1.1 --- a/IMG_xcf.c	Wed Feb 07 16:18:54 2018 -0500
     1.2 +++ b/IMG_xcf.c	Wed Feb 07 16:29:51 2018 -0500
     1.3 @@ -595,6 +595,18 @@
     1.4      SDL_RWseek(src, layer->hierarchy_file_offset, RW_SEEK_SET);
     1.5      hierarchy = read_xcf_hierarchy(src);
     1.6  
     1.7 +    if (hierarchy->bpp > 4) {  /* unsupported. */
     1.8 +        SDL_Log("Unknown Gimp image bpp (%u)\n", (unsigned int) hierarchy->bpp);
     1.9 +        free_xcf_hierarchy(hierarchy);
    1.10 +        return 1;
    1.11 +    }
    1.12 +
    1.13 +    if ((hierarchy->width > 20000) || (hierarchy->height > 20000)) {  /* arbitrary limit to avoid integer overflow. */
    1.14 +        SDL_Log("Gimp image too large (%ux%u)\n", (unsigned int) hierarchy->width, (unsigned int) hierarchy->height);
    1.15 +        free_xcf_hierarchy(hierarchy);
    1.16 +        return 1;
    1.17 +    }
    1.18 +
    1.19      level = NULL;
    1.20      for (i = 0; hierarchy->level_file_offsets[i]; i++) {
    1.21          SDL_RWseek(src, hierarchy->level_file_offsets[i], RW_SEEK_SET);