Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP2:GA
gd.4119
gd-CVE-2016-6132.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File gd-CVE-2016-6132.patch of Package gd.4119
From 921e590565deb033acafcfa9063b4563200b14b5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Sur=C3=BD?= <ondrej@sury.org> Date: Tue, 12 Jul 2016 11:24:09 +0200 Subject: [PATCH] Fix #247, A read out-of-bands was found in the parsing of TGA files --- src/gd_tga.c | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/src/gd_tga.c b/src/gd_tga.c index ef20f86..07f3c86 100644 --- a/src/gd_tga.c +++ b/src/gd_tga.c @@ -237,7 +237,10 @@ int read_image_tga( gdIOCtx *ctx, oTga *tga ) return -1; } - gdGetBuf(conversion_buffer, image_block_size, ctx); + if (gdGetBuf(conversion_buffer, image_block_size, ctx) != image_block_size) { + gdFree(conversion_buffer); + return -1; + } while (buffer_caret < image_block_size) { tga->bitmap[buffer_caret] = (int) conversion_buffer[buffer_caret]; @@ -261,7 +264,11 @@ int read_image_tga( gdIOCtx *ctx, oTga *tga ) return -1; } - gdGetBuf( conversion_buffer, image_block_size, ctx ); + if (gdGetBuf(conversion_buffer, image_block_size, ctx) != image_block_size) { + gdFree(conversion_buffer); + gdFree(decompression_buffer); + return -1; + } buffer_caret = 0;
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor