73a9fe0066
Cox. While these programs are not installed suid root, they are often used to prepare data for processing. These errors may permit remote attackers to cause a denial of service or execute arbitrary code in any programs or scripts that use these graphics conversion tools. http://marc.theaimsgroup.com/?l=bugtraq&m=104644687816522&w=2
20 lines
557 B
Plaintext
20 lines
557 B
Plaintext
$OpenBSD: patch-pbm_mdatopbm_c,v 1.1 2003/03/29 04:13:54 brad Exp $
|
|
--- pbm/mdatopbm.c.orig Sat May 6 05:28:53 2000
|
|
+++ pbm/mdatopbm.c Fri Mar 28 20:22:06 2003
|
|
@@ -235,9 +235,14 @@ int main(int argc, char **argv)
|
|
pm_readlittleshort(infile, &yy); nInRows = yy;
|
|
pm_readlittleshort(infile, &yy); nInCols = yy;
|
|
|
|
+ overflow2(nOutCols, 8);
|
|
nOutCols = 8*nInCols;
|
|
nOutRows = nInRows;
|
|
- if (bScale) nOutRows *= 2;
|
|
+ if (bScale)
|
|
+ {
|
|
+ overflow2(nOutRows, 2);
|
|
+ nOutRows *= 2;
|
|
+ }
|
|
|
|
data = pbm_allocarray(nOutCols, nOutRows);
|
|
mdrow = malloc(nInCols);
|