[Commits] SDL_image: ico: reject obviously incorrect image sizes.

libsdl.org revision control commits-owner at libsdl.org
Wed Jan 24 10:02:09 PST 2018


details:   https://hg.libsdl.org/SDL_image/rev/a1e9b624ca10
changeset: 558:a1e9b624ca10
user:      Ryan C. Gordon <icculus at icculus.org>
date:      Wed Jan 24 13:02:04 2018 -0500
description:
ico: reject obviously incorrect image sizes.

diffstat:

 IMG_bmp.c |  8 ++++++++
 1 files changed, 8 insertions(+), 0 deletions(-)

diffs (18 lines):

diff -r bfa08dc02b3c -r a1e9b624ca10 IMG_bmp.c
--- a/IMG_bmp.c	Wed Jan 24 12:00:24 2018 -0500
+++ b/IMG_bmp.c	Wed Jan 24 13:02:04 2018 -0500
@@ -735,6 +735,14 @@
         goto done;
     }
 
+    /* sanity check image size, so we don't overflow integers, etc. */
+    if ((biWidth < 0) || (biWidth > 0xFFFFFF) ||
+        (biHeight < 0) || (biHeight > 0xFFFFFF)) {
+        IMG_SetError("Unsupported or invalid ICO dimensions");
+        was_error = SDL_TRUE;
+        goto done;
+    }
+
     /* Create a RGBA surface */
     biHeight = biHeight >> 1;
     //printf("%d x %d\n", biWidth, biHeight);


More information about the commits mailing list