Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP2:GA
netpbm
netpbm-CVE-2017-2579,2580.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File netpbm-CVE-2017-2579,2580.patch of Package netpbm
Index: netpbm-10.80.1/converter/other/giftopnm.c =================================================================== --- netpbm-10.80.1.orig/converter/other/giftopnm.c 2019-05-16 14:30:02.041306360 +0200 +++ netpbm-10.80.1/converter/other/giftopnm.c 2019-05-16 14:49:07.719059265 +0200 @@ -1138,8 +1138,21 @@ expandCodeOntoStack(Decompressor * const /* LZW string, defined */ code = incode; else if (incode == decompP->nextTableSlot) { - /* It's a code that isn't in our translation table yet. + /* It's a code that isn't in our translation table yet + + The only thing it could legally be is one higher than the + highest one we've seen so far. */ + if (code > decompP->nextTableSlot) { + /* We just abort because we added this to stable code to fix + a bug and we don't want to disturb stable code more than we + have to. + */ + pm_error("Error in GIF image: LZW string code %u " + "is neither a previously defined one nor the " + "next in sequence to define (%u)", + code, decompP->nextTableSlot); + } if (decompP->fresh) pm_asprintf(&gifError, "LZW string code encountered with " "decompressor in fresh state"); @@ -2042,6 +2055,9 @@ convertImage(FILE * const ifP, "color map either."); } + if (imageHeader.cols == 0) + pm_error("Invalid GIF - width is zero"); + if (!skipIt) { readImageData(ifP, imageHeader.cols, imageHeader.rows, *currentColorMapP,
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor