rpms / SDL

Clone
Source Code
GIT

Blame SOURCES/SDL-1.2.15-CVE-2019-13616-validate_image_size_when_loading_BMP_files.patch

c4 c5 c5-plus c6 c6-plus c7 c7-aarch64 c7-beta c7-ppc64le c8 c8-beta c8-containeronly-stream-flatpak c8s c9-beta
  1.   afe9db258c4e73adc76dfebeda12abe99bbb821e
  2.   SOURCES
  3.   SDL-1.2.15-CVE-2019-13616-validate_image_size_when_loading_BMP_files.patch
Blob History Raw
afe9db 
changeset:   12960:ad1bbfbca760
afe9db 
branch:      SDL-1.2
afe9db 
parent:      12914:87d60cae0273
afe9db 
user:        Ozkan Sezer <sezeroz@gmail.com>
afe9db 
date:        Tue Jul 30 21:30:24 2019 +0300
afe9db 
summary:     Fixed bug 4538 - validate image size when loading BMP files
afe9db
afe9db 
diff -r 87d60cae0273 -r ad1bbfbca760 src/video/SDL_bmp.c
afe9db 
--- a/src/video/SDL_bmp.c	Tue Jun 18 23:31:40 2019 +0100
afe9db 
+++ b/src/video/SDL_bmp.c	Tue Jul 30 21:30:24 2019 +0300
afe9db 
@@ -143,6 +143,11 @@
afe9db 
 	(void) biYPelsPerMeter;
afe9db 
 	(void) biClrImportant;
afe9db
afe9db 
+	if (biWidth <= 0 || biHeight == 0) {
afe9db 
+		SDL_SetError("BMP file with bad dimensions (%dx%d)", biWidth, biHeight);
afe9db 
+		was_error = SDL_TRUE;
afe9db 
+		goto done;
afe9db 
+	}
afe9db 
 	if (biHeight < 0) {
afe9db 
 		topDown = SDL_TRUE;
afe9db 
 		biHeight = -biHeight;
afe9db

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation