Package: sdl-image1.2 / 1.2.12-12

CVE-2019-13616.patch Patch series | download
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
# HG changeset patch
# User Ozkan Sezer <sezeroz@gmail.com>
# Date 1564511355 -10800
# Node ID a59bfe382008d2a14fa31f33b35a3ca473e9354f
# Parent  9ccaa3a0dfb6af18252c238797e53a9a899b0662
Fixed bug 4538 - validate image size when loading BMP files

--- sdl-image1.2-1.2.12.orig/IMG_bmp.c
+++ sdl-image1.2-1.2.12/IMG_bmp.c
@@ -272,6 +272,11 @@ static SDL_Surface *LoadBMP_RW (SDL_RWop
 		biClrUsed	= SDL_ReadLE32(src);
 		biClrImportant	= SDL_ReadLE32(src);
 	}
+	if (biWidth <= 0 || biHeight == 0) {
+		IMG_SetError("BMP file with bad dimensions (%dx%d)", biWidth, biHeight);
+		was_error = SDL_TRUE;
+		goto done;
+	}
 	if (biHeight < 0) {
 		topDown = SDL_TRUE;
 		biHeight = -biHeight;