Commit 4855d433 authored by Mukund Sivaraman's avatar Mukund Sivaraman

Validate XCF string length

This patch limits the string length to 16 MB. If problems occur in the
future because 16 MB is small, increase the limit by modifying
MAX_XCF_STRING_LEN.
parent 675a9c39
......@@ -27,6 +27,7 @@
#include "gimp-intl.h"
#define MAX_XCF_STRING_LEN (16 * (1L << 20)) /* 16 MB */
guint
xcf_read_int32 (FILE *fp,
......@@ -94,7 +95,13 @@ xcf_read_string (FILE *fp,
total += xcf_read_int32 (fp, &tmp, 1);
if (tmp > 0)
if (tmp > MAX_XCF_STRING_LEN)
{
g_warning ("Maximum string length (%ld bytes) exceeded."
" Possibly corrupt XCF file.", MAX_XCF_STRING_LEN);
data[i] = NULL;
}
else if (tmp > 0)
{
gchar *str;
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment