From: Michael R Sweet Date: Fri, 5 Nov 2021 09:35:10 -0400 Subject: CVE-2021-43579 Fix potential BMP stack overflow (Issue #453) --- htmldoc/image.cxx | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/htmldoc/image.cxx b/htmldoc/image.cxx index caa764d..fd7501e 100644 --- a/htmldoc/image.cxx +++ b/htmldoc/image.cxx @@ -904,12 +904,16 @@ image_load_bmp(image_t *img, /* I - Image to load into */ return (-1); if (info_size > 40) + { for (info_size -= 40; info_size > 0; info_size --) getc(fp); + } // Get colormap... if (colors_used == 0 && depth <= 8) colors_used = 1 << depth; + else if (colors_used > 256) + return (-1); fread(colormap, (size_t)colors_used, 4, fp);