[gimp] PCX: sanitize input data

From: Nils Philippsen <nphilipp src gnome org>
To: svn-commits-list gnome org
Cc:
Subject: [gimp] PCX: sanitize input data
Date: Wed, 9 Dec 2009 15:35:30 +0000 (UTC)

commit ed7f48be05d233607460ce331a5c07ebfa5830fa
Author: Nils Philippsen <nils redhat com>
Date:   Tue Dec 1 15:31:52 2009 +0100

    PCX: sanitize input data
    
    Harden PCX plugin against bad width, height.

 plug-ins/common/file-pcx.c |    7 +++++++
 1 files changed, 7 insertions(+), 0 deletions(-)
---
diff --git a/plug-ins/common/file-pcx.c b/plug-ins/common/file-pcx.c
index 72d4b3e..e028bd2 100644
--- a/plug-ins/common/file-pcx.c
+++ b/plug-ins/common/file-pcx.c
@@ -405,6 +405,13 @@ load_image (const gchar  *filename,
       return -1;
     }
 
+  /* Shield against potential buffer overflows in load_*() functions. */
+  if (G_MAXSIZE / width / height < 3)
+    {
+      g_message (_("Image dimensions too large: width %d x height %d"), width, height);
+      return -1;
+    }
+
   if (pcx_header.planes == 3 && pcx_header.bpp == 8)
     {
       image= gimp_image_new (width, height, GIMP_RGB);

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]