Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Leap:15.5:Update
libqt5-qtbase.10671
libqt5-fix-crash-in-qppmhandler-for-certain-mal...
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File libqt5-fix-crash-in-qppmhandler-for-certain-malformed-image.patch of Package libqt5-qtbase.10671
From 805dce07b9797f5f2770a9d2c58d6d381784ca25 Mon Sep 17 00:00:00 2001 From: Eirik Aavitsland <eirik.aavitsland@qt.io> Date: Thu, 2 Aug 2018 13:11:20 +0200 Subject: [PATCH] Fix crash in qppmhandler for certain malformed image files The ppm format specifies that the maximum color value field must be less than 65536. The handler did not enforce this, leading to potentional overflow when the value was used in 16 bits context. Task-number: QTBUG-69449 Change-Id: Iea7a7e0f8953ec1ea8571e215687d12a9d77e11c Reviewed-by: Lars Knoll <lars.knoll@qt.io> (cherry picked from commit 8c4207dddf9b2af0767de2ef0a10652612d462a5) --- src/gui/image/qppmhandler.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/gui/image/qppmhandler.cpp b/src/gui/image/qppmhandler.cpp index e9f5a905f0..53e3fa293d 100644 --- a/src/gui/image/qppmhandler.cpp +++ b/src/gui/image/qppmhandler.cpp @@ -115,7 +115,7 @@ static bool read_pbm_header(QIODevice *device, char& type, int& w, int& h, int& else mcc = read_pbm_int(device); // get max color component - if (w <= 0 || w > 32767 || h <= 0 || h > 32767 || mcc <= 0) + if (w <= 0 || w > 32767 || h <= 0 || h > 32767 || mcc <= 0 || mcc > 0xffff) return false; // weird P.M image return true; -- 2.16.4
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor