graphics/gimp1-base/patches/patch-ae


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19

$NetBSD: patch-ae,v 1.2 2007/07/30 07:56:27 joerg Exp $

Fix for CVE-2007-2949 heap overflow from upstream.

--- plug-ins/common/psd.c.orig	2007-07-04 15:41:06.000000000 +0200
+++ plug-ins/common/psd.c
@@ -1200,6 +1200,12 @@ seek_to_and_unpack_pixeldata(FILE* fd, g
   width = psd_image.layer[layeri].channel[channeli].width;
   height = psd_image.layer[layeri].channel[channeli].height;
 
+  if (width > 0x7FFF || height > 0x7FFF)
+    {
+      g_message ("Error: Invalid channel dimensions");
+      gimp_quit ();
+    }
+
   IFDBG
     {
       printf("\t\t\tLayer (%d) Channel (%d:%d) Compression: %d (%s)\n",