1 2 3 4 5 6 7 8 9 10 11 12 13 14
|
Description: pcx: don't overflow buffer if bytes-per-line is less than image width.
Origin: upstream, https://hg.libsdl.org/SDL_image/rev/2938fc80591a
--- a/IMG_pcx.c
+++ b/IMG_pcx.c
@@ -149,7 +149,7 @@ SDL_Surface *IMG_LoadPCX_RW(SDL_RWops *src)
if (bpl > surface->pitch) {
error = "bytes per line is too large (corrupt?)";
}
- buf = malloc(bpl);
+ buf = calloc(SDL_max(bpl, surface->pitch), 1);
row = surface->pixels;
for ( y=0; y<surface->h; ++y ) {
/* decode a scan line to a temporary buffer first */
|