File: 0006-check-number-of-repeat_count.patch

package info (click to toggle)
libsixel 1.5.2-2%2Bdeb9u1
  • links: PTS
  • area: main
  • in suites: stretch
  • size: 13,684 kB
  • sloc: ansic: 20,253; sh: 4,273; cpp: 1,227; makefile: 402; python: 306; xml: 271; ruby: 31; perl: 26
file content (23 lines) | stat: -rw-r--r-- 704 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
 
From: Takatsugu Nokubi <takatsugu.nokubi@robotfund.co.jp>
Date: Mon, 9 Sep 2019 15:12:02 +0900
Subject: check number of repeat_count

---
 src/fromsixel.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/fromsixel.c b/src/fromsixel.c
index 648095a..388ff7b 100644
--- a/src/fromsixel.c
+++ b/src/fromsixel.c
@@ -422,6 +422,10 @@ sixel_decode_raw(
             if (n > 0) {
                 repeat_count = param[0];
             }
+            if (repeat_count > 0x7fff) { /* check too huge number */
+                status = SIXEL_BAD_INPUT;
+                goto end;
+            }
 
         } else if (*p == '#') {
             /* DECGCI Graphics Color Introducer # Pc; Pu; Px; Py; Pz */