From 0c1db6f7bcf62feb897bc639976d118d2f3fa51b Mon Sep 17 00:00:00 2001 From: Sam Lantinga Date: Mon, 10 Jun 2019 17:24:08 -0700 Subject: [PATCH] Fixed TALOS-2019-0842 - XCF Image Code Execution Vulnerability --- IMG_xcf.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/IMG_xcf.c b/IMG_xcf.c index 141907f3..de17e893 100644 --- a/IMG_xcf.c +++ b/IMG_xcf.c @@ -686,7 +686,7 @@ do_layer_surface(SDL_Surface * surface, SDL_RWops * src, xcf_header * head, xcf_ p16 = (Uint16 *) p8; p = (Uint32 *) p8; for (y = ty; y < ty + oy; y++) { - if ((ty >= surface->h) || ((tx+ox) > surface->w)) { + if ((y >= surface->h) || ((tx+ox) > surface->w)) { break; } row = (Uint32 *) ((Uint8 *) surface->pixels + y * surface->pitch + tx * 4);