We are currently migrating Bugzilla to GitHub issues.
Any changes made to the bug tracker now will be lost, so please do not post new bugs or make changes to them.
When we're done, all bug URLs will redirect to their equivalent location on the new bug tracker.

Bug 4282

Summary:	Insufficient checks in loading XCF
Product:	SDL_image	Reporter:	janisozaur <janisozaur+libsdl>
Component:	misc	Assignee:	Sam Lantinga <slouken>
Status:	RESOLVED FIXED	QA Contact:	Sam Lantinga <slouken>
Severity:	normal
Priority:	P2	CC:	janisozaur+libsdl
Version:	2.0.3
Hardware:	x86_64
OS:	Linux
Attachments:	xcf-improve-string-size-checks.patch reproducer.xcf

Description janisozaur 2018-09-28 20:01:28 UTC

Created attachment 3326 [details]
xcf-improve-string-size-checks.patch

In some cases loading XCF file can lead to trying to allocate overlarge buffers for non-existent strings.

Attached patch fixes this issue.

Comment 1 janisozaur 2018-09-28 20:01:59 UTC

Created attachment 3327 [details]
reproducer.xcf

Comment 2 Sam Lantinga 2018-09-29 04:02:09 UTC

Patch added, thanks!
https://hg.libsdl.org/SDL_image/rev/31263a049d50

Can you also check this change?
https://hg.libsdl.org/SDL_image/rev/cec9b7594f75

Comment 3 Sam Lantinga 2019-06-10 23:33:50 UTC

No response, I'm going to assume that change looks good too.

We are currently migrating Bugzilla to GitHub issues.Any changes made to the bug tracker now will be lost, so please do not post new bugs or make changes to them.When we're done, all bug URLs will redirect to their equivalent location on the new bug tracker.

Bug 4282

We are currently migrating Bugzilla to GitHub issues.
Any changes made to the bug tracker now will be lost, so please do not post new bugs or make changes to them.
When we're done, all bug URLs will redirect to their equivalent location on the new bug tracker.