Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:11.4:Update
gimp
bnc#724628-0001-file-gif-load-limit-len-and-hei...
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File bnc#724628-0001-file-gif-load-limit-len-and-height-CVE-2012-3481.patch of Package gimp
From 4ec417c50d4cce935a87b5beab051e85cbfcec45 Mon Sep 17 00:00:00 2001 From: Jan Lieskovsky <jlieskov@redhat.com> Date: Tue, 14 Aug 2012 12:18:22 +0200 Subject: [PATCH 1/2] file-gif-load: limit len and height (CVE-2012-3481) Ensure values of len and height can't overflow g_malloc() argument type. --- plug-ins/common/file-gif-load.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/plug-ins/common/file-gif-load.c b/plug-ins/common/file-gif-load.c index 9a0720b..909b184 100644 --- a/plug-ins/common/file-gif-load.c +++ b/plug-ins/common/file-gif-load.c @@ -1025,6 +1025,13 @@ ReadImage (FILE *fd, cur_progress = 0; max_progress = height; + if (len > (G_MAXSIZE / height / (alpha_frame ? (promote_to_rgb ? 4 : 2) : 1))) + { + g_message ("'%s' has a larger image size than GIMP can handle.", + gimp_filename_to_utf8 (filename)); + return -1; + } + if (alpha_frame) dest = (guchar *) g_malloc (len * height * (promote_to_rgb ? 4 : 2)); else -- 1.7.11.4
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor