Package: sdl-image1.2 / 1.2.12-5+deb8u1

CVE-2017-14441.patch Patch series | download
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
Description: ico: reject obviously incorrect image sizes.
Origin: upstream, https://hg.libsdl.org/SDL_image/rev/a1e9b624ca10

--- a/IMG_bmp.c
+++ b/IMG_bmp.c
@@ -735,6 +735,14 @@
         goto done;
     }
 
+    /* sanity check image size, so we don't overflow integers, etc. */
+    if ((biWidth < 0) || (biWidth > 0xFFFFFF) ||
+        (biHeight < 0) || (biHeight > 0xFFFFFF)) {
+        IMG_SetError("Unsupported or invalid ICO dimensions");
+        was_error = SDL_TRUE;
+        goto done;
+    }
+
     /* Create a RGBA surface */
     biHeight = biHeight >> 1;
     //printf("%d x %d\n", biWidth, biHeight);