Projects
Eulaceura:Factory
djvulibre
_service:obs_scm:CVE-2021-46312.patch
Sign Up
Log In
Username
Password
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _service:obs_scm:CVE-2021-46312.patch of Package djvulibre
Origin: https://sourceforge.net/p/djvu/bugs/344/ Index: djvulibre-3.5.28/libdjvu/IW44EncodeCodec.cpp =================================================================== --- djvulibre-3.5.28.orig/libdjvu/IW44EncodeCodec.cpp +++ djvulibre-3.5.28/libdjvu/IW44EncodeCodec.cpp @@ -1424,7 +1424,12 @@ IWBitmap::Encode::init(const GBitmap &bm int h = bm.rows(); int g = bm.get_grays()-1; signed char *buffer; - GPBuffer<signed char> gbuffer(buffer,w*h); + size_t sz = w * h; + if (sz == 0 || g <= 0) // w or h is zero or g is not positive + G_THROW("IWBitmap: zero size image (corrupted file?)"); + if (sz / (size_t)w != (size_t)h) // multiplication overflow + G_THROW("IWBitmap: image size exceeds maximum (corrupted file?)"); + GPBuffer<signed char> gbuffer(buffer,sz); // Prepare gray level conversion table signed char bconv[256]; for (i=0; i<256; i++)
Locations
Projects
Search
Status Monitor
Help
Open Build Service
OBS Manuals
API Documentation
OBS Portal
Reporting a Bug
Contact
Mailing List
Forums
Chat (IRC)
Twitter
Open Build Service (OBS)
is an
openSUSE project
.
浙ICP备2022010568号-2