mewin/libpng
1
0
Fork 0
mirror of https://git.code.sf.net/p/libpng/code.git synced 2025-07-10 18:04:09 +02:00
Code Issues Projects Releases Wiki Activity

[libpng16] Check for integer overflow in contrib/visupng.

Browse Source
This commit is contained in:
Glenn Randers-Pehrson
2017-04-23 17:33:10 -05:00
parent 0808d75851
commit 170a44b222
4 changed files with 17 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
contrib/visupng/PngFile.c
View File

@@ -236,6 +236,10 @@ BOOL PngLoadImage (PTSTR pstrFileName, png_byte **ppbImageData,
free (pbImageData);
pbImageData = NULL;
}
if ((*piHeight) > ((size_t)(-1))/ulRowBytes) {
{
png_error(png_ptr, "Visual PNG: image is too big");
}
if ((pbImageData = (png_byte *) malloc(ulRowBytes * (*piHeight)
* sizeof(png_byte))) == NULL)
{