Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Browse files
Browse the repository at this point in the history
Fix for CVE-2017-14860
A heap buffer overflow could occur in memcpy when icc.size_ is larger than data.size_ - pad, as then memcpy would read out of bounds of data. This commit adds a sanity check to iccLength (= icc.size_): if it is larger than data.size_ - pad (i.e. an overflow would be caused) an exception is thrown. This fixes #71.
- Loading branch information