[gimp/gimp-2-6] PCX: sanitize input data

From: Nils Philippsen <nphilipp src gnome org>
To: svn-commits-list gnome org
Cc:
Subject: [gimp/gimp-2-6] PCX: sanitize input data
Date: Thu, 10 Dec 2009 12:06:59 +0000 (UTC)

commit 5bc9aaf753eae6999fb1497e6dd19e586016e193
Author: Nils Philippsen <nils redhat com>
Date:   Tue Dec 1 15:31:52 2009 +0100

    PCX: sanitize input data
    
    Harden PCX plugin against bad width, height.
    (cherry picked from commit ed7f48be05d233607460ce331a5c07ebfa5830fa)

 plug-ins/common/file-pcx.c |    7 +++++++
 1 files changed, 7 insertions(+), 0 deletions(-)
---
diff --git a/plug-ins/common/file-pcx.c b/plug-ins/common/file-pcx.c
index ec1aa92..36a1def 100644
--- a/plug-ins/common/file-pcx.c
+++ b/plug-ins/common/file-pcx.c
@@ -406,6 +406,13 @@ load_image (const gchar  *filename,
       return -1;
     }
 
+  /* Shield against potential buffer overflows in load_*() functions. */
+  if (G_MAXSIZE / width / height < 3)
+    {
+      g_message (_("Image dimensions too large: width %d x height %d"), width, height);
+      return -1;
+    }
+
   if (pcx_header.planes == 3 && pcx_header.bpp == 8)
     {
       image= gimp_image_new (width, height, GIMP_RGB);

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]