1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
|
From: Ozkan Sezer <sezeroz@gmail.com>
Date: Tue, 30 Jul 2019 21:30:24 +0300
Subject: Fixed bug 4538 - validate image size when loading BMP files
Origin: upstream, commit:https://github.com/libsdl-org/SDL-1.2/commit/31a87d75f15c7acd9470fab9ceb129c0a255871f
---
src/video/SDL_bmp.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/src/video/SDL_bmp.c b/src/video/SDL_bmp.c
index 758d4bb..6cadc8a 100644
--- a/src/video/SDL_bmp.c
+++ b/src/video/SDL_bmp.c
@@ -143,6 +143,11 @@ SDL_Surface * SDL_LoadBMP_RW (SDL_RWops *src, int freesrc)
(void) biYPelsPerMeter;
(void) biClrImportant;
+ if (biWidth <= 0 || biHeight == 0) {
+ SDL_SetError("BMP file with bad dimensions (%dx%d)", biWidth, biHeight);
+ was_error = SDL_TRUE;
+ goto done;
+ }
if (biHeight < 0) {
topDown = SDL_TRUE;
biHeight = -biHeight;
|
