Package: sdl-image1.2 / 1.2.12-12

CVE-2019-5052.patch Patch series | download
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
Description: fix invalid data read on bpl == -1
 Issue known as TALOS-2019-0821, or CVE-2019-5052.
Author: Sam Lantinga <slouken@libsdl.org>
Origin: upstream, https://hg.libsdl.org/SDL_image/rev/b920be2b3fc6
--- a/IMG_pcx.c	2019-07-23 11:55:37.921487131 -0300
+++ b/IMG_pcx.c	2019-07-23 11:55:46.429453620 -0300
@@ -148,7 +148,7 @@
 		goto done;
 
 	bpl = pcxh.NPlanes * pcxh.BytesPerLine;
-	if (bpl > surface->pitch) {
+	if (bpl < 0 || bpl > surface->pitch) {
 		error = "bytes per line is too large (corrupt?)";
 		goto done;
 	}