24 lines
793 B
Diff
24 lines
793 B
Diff
# HG changeset patch
|
|
# User Sam Lantinga <slouken@libsdl.org>
|
|
# Date 1564509600 25200
|
|
# Node ID e7ba650a643ad88dd8545511a18af1c9dcdfa2da
|
|
# Parent b810b78d32cc41a2384d0f14746ae889d443ffa7
|
|
Fixed bug 4538 - validate image size when loading BMP files
|
|
|
|
diff -r b810b78d32cc -r e7ba650a643a src/video/SDL_bmp.c
|
|
--- a/src/video/SDL_bmp.c Thu Jul 25 08:05:13 2019 -0500
|
|
+++ b/src/video/SDL_bmp.c Tue Jul 30 11:00:00 2019 -0700
|
|
@@ -226,6 +226,11 @@
|
|
SDL_RWseek(src, (biSize - headerSize), RW_SEEK_CUR);
|
|
}
|
|
}
|
|
+ if (biWidth <= 0 || biHeight == 0) {
|
|
+ SDL_SetError("BMP file with bad dimensions (%dx%d)", biWidth, biHeight);
|
|
+ was_error = SDL_TRUE;
|
|
+ goto done;
|
|
+ }
|
|
if (biHeight < 0) {
|
|
topDown = SDL_TRUE;
|
|
biHeight = -biHeight;
|
|
|