rpms / advancecomp

Clone
Source Code
GIT

Blame SOURCES/advancecomp-1.15-CVE-2019-9210-integer-overflow-in-png_compress.patch

c4 c5 c5-plus c6 c6-plus c7 c7-beta
  1.   16aa34a9bf1174e36f7232894f738632612cdbcc
  2.   SOURCES
  3.   advancecomp-1.15-CVE-2019-9210-integer-overflow-in-png_compress.patch
Blob History Raw
16aa34 
diff -up advancecomp-1.15/lib/png.c.me advancecomp-1.15/lib/png.c
16aa34 
--- advancecomp-1.15/lib/png.c.me	2019-06-11 13:17:33.265490986 +0200
16aa34 
+++ advancecomp-1.15/lib/png.c	2019-06-11 13:21:50.655818111 +0200
16aa34 
@@ -656,6 +656,11 @@ adv_error adv_png_read_ihdr(
16aa34 
 	}
16aa34 
 	*pix_pixel = pixel;
16aa34
16aa34 
+	if (width_align < width) {
16aa34 
+		error_unsupported_set("Invalid image size");
16aa34 
+		goto err;
16aa34 
+	}
16aa34 
+
16aa34 
 	if (data[10] != 0) { /* compression */
16aa34 
 		error_unsupported_set("Unsupported compression, %d instead of 0", (unsigned)data[10]);
16aa34 
 		goto err;

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation