Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP7:GA
gimp.16288
gimp-bsc1073627-CVE-2017-17789.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File gimp-bsc1073627-CVE-2017-17789.patch of Package gimp.16288
From 28e95fbeb5720e6005a088fa811f5bf3c1af48b8 Mon Sep 17 00:00:00 2001 From: Jehan <jehan@girinstud.io> Date: Wed, 20 Dec 2017 16:44:20 +0100 Subject: [PATCH] Bug 790849 - (CVE-2017-17789) CVE-2017-17789 Heap buffer overflow... ... in PSP importer. Check if declared block length is valid (i.e. within the actual file) before going further. Consider the file as broken otherwise and fail loading it. --- plug-ins/common/file-psp.c | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/plug-ins/common/file-psp.c b/plug-ins/common/file-psp.c index d975e13725..c25beceffc 100644 --- a/plug-ins/common/file-psp.c +++ b/plug-ins/common/file-psp.c @@ -1792,6 +1792,15 @@ load_image (const gchar *filename, { block_start = ftell (f); + if (block_start + block_total_len > st.st_size) + { + g_set_error (error, G_FILE_ERROR, G_FILE_ERROR_FAILED, + _("Could not open '%s' for reading: %s"), + gimp_filename_to_utf8 (filename), + _("invalid block size")); + goto error; + } + if (id == PSP_IMAGE_BLOCK) { if (block_number != 0) -- GitLab
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor