More extra checks

author: Marti Maria <info@littlecms.com> 2012-05-23 17:33:33 +0200
committer: Marti Maria <info@littlecms.com> 2012-05-23 17:33:33 +0200
commit: 9e246ece55017da090a842e0cf3273483f32afa1 (patch)
tree: 0bda2dc945b45c5ee9b66827935c54230951c130
parent: 24b8bdfdf831b3bc017514ff76260aa386ee59f2 (diff)
download: lcms2-9e246ece55017da090a842e0cf3273483f32afa1.tar.gz
4 files changed, 4 insertions, 3 deletions
diff --git a/AUTHORS b/AUTHORS
index ef59608..7825298 100644
--- a/AUTHORS
+++ b/AUTHORS
@@ -25,6 +25,7 @@ Michael Vhrel (Artifex)
 Robin Watts (Artifex)
 Michal Cihar 
 Daniel Kaneider 
+Mateusz Jurczyk (Google)
 
 Special Thanks 
 --------------
diff --git a/ChangeLog b/ChangeLog
index 5fbcadf..91629fe 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -72,3 +72,4 @@ Added a new plug-in type
 Internal stage structs are now accessible through plug-in API
 Fixed a bug on ending zero when saving a IT8 to memory
 Fixed a bug on IT8 reading of negative numbers.
+Increased security checks, thanks to Mateusz Jurczyk, from Google.
diff --git a/src/cmsopt.c b/src/cmsopt.c
index 1347e3d..8d0f62f 100644
--- a/src/cmsopt.c
+++ b/src/cmsopt.c
@@ -547,9 +547,6 @@ cmsBool OptimizeByResampling(cmsPipeline** Lut, cmsUInt32Number Intent, cmsUInt3
     // This is a loosy optimization! does not apply in floating-point cases
     if (_cmsFormatterIsFloat(*InputFormat) || _cmsFormatterIsFloat(*OutputFormat)) return FALSE;
 
-
-
-
     ColorSpace       = _cmsICCcolorSpace(T_COLORSPACE(*InputFormat));
     OutputColorSpace = _cmsICCcolorSpace(T_COLORSPACE(*OutputFormat));
     nGridPoints      = _cmsReasonableGridpointsByColorspace(ColorSpace, *dwFlags);
diff --git a/src/cmstypes.c b/src/cmstypes.c
index 2d4d2b2..ffdcc7d 100644
--- a/src/cmstypes.c
+++ b/src/cmstypes.c
@@ -1738,6 +1738,8 @@ void *Type_LUT8_Read(struct _cms_typehandler_struct* self, cmsIOHANDLER* io, cms
     if (!_cmsReadUInt8Number(io, &OutputChannels)) goto Error;
     if (!_cmsReadUInt8Number(io, &CLUTpoints)) goto Error;
 
+     if (CLUTpoints == 1) goto Error; // Impossible value, 0 for no CLUT and then 2 at least
+
     // Padding
     if (!_cmsReadUInt8Number(io, NULL)) goto Error;
author	Marti Maria <info@littlecms.com>	2012-05-23 17:33:33 +0200
committer	Marti Maria <info@littlecms.com>	2012-05-23 17:33:33 +0200
commit	9e246ece55017da090a842e0cf3273483f32afa1 (patch)
tree	0bda2dc945b45c5ee9b66827935c54230951c130
parent	24b8bdfdf831b3bc017514ff76260aa386ee59f2 (diff)
download	lcms2-9e246ece55017da090a842e0cf3273483f32afa1.tar.gz