1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35
|
From: Markus Koschany <apo@debian.org>
Date: Mon, 21 Mar 2016 22:40:04 +0100
Subject: CVE-2014-9762
Fix segmentation fault on images without colormap.
Origin: https://git.enlightenment.org/legacy/imlib2.git/commit/?h=v1.4.7&id=39641e74a560982fbf93f29bf96b37d27803cb56
---
src/modules/loaders/loader_gif.c | 13 +++++++++++++
1 file changed, 13 insertions(+)
diff --git a/src/modules/loaders/loader_gif.c b/src/modules/loaders/loader_gif.c
index 45ff0b9..ff78d22 100644
--- a/src/modules/loaders/loader_gif.c
+++ b/src/modules/loaders/loader_gif.c
@@ -154,6 +154,19 @@ load(ImlibImage * im, ImlibProgressFunction progress, char progress_granularity,
free(rows);
return 0;
}
+ if (!cmap)
+ {
+ /* No colormap? Now what?? Let's clear the image (and not segv) */
+ memset(im->data, 0, sizeof(DATA32) * w * h);
+ DGifCloseFile(gif);
+ for (i = 0; i < h; i++)
+ {
+ free(rows[i]);
+ }
+ free(rows);
+ return 1;
+ }
+
ptr = im->data;
per_inc = 100.0 / (((float)w) * h);
for (i = 0; i < h; i++)
|