packages/freeimage
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
freeimage/CVE-2020-24293.patch

16 lines
760 B
Diff
Raw Permalink Blame History

Origin: https://src.fedoraproject.org/rpms/freeimage/blob/f39/f/CVE-2020-24293.patch
diff -rupN --no-dereference freeimage-svn-r1909-FreeImage-trunk/Source/FreeImage/PSDParser.cpp freeimage-svn-r1909-FreeImage-trunk-new/Source/FreeImage/PSDParser.cpp
--- freeimage-svn-r1909-FreeImage-trunk/Source/FreeImage/PSDParser.cpp 2023-09-28 19:34:47.287014100 +0200
+++ freeimage-svn-r1909-FreeImage-trunk-new/Source/FreeImage/PSDParser.cpp 2023-09-28 19:34:47.832008666 +0200
@@ -780,6 +780,10 @@ int psdThumbnail::Read(FreeImageIO *io,
FreeImage_Unload(_dib);
}
+ if (_WidthBytes != _Width * _BitPerPixel / 8) {
+ throw "Invalid PSD image";
+ }
+
if(_Format == 1) {
// kJpegRGB thumbnail image
_dib = FreeImage_LoadFromHandle(FIF_JPEG, io, handle);
Reference in New Issue View Git Blame Copy Permalink