Fixed TALOS-2019-0842 - XCF Image Code Execution Vulnerability
authorSam Lantinga <slouken@libsdl.org>
Mon, 10 Jun 2019 17:24:08 -0700
changeset 656b1a80aec2b10
parent 655 db1f3b1892ab
child 657 95fc7da55247
Fixed TALOS-2019-0842 - XCF Image Code Execution Vulnerability
IMG_xcf.c
     1.1 --- a/IMG_xcf.c	Mon Jun 10 16:49:12 2019 -0700
     1.2 +++ b/IMG_xcf.c	Mon Jun 10 17:24:08 2019 -0700
     1.3 @@ -686,7 +686,7 @@
     1.4              p16 = (Uint16 *) p8;
     1.5              p = (Uint32 *) p8;
     1.6              for (y = ty; y < ty + oy; y++) {
     1.7 -                if ((ty >= surface->h) || ((tx+ox) > surface->w)) {
     1.8 +                if ((y >= surface->h) || ((tx+ox) > surface->w)) {
     1.9                      break;
    1.10                  }
    1.11                  row = (Uint32 *) ((Uint8 *) surface->pixels + y * surface->pitch + tx * 4);