callisto-debian/gimp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

SGI: sanitize input data

Browse Source 
Refuse nonsensical xsize, ysize, zsize values.
This commit is contained in:
Nils Philippsen
2009-12-09 15:43:28 +01:00
parent 5aa82f3b6d
commit daaf1d2b97
1 changed files with 22 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
plug-ins/file-sgi/sgi.c
View File

@ -334,6 +334,28 @@ load_image (const gchar *filename,
* Get the image dimensions and create the image...
*/
/* Sanitize dimensions */
if (sgip->xsize == 0 || sgip->xsize > GIMP_MAX_IMAGE_SIZE)
{
g_set_error (error, G_FILE_ERROR, G_FILE_ERROR_FAILED,
_("Invalid width: %hu"), sgip->xsize);
return -1;
}
if (sgip->ysize == 0 || sgip->ysize > GIMP_MAX_IMAGE_SIZE)
{
g_set_error (error, G_FILE_ERROR, G_FILE_ERROR_FAILED,
_("Invalid height: %hu"), sgip->ysize);
return -1;
}
if (sgip->zsize == 0 || sgip->zsize > GIMP_MAX_IMAGE_SIZE)
{
g_set_error (error, G_FILE_ERROR, G_FILE_ERROR_FAILED,
_("Invalid number of channels: %hu"), sgip->zsize);
return -1;
}
bytes = sgip->zsize;
switch (sgip->zsize)