Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
home:ecsos
swftools
0001-Fix-an-integer-overflow-issue-in-png.c.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File 0001-Fix-an-integer-overflow-issue-in-png.c.patch of Package swftools
From 7139f3cf7c8bc576bea1dbd07c58ce1ad92b774a Mon Sep 17 00:00:00 2001 From: Matthias Kramm <kramm@quiss.org> Date: Wed, 26 Apr 2017 09:02:20 -0700 Subject: [PATCH] Fix an integer overflow issue in png.c This aims to fix https://github.com/matthiaskramm/swftools/issues/13 --- lib/png.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/lib/png.c b/lib/png.c index 66eebb44..44a4b425 100644 --- a/lib/png.c +++ b/lib/png.c @@ -575,8 +575,12 @@ EXPORT int png_load(const char*sname, unsigned*destwidth, unsigned*destheight, u *destwidth = header.width; *destheight = header.height; - - data2 = (unsigned char*)malloc(header.width*header.height*4); + + unsigned long long alloclen_64 = (unsigned long long)header.width * header.height * 4; + if (alloclen_64 > 0xffffffffl) { + return 0; + } + data2 = (unsigned char*)malloc((size_t)alloclen_64); if(header.mode == 4) { -- 2.12.2
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
