From 32f0c458c910a033375c57b46d7a3c1c606e6cbc Mon Sep 17 00:00:00 2001 From: Marti Maria Date: Mon, 10 Sep 2018 11:26:27 +0200 Subject: Reported bug from quangnh89 - Turns a warning into a fatal error. I have tested the profile against a normal use and found despite this is a real bug, it is harmless in the security context. The out of bounds condition can only be reached by building a special program. Yet-existing, normal code are unaffected as it never needs to do this particular sequence. I agree it is better to turn this warning into a fatal error in order to keep safe. NOT RELATED WITH SECURITY. IT CANNOT BE USED TO DO ANY EXPLOIT. --- src/cmsio0.c | 1 + 1 file changed, 1 insertion(+) diff --git a/src/cmsio0.c b/src/cmsio0.c index 90c79d0..ffebfa3 100644 --- a/src/cmsio0.c +++ b/src/cmsio0.c @@ -1599,6 +1599,7 @@ void* CMSEXPORT cmsReadTag(cmsHPROFILE hProfile, cmsTagSignature sig) _cmsTagSignature2String(String, sig); cmsSignalError(Icc ->ContextID, cmsERROR_CORRUPTION_DETECTED, "'%s' Inconsistent number of items: expected %d, got %d", String, TagDescriptor ->ElemCount, ElemCount); + goto Error; } -- cgit v1.2.1