rpms / SDL2

Clone
Source Code
GIT

Blame SOURCES/CVE-2019-13616-validate_image_size_when_loading_BMP_files.patch

c8-beta
  1.   c8-beta
  2.   SOURCES
  3.   CVE-2019-13616-validate_image_size_when_loading_BMP_files.patch
Blob History Raw
04b290 
From 85138c1ec673e05263ae666baf61f79384daf7e0 Mon Sep 17 00:00:00 2001
04b290 
From: Sam Lantinga <slouken@libsdl.org>
04b290 
Date: Tue, 30 Jul 2019 11:00:00 -0700
04b290 
Subject: Fixed bug 4538 - validate image size when loading BMP files
04b290
04b290
04b290 
diff --git a/src/video/SDL_bmp.c b/src/video/SDL_bmp.c
04b290 
index 0b68918cc..a06b0c94c 100644
04b290 
--- a/src/video/SDL_bmp.c
04b290 
+++ b/src/video/SDL_bmp.c
04b290 
@@ -226,6 +226,11 @@ SDL_LoadBMP_RW(SDL_RWops * src, int freesrc)
04b290 
             SDL_RWseek(src, (biSize - headerSize), RW_SEEK_CUR);
04b290 
         }
04b290 
     }
04b290 
+    if (biWidth <= 0 || biHeight == 0) {
04b290 
+        SDL_SetError("BMP file with bad dimensions (%dx%d)", biWidth, biHeight);
04b290 
+        was_error = SDL_TRUE;
04b290 
+        goto done;
04b290 
+    }
04b290 
     if (biHeight < 0) {
04b290 
         topDown = SDL_TRUE;
04b290 
         biHeight = -biHeight;

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation