[Commits] SDL_image: XCF: check if there's sufficient data in the stream b...

libsdl.org revision control commits-owner at libsdl.org
Fri Sep 28 20:58:59 PDT 2018


details:   https://hg.libsdl.org/SDL_image/rev/31263a049d50
changeset: 592:31263a049d50
user:      Michał Janiszewski <janisozaur+sdl2image at gmail.com>
date:      Fri Sep 28 22:00:26 2018 +0200
description:
XCF: check if there's sufficient data in the stream before allocating

An XCF file could lie about the size of a string it contains. Perform a
check if there is enough of data in the stream before trying to
allocate the advertised size.

diffstat:

 IMG_xcf.c |  3 ++-
 1 files changed, 2 insertions(+), 1 deletions(-)

diffs (13 lines):

diff -r 90a531f221f2 -r 31263a049d50 IMG_xcf.c
--- a/IMG_xcf.c	Fri Sep 28 20:56:50 2018 -0700
+++ b/IMG_xcf.c	Fri Sep 28 22:00:26 2018 +0200
@@ -225,7 +225,8 @@
   char * data;
 
   tmp = SDL_ReadBE32 (src);
-  if (tmp > 0) {
+  Sint64 remaining = SDL_RWsize(src) - SDL_RWtell(src);
+  if (tmp > 0 && tmp < remaining) {
     data = (char *) SDL_malloc (sizeof (char) * tmp);
     SDL_RWread (src, data, tmp, 1);
   }


More information about the commits mailing list