We are currently migrating Bugzilla to GitHub issues.
Any changes made to the bug tracker now will be lost, so please do not post new bugs or make changes to them.
When we're done, all bug URLs will redirect to their equivalent location on the new bug tracker.

Bug 4281 - invalid checks when loading PNM
Summary: invalid checks when loading PNM
Status: RESOLVED FIXED
Alias: None
Product: SDL_image
Classification: Unclassified
Component: misc (show other bugs)
Version: 2.0.3
Hardware: x86_64 Linux
: P2 normal
Assignee: Sam Lantinga
QA Contact: Sam Lantinga
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2018-09-28 18:53 UTC by janisozaur
Modified: 2018-09-29 03:57 UTC (History)
1 user (show)

See Also:

Attachments
0001-PNM-Improve-checks-when-loading-a-file.patch (675 bytes, patch)
2018-09-28 18:53 UTC, janisozaur 		Details | Diff
invalid.pnm (47 bytes, image/x-portable-anymap)
2018-09-28 18:53 UTC, janisozaur 		Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description janisozaur 2018-09-28 18:53:20 UTC 
Created attachment 3324 [details]
0001-PNM-Improve-checks-when-loading-a-file.patch

A malicious PNM file can cause overflow in checks and lead to allocation of overly large amount of memory. Provided patch improves the checks for such cases.
Comment 1 janisozaur 2018-09-28 18:53:54 UTC 
Created attachment 3325 [details]
invalid.pnm
Comment 2 Sam Lantinga 2018-09-29 03:57:33 UTC 
Patch added, thanks!
https://hg.libsdl.org/SDL_image/rev/90a531f221f2