gimp/gimp-2.8.22-CVE-2017-17789.patch

20 lines
736 B
Diff
Raw Normal View History

diff -urNp old/plug-ins/common/file-psp.c new/plug-ins/common/file-psp.c
--- old/plug-ins/common/file-psp.c 2018-01-04 12:04:14.636811394 +0100
+++ new/plug-ins/common/file-psp.c 2018-01-04 12:12:41.717877789 +0100
@@ -1777,6 +1777,15 @@ load_image (const gchar *filename,
{
block_start = ftell (f);
+ if (block_start + block_total_len > st.st_size)
+ {
+ g_set_error (error, G_FILE_ERROR, G_FILE_ERROR_FAILED,
+ _("Could not open '%s' for reading: %s"),
+ gimp_filename_to_utf8 (filename),
+ _("invalid block size"));
+ goto error;
+ }
+
if (id == PSP_IMAGE_BLOCK)
{
if (block_number != 0)