diff options
| author | Matthias Clasen <mclasen@redhat.com> | 2005-03-03 14:02:59 +0000 |
|---|---|---|
| committer | Matthias Clasen <matthiasc@src.gnome.org> | 2005-03-03 14:02:59 +0000 |
| commit | f5869e6a87314018e150a0c4109ff450ec435f56 (patch) | |
| tree | 4f39553c11eb7c4cbc72a955f54f8b99d8aa84fb /gdk-pixbuf | |
| parent | a3cee3d83ae63c541d5dfe7be479080265a1633b (diff) | |
| download | gtk+-f5869e6a87314018e150a0c4109ff450ec435f56.tar.gz | |
Check the number of scanned items. (#168906, Morten Welinder)
2005-03-03 Matthias Clasen <mclasen@redhat.com>
* io-xpm.c (pixbuf_create_from_xpm): Check the number
of scanned items. (#168906, Morten Welinder)
Diffstat (limited to 'gdk-pixbuf')
| -rw-r--r-- | gdk-pixbuf/ChangeLog | 3 | ||||
| -rw-r--r-- | gdk-pixbuf/io-xpm.c | 9 |
2 files changed, 12 insertions, 0 deletions
diff --git a/gdk-pixbuf/ChangeLog b/gdk-pixbuf/ChangeLog index b03ae23958..922ee94b51 100644 --- a/gdk-pixbuf/ChangeLog +++ b/gdk-pixbuf/ChangeLog @@ -1,5 +1,8 @@ 2005-03-03 Matthias Clasen <mclasen@redhat.com> + * io-xpm.c (pixbuf_create_from_xpm): Check the number + of scanned items. (#168906, Morten Welinder) + Make the gif loader handle oom when loading animations. (#168857, Tommi Komulainen) diff --git a/gdk-pixbuf/io-xpm.c b/gdk-pixbuf/io-xpm.c index 2125b9c454..45a7cae462 100644 --- a/gdk-pixbuf/io-xpm.c +++ b/gdk-pixbuf/io-xpm.c @@ -1230,6 +1230,15 @@ pixbuf_create_from_xpm (const gchar * (*get_buf) (enum buf_op op, gpointer handl return NULL; } items = sscanf (buffer, "%d %d %d %d %d %d", &w, &h, &n_col, &cpp, &x_hot, &y_hot); + + if (items != 4 && items != 6) { + g_set_error (error, + GDK_PIXBUF_ERROR, + GDK_PIXBUF_ERROR_CORRUPT_IMAGE, + _("Invalid XPM header")); + return NULL; + } + if (w <= 0) { g_set_error (error, GDK_PIXBUF_ERROR, |