Search
j0ke.net Open Build Service
>
Projects
>
multimedia
>
SDL_image
> SDL_image-1.2.4-lbm-overflow.patch
Sign Up
|
Log In
Username
Password
Cancel
Overview
Repositories
Revisions
Requests
Users
Advanced
Attributes
Meta
File SDL_image-1.2.4-lbm-overflow.patch of Package SDL_image (Revision 2)
Currently displaying revision
2
,
show latest
--- IMG_lbm.c +++ IMG_lbm.c @@ -28,6 +28,7 @@ EHB and HAM (specific Amiga graphic chip modes) support added by Marc Le Douarain (http://www.multimania.com/mavati) in December 2003. Stencil and colorkey fixes by David Raulo (david.raulo AT free DOT fr) in February 2004. + Buffer overflow fix in RLE decompression by David Raulo in January 2008. */ #include <stdio.h> @@ -328,7 +329,7 @@ count ^= 0xFF; count += 2; /* now it */ - if ( !SDL_RWread( src, &color, 1, 1 ) ) + if ( ( count > remainingbytes ) || !SDL_RWread( src, &color, 1, 1 ) ) { error="error reading BODY chunk"; goto done; @@ -339,7 +340,7 @@ { ++count; - if ( !SDL_RWread( src, ptr, count, 1 ) ) + if ( ( count > remainingbytes ) || !SDL_RWread( src, ptr, count, 1 ) ) { error="error reading BODY chunk"; goto done;