Projects
Multimedia
A_tw-libqt4
CVE-2018-19873.patch
Sign Up
Log In
Username
Password
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File CVE-2018-19873.patch of Package A_tw-libqt4
Author: Eirik Aavitsland <eirik.aavitsland@qt.io> AuthorDate: 2018-09-04 11:08:06 +0200 Commit: Eirik Aavitsland <eirik.aavitsland@qt.io> CommitDate: 2018-09-11 06:36:34 +0000 bmp image handler: check for out of range image size Make the decoder fail early to avoid spending time and memory on attempting to decode a corrupt image file. Change-Id: I874e04f3b43122d73f8e58c7a5bcc4a741b68264 Reviewed-by: Lars Knoll <lars.knoll@qt.io> --- qt-everywhere-opensource-src-4.8.7.orig/src/gui/image/qbmphandler.cpp +++ qt-everywhere-opensource-src-4.8.7/src/gui/image/qbmphandler.cpp @@ -181,6 +181,8 @@ static bool read_dib_infoheader(QDataStr if (!(comp == BMP_RGB || (nbits == 4 && comp == BMP_RLE4) || (nbits == 8 && comp == BMP_RLE8) || ((nbits == 16 || nbits == 32) && comp == BMP_BITFIELDS))) return false; // weird compression type + if (bi.biWidth < 0 || quint64(bi.biWidth) * qAbs(bi.biHeight) > 16384 * 16384) + return false; return true; }
Locations
Projects
Search
Status Monitor
Help
Open Build Service
OBS Manuals
API Documentation
OBS Portal
Reporting a Bug
Contact
Mailing List
Forums
Chat (IRC)
Twitter
Open Build Service (OBS)
is an
openSUSE project
.