1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27
|
From: Markus Koschany <apo@debian.org>
Date: Mon, 21 Mar 2016 22:41:45 +0100
Subject: CVE-2014-9764
Fix segfault when opening specially crafted input with feh.
Origin: https://git.enlightenment.org/legacy/imlib2.git/commit/?h=v1.4.7&id=1f9b0b32728803a1578e658cd0955df773e34f49
---
src/modules/loaders/loader_gif.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/src/modules/loaders/loader_gif.c b/src/modules/loaders/loader_gif.c
index ff78d22..bf26da3 100644
--- a/src/modules/loaders/loader_gif.c
+++ b/src/modules/loaders/loader_gif.c
@@ -136,6 +136,11 @@ load(ImlibImage * im, ImlibProgressFunction progress, char progress_granularity,
{
UNSET_FLAG(im->flags, F_HAS_ALPHA);
}
+ if (!rows)
+ {
+ DGifCloseFile(gif);
+ return 0;
+ }
/* set the format string member to the lower-case full extension */
/* name for the format - so example names would be: */
/* "png", "jpeg", "tiff", "ppm", "pgm", "pbm", "gif", "xpm" ... */
|