1berry/qtbase
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Gif decoder: Harden handling of corrupt files

Browse Source 
Fix potential UB for corrupt files.

Change-Id: If5d1b859a03b09e3479a6a7adaaf3432958126b4
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
(cherry picked from commit 8edf11d51059b2ecb42dbf45f037d88e5b2beab6)
Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>
This commit is contained in:
Eirik Aavitsland 2020-06-04 17:03:53 +02:00 committed by Qt Cherry-pick Bot
parent e54112b467
commit 66cc65b92b
1 changed files with 5 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/plugins/imageformats/gif/qgifhandler.cpp
View File

@ -53,8 +53,7 @@ QT_BEGIN_NAMESPACE
#define Q_TRANSPARENT 0x00ffffff
// avoid going through QImage::scanLine() which calls detach
#define FAST_SCAN_LINE(bits, bpl, y) (bits + (y) * bpl)
#define FAST_SCAN_LINE(bits, bpl, y) (bits + qptrdiff(y) * bpl)
/*
Incremental image decoder for GIF image format.
@ -491,6 +490,10 @@ int QGIFFormat::decode(QImage *image, const uchar *buffer, int length,
break;
case ImageDataBlock:
count++;
if (bitcount < 0 || bitcount > 31) {
state = Error;
return -1;
}
accum|=(ch<<bitcount);
bitcount+=8;
while (bitcount>=code_size && state==ImageDataBlock) {