[gimp] file-psp: fix overflow protection (CVE-2011-1782)
- From: Nils Philippsen <nphilipp src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [gimp] file-psp: fix overflow protection (CVE-2011-1782)
- Date: Mon, 23 May 2011 14:00:18 +0000 (UTC)
commit f657361db04de69ce003328724c59e3f942d7d15
Author: Nils Philippsen <nils redhat com>
Date: Fri May 13 17:08:02 2011 +0200
file-psp: fix overflow protection (CVE-2011-1782)
amends commit 48ec15890e1751dede061f6d1f469b6508c13439, related to
CVE-2010-4543
plug-ins/common/file-psp.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
---
diff --git a/plug-ins/common/file-psp.c b/plug-ins/common/file-psp.c
index 7e620fb..9ae5395 100644
--- a/plug-ins/common/file-psp.c
+++ b/plug-ins/common/file-psp.c
@@ -1200,7 +1200,7 @@ read_channel_data (FILE *f,
fread (buf, runcount, 1, f);
/* prevent buffer overflow for bogus data */
- runcount = MIN (runcount, endq - q);
+ runcount = MIN (runcount, (endq - q) / bytespp);
if (bytespp == 1)
{
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]