Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15:Update
gd.10569
gd-CVE-2018-1000222.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File gd-CVE-2018-1000222.patch of Package gd.10569
diff --git a/src/gd_bmp.c b/src/gd_bmp.c index bde0b9d3..78f40d9a 100644 --- a/src/gd_bmp.c +++ b/src/gd_bmp.c @@ -47,6 +47,8 @@ static int bmp_read_4bit(gdImagePtr im, gdIOCtxPtr infile, bmp_info_t *info, bmp static int bmp_read_8bit(gdImagePtr im, gdIOCtxPtr infile, bmp_info_t *info, bmp_hdr_t *header); static int bmp_read_rle(gdImagePtr im, gdIOCtxPtr infile, bmp_info_t *info); +static int _gdImageBmpCtx(gdImagePtr im, gdIOCtxPtr out, int compression); + #define BMP_DEBUG(s) static int gdBMPPutWord(gdIOCtx *out, int w) @@ -87,8 +89,10 @@ BGD_DECLARE(void *) gdImageBmpPtr(gdImagePtr im, int *size, int compression) void *rv; gdIOCtx *out = gdNewDynamicCtx(2048, NULL); if (out == NULL) return NULL; - gdImageBmpCtx(im, out, compression); - rv = gdDPExtractData(out, size); + if (!_gdImageBmpCtx(im, out, compression)) + rv = gdDPExtractData(out, size); + else + rv = NULL; out->gd_free(out); return rv; } @@ -141,6 +145,11 @@ BGD_DECLARE(void) gdImageBmp(gdImagePtr im, FILE *outFile, int compression) compression - whether to apply RLE or not. */ BGD_DECLARE(void) gdImageBmpCtx(gdImagePtr im, gdIOCtxPtr out, int compression) +{ + _gdImageBmpCtx(im, out, compression); +} + +static int _gdImageBmpCtx(gdImagePtr im, gdIOCtxPtr out, int compression) { int bitmap_size = 0, info_size, total_size, padding; int i, row, xpos, pixel; @@ -148,6 +157,7 @@ BGD_DECLARE(void) gdImageBmpCtx(gdImagePtr im, gdIOCtxPtr out, int compression) unsigned char *uncompressed_row = NULL, *uncompressed_row_start = NULL; FILE *tmpfile_for_compression = NULL; gdIOCtxPtr out_original = NULL; + int ret = 1; /* No compression if its true colour or we don't support seek */ if (im->trueColor) { @@ -325,6 +335,7 @@ BGD_DECLARE(void) gdImageBmpCtx(gdImagePtr im, gdIOCtxPtr out, int compression) out_original = NULL; } + ret = 0; cleanup: if (tmpfile_for_compression) { #ifdef _WIN32 @@ -338,7 +349,7 @@ BGD_DECLARE(void) gdImageBmpCtx(gdImagePtr im, gdIOCtxPtr out, int compression) if (out_original) { out_original->gd_free(out_original); } - return; + return ret; } static int compress_row(unsigned char *row, int length)
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
