Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12:Update
libqt4-sql-plugins.31633
CVE-2018-19873.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File CVE-2018-19873.patch of Package libqt4-sql-plugins.31633
Author: Eirik Aavitsland <eirik.aavitsland@qt.io> AuthorDate: 2018-09-04 11:08:06 +0200 Commit: Eirik Aavitsland <eirik.aavitsland@qt.io> CommitDate: 2018-09-11 06:36:34 +0000 bmp image handler: check for out of range image size Make the decoder fail early to avoid spending time and memory on attempting to decode a corrupt image file. Change-Id: I874e04f3b43122d73f8e58c7a5bcc4a741b68264 Reviewed-by: Lars Knoll <lars.knoll@qt.io> --- qt-everywhere-opensource-src-4.8.7.orig/src/gui/image/qbmphandler.cpp +++ qt-everywhere-opensource-src-4.8.7/src/gui/image/qbmphandler.cpp @@ -181,6 +181,8 @@ static bool read_dib_infoheader(QDataStr if (!(comp == BMP_RGB || (nbits == 4 && comp == BMP_RLE4) || (nbits == 8 && comp == BMP_RLE8) || ((nbits == 16 || nbits == 32) && comp == BMP_BITFIELDS))) return false; // weird compression type + if (bi.biWidth < 0 || quint64(bi.biWidth) * qAbs(bi.biHeight) > 16384 * 16384) + return false; return true; }
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor