMNSx{2TUO)2s%Arjzq{7rq03?nNST(4Z;+q#1yPQ2A&{C48i{*
U=T?WuNdUCO0$f7iL<9l&AOFXHcmMzZ

literal 0
HcmV?d00001

diff --git a/tests/bugfixes/github/test_issue_1827.py b/tests/bugfixes/github/test_issue_1827.py
new file mode 100644
index 0000000000..3f9c4eaf3f
--- /dev/null
+++ b/tests/bugfixes/github/test_issue_1827.py
@@ -0,0 +1,17 @@
+# -*- coding: utf-8 -*-
+
+from system_tests import CaseMeta, CopyTmpFiles, path, check_no_ASAN_UBSAN_errors
+
+class ExposureTimeCastDoubleToLong(metaclass=CaseMeta):
+    """
+    Regression test for the bug described in:
+    https://github.com/Exiv2/exiv2/issues/1827
+    """
+    url = "https://github.com/Exiv2/exiv2/issues/1827"
+
+    filename = path("$data_path/issue_1827_poc.crw")
+    commands = ["$exiv2 $filename"]
+    stderr = [""]
+    retval = [0]
+
+    compare_stdout = check_no_ASAN_UBSAN_errors

From 1455cc88466a14d8ea49935005e9de097984f012 Mon Sep 17 00:00:00 2001
From: Kevin Backhouse <kevinbackhouse@github.com>
Date: Mon, 2 Aug 2021 17:19:13 +0100
Subject: [PATCH 2/3] Check value is in range before casting from double to
 uint32_t, to avoid undefined behavior.

---
 src/tags_int.cpp | 16 +++++++++++++---
 1 file changed, 13 insertions(+), 3 deletions(-)

diff --git a/src/tags_int.cpp b/src/tags_int.cpp
index cc23ded71d..923d1151fc 100644
--- a/src/tags_int.cpp
+++ b/src/tags_int.cpp
@@ -2585,12 +2585,22 @@ namespace Exiv2 {
     URational exposureTime(float shutterSpeedValue)
     {
         URational ur(1, 1);
-        double tmp = std::exp(std::log(2.0) * static_cast<double>(shutterSpeedValue));
+        const double tmp = std::exp(std::log(2.0) * static_cast<double>(shutterSpeedValue));
         if (tmp > 1) {
-            ur.second = static_cast<long>(tmp + 0.5);
+            // Add 0.5 for rounding.
+            const double x = tmp + 0.5;
+            // Check that x is within the range of a uint32_t before casting.
+            if (0 <= x && x <= std::numeric_limits<uint32_t>::max()) {
+                ur.second = static_cast<uint32_t>(x);
+            }
         }
         else {
-            ur.first = static_cast<long>(1/tmp + 0.5);
+            // Add 0.5 for rounding.
+            const double x = 1/tmp + 0.5;
+            // Check that x is within the range of a uint32_t before casting.
+            if (0 <= x && x <= std::numeric_limits<uint32_t>::max()) {
+                ur.first = static_cast<uint32_t>(x);
+            }
         }
         return ur;
     }

From ad2e7221b498258bd04188b66f6da5cefd101e73 Mon Sep 17 00:00:00 2001
From: Kevin Backhouse <kevinbackhouse@github.com>
Date: Mon, 2 Aug 2021 22:32:35 +0100
Subject: [PATCH 3/3] Update src/tags_int.cpp

Co-authored-by: Christoph Hasse <hassec@users.noreply.github.com>
---
 src/tags_int.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/tags_int.cpp b/src/tags_int.cpp
index 923d1151fc..69eed8a1af 100644
--- a/src/tags_int.cpp
+++ b/src/tags_int.cpp
@@ -2590,7 +2590,7 @@ namespace Exiv2 {
             // Add 0.5 for rounding.
             const double x = tmp + 0.5;
             // Check that x is within the range of a uint32_t before casting.
-            if (0 <= x && x <= std::numeric_limits<uint32_t>::max()) {
+            if (x <= std::numeric_limits<uint32_t>::max()) {
                 ur.second = static_cast<uint32_t>(x);
             }
         }