1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38
|
commit 776cf0fc4c760f1fb7b966ce28dc92dd7d44ed50
Author: Michael R Sweet <michael.r.sweet@gmail.com>
Date: Fri Jan 7 10:21:58 2022 -0500
Fix potential stack overflow with GIF images (Issue #463)
Index: htmldoc-1.9.11/htmldoc/image.cxx
===================================================================
--- htmldoc-1.9.11.orig/htmldoc/image.cxx 2022-02-26 01:11:08.773261658 +0100
+++ htmldoc-1.9.11/htmldoc/image.cxx 2022-02-26 01:11:08.773261658 +0100
@@ -213,8 +213,7 @@
if (done)
{
- progress_error(HD_ERROR_READ_ERROR,
- "Not enough data left to read GIF compression code.");
+ progress_error(HD_ERROR_READ_ERROR, "Not enough data left to read GIF compression code.");
return (-1); /* Sorry, no more... */
}
@@ -238,7 +237,7 @@
* Read in another buffer...
*/
- if ((count = gif_get_block (fp, buf + last_byte)) <= 0)
+ if ((count = gif_get_block(fp, buf + last_byte)) <= 0)
{
/*
* Whoops, no more data!
@@ -252,7 +251,7 @@
* Update buffer state...
*/
- curbit = (curbit - lastbit) + 8 * last_byte;
+ curbit = curbit + 8 * last_byte - lastbit;
last_byte += (unsigned)count;
lastbit = last_byte * 8;
}
|