Marcus Rueckert
e26a29070e
Accepted submit request 61245 from user vuntz OBS-URL: https://build.opensuse.org/request/show/61245 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/gimp?expand=0&rev=55
24 lines
719 B
Diff
24 lines
719 B
Diff
From 48ec15890e1751dede061f6d1f469b6508c13439 Mon Sep 17 00:00:00 2001
|
|
From: Simon Budig <simon@budig.de>
|
|
Date: Mon, 14 Feb 2011 20:46:31 +0000
|
|
Subject: file-psp: fix for bogus input data. Fixes bug #639203
|
|
|
|
---
|
|
diff --git a/plug-ins/common/file-psp.c b/plug-ins/common/file-psp.c
|
|
index ef39d5b..04897d5 100644
|
|
--- a/plug-ins/common/file-psp.c
|
|
+++ b/plug-ins/common/file-psp.c
|
|
@@ -1197,6 +1197,10 @@ read_channel_data (FILE *f,
|
|
}
|
|
else
|
|
fread (buf, runcount, 1, f);
|
|
+
|
|
+ /* prevent buffer overflow for bogus data */
|
|
+ runcount = MIN (runcount, endq - q);
|
|
+
|
|
if (bytespp == 1)
|
|
{
|
|
memmove (q, buf, runcount);
|
|
--
|
|
cgit v0.8.3.1
|