summaryrefslogtreecommitdiff
path: root/libre/sdl/SDL-1.2.15-CVE-2019-13616-validate_image_size_when_loading_BMP_files.patch
diff options
context:
space:
mode:
Diffstat (limited to 'libre/sdl/SDL-1.2.15-CVE-2019-13616-validate_image_size_when_loading_BMP_files.patch')
-rw-r--r--libre/sdl/SDL-1.2.15-CVE-2019-13616-validate_image_size_when_loading_BMP_files.patch23
1 files changed, 23 insertions, 0 deletions
diff --git a/libre/sdl/SDL-1.2.15-CVE-2019-13616-validate_image_size_when_loading_BMP_files.patch b/libre/sdl/SDL-1.2.15-CVE-2019-13616-validate_image_size_when_loading_BMP_files.patch
new file mode 100644
index 000000000..13fa7860e
--- /dev/null
+++ b/libre/sdl/SDL-1.2.15-CVE-2019-13616-validate_image_size_when_loading_BMP_files.patch
@@ -0,0 +1,23 @@
+changeset: 12960:ad1bbfbca760
+branch: SDL-1.2
+parent: 12914:87d60cae0273
+user: Ozkan Sezer <sezeroz@gmail.com>
+date: Tue Jul 30 21:30:24 2019 +0300
+summary: Fixed bug 4538 - validate image size when loading BMP files
+
+diff -r 87d60cae0273 -r ad1bbfbca760 src/video/SDL_bmp.c
+--- a/src/video/SDL_bmp.c Tue Jun 18 23:31:40 2019 +0100
++++ b/src/video/SDL_bmp.c Tue Jul 30 21:30:24 2019 +0300
+@@ -143,6 +143,11 @@
+ (void) biYPelsPerMeter;
+ (void) biClrImportant;
+
++ if (biWidth <= 0 || biHeight == 0) {
++ SDL_SetError("BMP file with bad dimensions (%dx%d)", biWidth, biHeight);
++ was_error = SDL_TRUE;
++ goto done;
++ }
+ if (biHeight < 0) {
+ topDown = SDL_TRUE;
+ biHeight = -biHeight;
+
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-02 00:43:30 +0000