29 lines
882 B
Diff
29 lines
882 B
Diff
From 2793769ff107d8d22dadd30c6e68cd781b569550 Mon Sep 17 00:00:00 2001
|
|
From: Julian Smith <jules@op59.net>
|
|
Date: Mon, 4 Nov 2019 12:30:33 +0000
|
|
Subject: [PATCH] Bug 701819: fixed ordering in if expression to avoid
|
|
out-of-bounds access.
|
|
|
|
Fixes:
|
|
./sanbin/gs -dBATCH -dNOPAUSE -r965 -sOutputFile=tmp -sDEVICE=pcx16 ../bug-701819.pdf
|
|
---
|
|
devices/gdevpcx.c | 2 +-
|
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
|
|
diff --git a/devices/gdevpcx.c b/devices/gdevpcx.c
|
|
index 1735851d2..91de4abb6 100644
|
|
--- a/devices/gdevpcx.c
|
|
+++ b/devices/gdevpcx.c
|
|
@@ -442,7 +442,7 @@ pcx_write_rle(const byte * from, const byte * end, int step, gp_file * file)
|
|
byte data = *from;
|
|
|
|
from += step;
|
|
- if (data != *from || from == end) {
|
|
+ if (from >= end || data != *from) {
|
|
if (data >= 0xc0)
|
|
putc(0xc1, file);
|
|
} else {
|
|
--
|
|
2.41.0
|
|
|