[Libreoffice-commits] core.git: Branch 'libreoffice-5-1' - vcl/source

David Tardon Fri, 29 Jan 2016 05:28:18 -0800

 vcl/source/gdi/dibtools.cxx |    2 ++
 1 file changed, 2 insertions(+)

New commits:
commit 04fdf5bb667f8425228fa5df69236a4728808ab2
Author: David Tardon <dtar...@redhat.com>
Date:   Fri Jan 22 15:14:00 2016 +0100


    sanitize value
    
    Change-Id: I0dfde2343263251a6b3034736c5c7219c5e130e4
    (cherry picked from commit 55141ac82950aaa289fd5ec9957800030fcdba0c)
    Reviewed-on: https://gerrit.libreoffice.org/21786
    Tested-by: Jenkins <c...@libreoffice.org>
    Reviewed-by: Miklos Vajna <vmik...@collabora.co.uk>

diff --git a/vcl/source/gdi/dibtools.cxx b/vcl/source/gdi/dibtools.cxx
index 030cf57..8cfc630 100644
--- a/vcl/source/gdi/dibtools.cxx
+++ b/vcl/source/gdi/dibtools.cxx
@@ -824,6 +824,8 @@ bool ImplReadDIBBody( SvStream& rIStm, Bitmap& rBmp, 
Bitmap* pBmpAlpha, sal_uLon
 
             // read coding information
             rIStm.ReadUInt32( nCodedSize ).ReadUInt32( nUncodedSize 
).ReadUInt32( aHeader.nCompression );
+            if (nCodedSize > rIStm.remainingSize())
+               nCodedSize = sal_uInt32(rIStm.remainingSize());
             pData = static_cast<sal_uInt8*>(rtl_allocateMemory( nUncodedSize 
));
 
             // decode buffer
_______________________________________________
Libreoffice-commits mailing list
libreoffice-comm...@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/libreoffice-commits

[Libreoffice-commits] core.git: Branch 'libreoffice-5-1' - vcl/source

Reply via email to