77500da712
CVE-2009-1721 (denial of service (application crash) or possibly execute arbitrary code in the Imf::hufUncompress function). Bump PKGREVISION.
14 lines
641 B
Text
14 lines
641 B
Text
$NetBSD: patch-af,v 1.1 2009/08/28 21:33:08 hasso Exp $
|
|
|
|
--- IlmImf/ImfPizCompressor.cpp.orig 2007-09-20 23:17:46.000000000 -0500
|
|
+++ IlmImf/ImfPizCompressor.cpp 2009-07-29 13:15:41.883288491 -0500
|
|
@@ -181,6 +181,9 @@ PizCompressor::PizCompressor
|
|
_channels (hdr.channels()),
|
|
_channelData (0)
|
|
{
|
|
+ if ((unsigned) maxScanLineSize > (INT_MAX - 65536 - 8192) / (unsigned) numScanLines) {
|
|
+ throw InputExc ("Error: maxScanLineSize * numScanLines would overflow.");
|
|
+ }
|
|
_tmpBuffer = new unsigned short [maxScanLineSize * numScanLines / 2];
|
|
_outBuffer = new char [maxScanLineSize * numScanLines + 65536 + 8192];
|
|
|