[gimp/gimp-2-6] Use more defensive coding in plausibility check.
- From: Nils Philippsen <nphilipp src gnome org>
- To: svn-commits-list gnome org
- Cc:
- Subject: [gimp/gimp-2-6] Use more defensive coding in plausibility check.
- Date: Mon, 16 Nov 2009 16:37:09 +0000 (UTC)
commit 6e8ff603a2ee6a0940373723d1f075930dfd3ce0
Author: Nils Philippsen <nils redhat com>
Date: Mon Nov 16 17:16:09 2009 +0100
Use more defensive coding in plausibility check.
Use an equivalent division instead of multiplying values and checking if
they are more than G_MAXINT32, because divisions cannot overflow.
(cherry picked from commit f63ba36dd9cc01ca6da83fa05ddd12419ad8953e)
plug-ins/file-bmp/bmp-read.c | 6 +++---
1 files changed, 3 insertions(+), 3 deletions(-)
---
diff --git a/plug-ins/file-bmp/bmp-read.c b/plug-ins/file-bmp/bmp-read.c
index c4e996a..76c4f5d 100644
--- a/plug-ins/file-bmp/bmp-read.c
+++ b/plug-ins/file-bmp/bmp-read.c
@@ -452,10 +452,10 @@ ReadBMP (const gchar *name,
}
/* protect against integer overflows caused by malicious BMPs */
+ /* use divisions in comparisons to avoid type overflows */
- if (((guint64) Bitmap_Head.biWidth) * Bitmap_Head.biBitCnt > G_MAXINT32 ||
- ((guint64) Bitmap_Head.biWidth) * ABS (Bitmap_Head.biHeight) > G_MAXINT32 ||
- ((guint64) Bitmap_Head.biWidth) * ABS (Bitmap_Head.biHeight) * 4 > G_MAXINT32)
+ if (((guint64) Bitmap_Head.biWidth) > G_MAXINT32 / Bitmap_Head.biBitCnt ||
+ ((guint64) Bitmap_Head.biWidth) > (G_MAXINT32 / ABS (Bitmap_Head.biHeight)) / 4)
{
g_set_error (error, G_FILE_ERROR, G_FILE_ERROR_FAILED,
_("'%s' is not a valid BMP file"),
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]