rpms / qt5-qtbase

Clone
Source Code
GIT

Blame SOURCES/qt5-qtbase-CVE-2018-19873.patch

c7 c7-alt c7-beta c8 c8-beta c8s c9 c9-beta
  1.   40dd5e484d82f119f8cc8d73097583fd0b447029
  2.   SOURCES
  3.   qt5-qtbase-CVE-2018-19873.patch
Blob History Raw
40dd5e 
diff --git a/src/gui/image/qbmphandler.cpp b/src/gui/image/qbmphandler.cpp
40dd5e 
index 587f375c..5dff4ab0 100644
40dd5e 
--- a/src/gui/image/qbmphandler.cpp
40dd5e 
+++ b/src/gui/image/qbmphandler.cpp
40dd5e 
@@ -188,6 +188,8 @@ static bool read_dib_infoheader(QDataStream &s, BMP_INFOHDR &bi)
40dd5e 
     if (!(comp == BMP_RGB || (nbits == 4 && comp == BMP_RLE4) ||
40dd5e 
         (nbits == 8 && comp == BMP_RLE8) || ((nbits == 16 || nbits == 32) && comp == BMP_BITFIELDS)))
40dd5e 
          return false;                                // weird compression type
40dd5e 
+    if (bi.biWidth < 0 || quint64(bi.biWidth) * qAbs(bi.biHeight) > 16384 * 16384)
40dd5e 
+        return false;
40dd5e
40dd5e 
     return true;
40dd5e 
 }

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation