Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Evergreen:11.4
gimp.817
bnc#724628-0002-file-gif-load-fix-type-overflow...
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File bnc#724628-0002-file-gif-load-fix-type-overflow-CVE-2012-3481.patch of Package gimp.817
From 407606bdbb404c0a1bf14751a394459e1bedfc08 Mon Sep 17 00:00:00 2001 From: Nils Philippsen <nils@redhat.com> Date: Tue, 14 Aug 2012 15:27:39 +0200 Subject: [PATCH 2/2] file-gif-load: fix type overflow (CVE-2012-3481) Cast variables properly to avoid overflowing when computing how much memory to allocate. --- plug-ins/common/file-gif-load.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/plug-ins/common/file-gif-load.c b/plug-ins/common/file-gif-load.c index 909b184..b46ba08 100644 --- a/plug-ins/common/file-gif-load.c +++ b/plug-ins/common/file-gif-load.c @@ -1033,9 +1033,9 @@ ReadImage (FILE *fd, } if (alpha_frame) - dest = (guchar *) g_malloc (len * height * (promote_to_rgb ? 4 : 2)); + dest = (guchar *) g_malloc ((gsize)len * (gsize)height * (promote_to_rgb ? 4 : 2)); else - dest = (guchar *) g_malloc (len * height); + dest = (guchar *) g_malloc ((gsize)len * (gsize)height); #ifdef GIFDEBUG g_print ("GIF: reading %d by %d%s GIF image, ncols=%d\n", -- 1.7.11.4
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor