| 1234567891011121314151617181920212223242526272829303132 |
- From a1cf194c54be57d6ab55dfd26b9562a60532208e Mon Sep 17 00:00:00 2001
- From: Eirik Aavitsland <eirik.aavitsland@theqtcompany.com>
- Date: Wed, 11 Mar 2015 09:00:41 +0100
- Subject: Fixes crash in gif image decoder
- Fuzzing test revealed that for certain malformed gif files,
- qgifhandler would segfault.
- Change-Id: I5bb6f60e1c61849e0d8c735edc3869945e5331c1
- (cherry picked from qtbase/ea2c5417fcd374302f5019e67f72af5facbd29f6)
- Reviewed-by: Richard J. Moore <rich@kde.org>
- ---
- src/gui/image/qgifhandler.cpp | 2 ++
- 1 file changed, 2 insertions(+)
- diff --git a/src/gui/image/qgifhandler.cpp b/src/gui/image/qgifhandler.cpp
- index 5199dd3..49aa2a6 100644
- --- a/src/gui/image/qgifhandler.cpp
- +++ b/src/gui/image/qgifhandler.cpp
- @@ -944,6 +944,8 @@ void QGIFFormat::fillRect(QImage *image, int col, int row, int w, int h, QRgb co
-
- void QGIFFormat::nextY(unsigned char *bits, int bpl)
- {
- + if (out_of_bounds)
- + return;
- int my;
- switch (interlace) {
- case 0: // Non-interlaced
- --
- cgit v0.11.0
|
