We are currently migrating Bugzilla to GitHub issues.
Any changes made to the bug tracker now will be lost, so please do not post new bugs or make changes to them.
When we're done, all bug URLs will redirect to their equivalent location on the new bug tracker.

Bug 4282 - Insufficient checks in loading XCF
Summary: Insufficient checks in loading XCF
Status: RESOLVED FIXED
Alias: None
Product: SDL_image
Classification: Unclassified
Component: misc (show other bugs)
Version: 2.0.3
Hardware: x86_64 Linux
: P2 normal
Assignee: Sam Lantinga
QA Contact: Sam Lantinga
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2018-09-28 20:01 UTC by janisozaur
Modified: 2019-06-10 23:33 UTC (History)
1 user (show)

See Also:

Attachments
xcf-improve-string-size-checks.patch (925 bytes, patch)
2018-09-28 20:01 UTC, janisozaur 		Details | Diff
reproducer.xcf (412 bytes, image/svg+xml)
2018-09-28 20:01 UTC, janisozaur 		Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description janisozaur 2018-09-28 20:01:28 UTC 
Created attachment 3326 [details]
xcf-improve-string-size-checks.patch

In some cases loading XCF file can lead to trying to allocate overlarge buffers for non-existent strings.

Attached patch fixes this issue.
Comment 1 janisozaur 2018-09-28 20:01:59 UTC 
Created attachment 3327 [details]
reproducer.xcf
Comment 2 Sam Lantinga 2018-09-29 04:02:09 UTC 
Patch added, thanks!
https://hg.libsdl.org/SDL_image/rev/31263a049d50

Can you also check this change?
https://hg.libsdl.org/SDL_image/rev/cec9b7594f75
Comment 3 Sam Lantinga 2019-06-10 23:33:50 UTC 
No response, I'm going to assume that change looks good too.