ico: reject obviously incorrect image sizes.
authorRyan C. Gordon <icculus@icculus.org>
Wed, 24 Jan 2018 13:02:04 -0500
changeset 558a1e9b624ca10
parent 557 bfa08dc02b3c
child 559 37445f6180a8
ico: reject obviously incorrect image sizes.
IMG_bmp.c
     1.1 --- a/IMG_bmp.c	Wed Jan 24 12:00:24 2018 -0500
     1.2 +++ b/IMG_bmp.c	Wed Jan 24 13:02:04 2018 -0500
     1.3 @@ -735,6 +735,14 @@
     1.4          goto done;
     1.5      }
     1.6  
     1.7 +    /* sanity check image size, so we don't overflow integers, etc. */
     1.8 +    if ((biWidth < 0) || (biWidth > 0xFFFFFF) ||
     1.9 +        (biHeight < 0) || (biHeight > 0xFFFFFF)) {
    1.10 +        IMG_SetError("Unsupported or invalid ICO dimensions");
    1.11 +        was_error = SDL_TRUE;
    1.12 +        goto done;
    1.13 +    }
    1.14 +
    1.15      /* Create a RGBA surface */
    1.16      biHeight = biHeight >> 1;
    1.17      //printf("%d x %d\n", biWidth, biHeight);