We are currently migrating Bugzilla to GitHub issues.
Any changes made to the bug tracker now will be lost, so please do not post new bugs or make changes to them.
When we're done, all bug URLs will redirect to their equivalent location on the new bug tracker.

Bug 4281

Summary:	invalid checks when loading PNM
Product:	SDL_image	Reporter:	janisozaur <janisozaur+libsdl>
Component:	misc	Assignee:	Sam Lantinga <slouken>
Status:	RESOLVED FIXED	QA Contact:	Sam Lantinga <slouken>
Severity:	normal
Priority:	P2	CC:	janisozaur+libsdl
Version:	2.0.3
Hardware:	x86_64
OS:	Linux
Attachments:	0001-PNM-Improve-checks-when-loading-a-file.patch invalid.pnm

Description janisozaur 2018-09-28 18:53:20 UTC

Created attachment 3324 [details]
0001-PNM-Improve-checks-when-loading-a-file.patch

A malicious PNM file can cause overflow in checks and lead to allocation of overly large amount of memory. Provided patch improves the checks for such cases.

Comment 1 janisozaur 2018-09-28 18:53:54 UTC

Created attachment 3325 [details]
invalid.pnm

Comment 2 Sam Lantinga 2018-09-29 03:57:33 UTC

Patch added, thanks!
https://hg.libsdl.org/SDL_image/rev/90a531f221f2

We are currently migrating Bugzilla to GitHub issues.Any changes made to the bug tracker now will be lost, so please do not post new bugs or make changes to them.When we're done, all bug URLs will redirect to their equivalent location on the new bug tracker.

Bug 4281

We are currently migrating Bugzilla to GitHub issues.
Any changes made to the bug tracker now will be lost, so please do not post new bugs or make changes to them.
When we're done, all bug URLs will redirect to their equivalent location on the new bug tracker.