rpms / advancecomp

Clone
Source Code
GIT

Blame SOURCES/advancecomp-1.15-CVE-2019-9210-integer-overflow-in-png_compress.patch

c7-beta
  1.   1f2c39ba610d5441eb5ec135f2fcdfa2512082df
  2.   SOURCES
  3.   advancecomp-1.15-CVE-2019-9210-integer-overflow-in-png_compress.patch
Blob History Raw
1f2c39 
diff -up advancecomp-1.15/lib/png.c.me advancecomp-1.15/lib/png.c
1f2c39 
--- advancecomp-1.15/lib/png.c.me	2019-06-11 13:17:33.265490986 +0200
1f2c39 
+++ advancecomp-1.15/lib/png.c	2019-06-11 13:21:50.655818111 +0200
1f2c39 
@@ -656,6 +656,11 @@ adv_error adv_png_read_ihdr(
1f2c39 
 	}
1f2c39 
 	*pix_pixel = pixel;
1f2c39
1f2c39 
+	if (width_align < width) {
1f2c39 
+		error_unsupported_set("Invalid image size");
1f2c39 
+		goto err;
1f2c39 
+	}
1f2c39 
+
1f2c39 
 	if (data[10] != 0) { /* compression */
1f2c39 
 		error_unsupported_set("Unsupported compression, %d instead of 0", (unsigned)data[10]);
1f2c39 
 		goto err;

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation