File: CVE-2017-14440.patch

package info (click to toggle)
libsdl2-image 2.0.0%2Bdfsg-3%2Bdeb8u1
  • links: PTS, VCS
  • area: main
  • in suites: jessie
  • size: 2,140 kB
  • sloc: sh: 10,011; ansic: 9,550; makefile: 89
file content (22 lines) | stat: -rw-r--r-- 752 bytes parent folder | download | duplicates (2) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
 
# HG changeset patch
# User Ryan C. Gordon <icculus@icculus.org>
# Date 1516813224 18000
# Node ID bfa08dc02b3c7b265ead6019f901f17f925570c3
# Parent  97f7f01e0665b7555a0e5e9465799e80c8f59528
lbm: Don't overflow static colormap buffer.

diff -r 97f7f01e0665 -r bfa08dc02b3c IMG_lbm.c
--- a/IMG_lbm.c	Wed Jan 24 01:45:04 2018 -0500
+++ b/IMG_lbm.c	Wed Jan 24 12:00:24 2018 -0500
@@ -183,6 +183,11 @@
 
         if ( !SDL_memcmp( id, "CMAP", 4 ) ) /* palette ( Color Map ) */
         {
+            if (size > sizeof (colormap)) {
+                error="colormap size is too large";
+                goto done;
+            }
+
             if ( !SDL_RWread( src, &colormap, size, 1 ) )
             {
                 error="error reading CMAP chunk";