36 lines
1.1 KiB
Diff
36 lines
1.1 KiB
Diff
From 0806bc76ca74543d20e1307ccf6aebd26395c56c Mon Sep 17 00:00:00 2001
|
|
From: Alx Sa <cmyk.student@gmail.com>
|
|
Date: Mon, 10 Mar 2025 04:07:44 +0000
|
|
Subject: [PATCH] plug-ins: Fix ZDI-CAN-25100 for FLI plug-in
|
|
|
|
Origin: https://gitlab.gnome.org/GNOME/gimp/-/commit/0806bc76ca74543d20e1307ccf6aebd26395c56c
|
|
|
|
Resolves #13073
|
|
This patch adds a check to make sure we're not
|
|
writing beyond the bounds of the "pos" array.
|
|
This is the same check that we do earlier when
|
|
writing pos[xc++], but it was left off of the last
|
|
write command. Since "n" will be 0 if we get to the
|
|
end of the array, it prevents us from writing beyond
|
|
that.
|
|
---
|
|
plug-ins/file-fli/fli.c | 2 +-
|
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
|
|
diff --git a/plug-ins/file-fli/fli.c b/plug-ins/file-fli/fli.c
|
|
index 85dcc994395..1aba31e8f90 100644
|
|
--- a/plug-ins/file-fli/fli.c
|
|
+++ b/plug-ins/file-fli/fli.c
|
|
@@ -1529,7 +1529,7 @@ fli_read_lc_2 (FILE *f,
|
|
xc += len << 1;
|
|
}
|
|
}
|
|
- if (lpf)
|
|
+ if (lpf && xc < n)
|
|
pos[xc] = lpn;
|
|
yc++;
|
|
}
|
|
--
|
|
GitLab
|
|
|