646b892680
Some checks failed
Periodic Merges (6h) / master → staging-nixos (push) Failing after 12m50s
Periodic Merges (6h) / master → staging-next (push) Failing after 12m54s
Periodic Merges (24h) / merge-base(master,staging) → haskell-updates (push) Failing after 11m54s
Periodic Merges (6h) / staging-next → staging (push) Failing after 12m13s
Periodic Merges (24h) / staging-next-25.05 → staging-25.05 (push) Failing after 13m24s
Periodic Merges (24h) / release-25.05 → staging-next-25.05 (push) Failing after 14m28s
22 lines
1.3 KiB
Diff
22 lines
1.3 KiB
Diff
diff -rupN --no-dereference freeimage-svn-r1909-FreeImage-trunk/Source/FreeImage/PSDParser.cpp freeimage-svn-r1909-FreeImage-trunk-new/Source/FreeImage/PSDParser.cpp
|
|
--- freeimage-svn-r1909-FreeImage-trunk/Source/FreeImage/PSDParser.cpp 2023-09-28 19:34:47.936007630 +0200
|
|
+++ freeimage-svn-r1909-FreeImage-trunk-new/Source/FreeImage/PSDParser.cpp 2023-09-28 19:34:47.940007590 +0200
|
|
@@ -1466,6 +1466,7 @@ FIBITMAP* psdParser::ReadImageData(FreeI
|
|
const unsigned dstBpp = (depth == 1) ? 1 : FreeImage_GetBPP(bitmap)/8;
|
|
const unsigned dstLineSize = FreeImage_GetPitch(bitmap);
|
|
BYTE* const dst_first_line = FreeImage_GetScanLine(bitmap, nHeight - 1);//<*** flipped
|
|
+ const unsigned dst_buffer_size = dstLineSize * nHeight;
|
|
|
|
BYTE* line_start = new BYTE[lineSize]; //< fileline cache
|
|
|
|
@@ -1481,6 +1482,9 @@ FIBITMAP* psdParser::ReadImageData(FreeI
|
|
const unsigned channelOffset = GetChannelOffset(bitmap, c) * bytes;
|
|
|
|
BYTE* dst_line_start = dst_first_line + channelOffset;
|
|
+ if (channelOffset + lineSize > dst_buffer_size) {
|
|
+ throw "Invalid PSD image";
|
|
+ }
|
|
for(unsigned h = 0; h < nHeight; ++h, dst_line_start -= dstLineSize) {//<*** flipped
|
|
io->read_proc(line_start, lineSize, 1, handle);
|
|
ReadImageLine(dst_line_start, line_start, lineSize, dstBpp, bytes);
|