Commit daaf1d2b authored by Nils Philippsen's avatar Nils Philippsen

SGI: sanitize input data

Refuse nonsensical xsize, ysize, zsize values.
parent 5aa82f3b
......@@ -334,6 +334,28 @@ load_image (const gchar *filename,
* Get the image dimensions and create the image...
*/
/* Sanitize dimensions */
if (sgip->xsize == 0 || sgip->xsize > GIMP_MAX_IMAGE_SIZE)
{
g_set_error (error, G_FILE_ERROR, G_FILE_ERROR_FAILED,
_("Invalid width: %hu"), sgip->xsize);
return -1;
}
if (sgip->ysize == 0 || sgip->ysize > GIMP_MAX_IMAGE_SIZE)
{
g_set_error (error, G_FILE_ERROR, G_FILE_ERROR_FAILED,
_("Invalid height: %hu"), sgip->ysize);
return -1;
}
if (sgip->zsize == 0 || sgip->zsize > GIMP_MAX_IMAGE_SIZE)
{
g_set_error (error, G_FILE_ERROR, G_FILE_ERROR_FAILED,
_("Invalid number of channels: %hu"), sgip->zsize);
return -1;
}
bytes = sgip->zsize;
switch (sgip->zsize)
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment