File libwmf-0.2.8.4-CVE-2015-0848.patch of Package libwmf
--- libwmf-0.2.8.4/src/ipa/ipa/bmp.h 2015-06-02 11:35:04.072201795 +0100
+++ libwmf-0.2.8.4/src/ipa/ipa/bmp.h 2015-06-02 11:35:20.647406414 +0100
@@ -1145,8 +1143,15 @@
}
}
else
- { /* Convert run-length encoded raster pixels. */
- DecodeImage (API,bmp,src,(unsigned int) bmp_info.compression,data->image);
+ {
+ if (bmp_info.bits_per_pixel == 8) /* Convert run-length encoded raster pixels. */
+ {
+ DecodeImage (API,bmp,src,(unsigned int) bmp_info.compression,data->image);
+ }
+ else
+ { WMF_ERROR (API,"Unexpected pixel depth");
+ API->err = wmf_E_BadFormat;
+ }
}
if (ERR (API))