[gimp/gimp-2-8] Bug 701120: Opening fuzzed .pnm-file causes stack buffer overflow

From: Massimo Valentini <mvalentini src gnome org>
To: commits-list gnome org
Cc:
Subject: [gimp/gimp-2-8] Bug 701120: Opening fuzzed .pnm-file causes stack buffer overflow
Date: Sat, 1 Jun 2013 15:37:35 +0000 (UTC)

commit bc411d97c926e0824c5a77ef96416cb6365f1684
Author: Massimo Valentini <mvalentini src gnome org>
Date:   Sat Jun 1 17:30:43 2013 +0200

    Bug 701120: Opening fuzzed .pnm-file causes stack buffer overflow
    
    increase BUFLEN to avoid appending the nul terminator '\0'
    past the end of 'buf'
    (cherry picked from commit ac98dd47511c422e170bc2aac934dd47ae4d1d3f)

 plug-ins/common/file-pnm.c |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)
---
diff --git a/plug-ins/common/file-pnm.c b/plug-ins/common/file-pnm.c
index e30119c..f47054d 100644
--- a/plug-ins/common/file-pnm.c
+++ b/plug-ins/common/file-pnm.c
@@ -482,7 +482,7 @@ load_image (const gchar  *filename,
   gint32          layer_ID;
   GimpDrawable   *drawable;
   int             fd;           /* File descriptor */
-  char            buf[BUFLEN];  /* buffer for random things like scanning */
+  char            buf[BUFLEN + 4];  /* buffer for random things like scanning */
   PNMInfo        *pnminfo;
   PNMScanner * volatile scan;
   int             ctr;

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]