39 lines
1022 B
Diff
39 lines
1022 B
Diff
From 2d30e67ec0b77993de62f975aae29266d8d1f784 Mon Sep 17 00:00:00 2001
|
|
From: Lumir Balhar <lbalhar@redhat.com>
|
|
Date: Thu, 4 Apr 2024 13:01:56 +0200
|
|
Subject: [PATCH] CVE-2024-28219
|
|
|
|
---
|
|
src/_imagingcms.c | 8 ++++----
|
|
1 file changed, 4 insertions(+), 4 deletions(-)
|
|
|
|
diff --git a/src/_imagingcms.c b/src/_imagingcms.c
|
|
index 5e4196c..4169e28 100644
|
|
--- a/src/_imagingcms.c
|
|
+++ b/src/_imagingcms.c
|
|
@@ -212,8 +212,8 @@ cms_transform_new(cmsHTRANSFORM transform, char* mode_in, char* mode_out)
|
|
|
|
self->transform = transform;
|
|
|
|
- strcpy(self->mode_in, mode_in);
|
|
- strcpy(self->mode_out, mode_out);
|
|
+ strncpy(self->mode_in, mode_in, 8);
|
|
+ strncpy(self->mode_out, mode_out, 8);
|
|
|
|
return (PyObject*) self;
|
|
}
|
|
@@ -286,8 +286,8 @@ findLCMStype(char* PILmode)
|
|
}
|
|
|
|
else {
|
|
- /* take a wild guess... but you probably should fail instead. */
|
|
- return TYPE_GRAY_8; /* so there's no buffer overrun... */
|
|
+ /* take a wild guess... */
|
|
+ return TYPE_GRAY_8;
|
|
}
|
|
}
|
|
|
|
--
|
|
2.44.0
|
|
|