Permalink
Browse files

fix possible OOB write in gif2tiff.c

  • Loading branch information...
1 parent 8dc74e4 commit ce6841d9e41d621ba23cf18b190ee6a23b2cc833 fwarmerdam committed Aug 14, 2013
Showing with 8 additions and 0 deletions.
  1. +4 −0 ChangeLog
  2. +4 −0 tools/gif2tiff.c
View
@@ -1,3 +1,7 @@
+2013-08-14 Frank Warmerdam <warmerdam@pobox.com>
+
+ * tools/gif2tiff.c: fix possible OOB write (#2452, CVE-2013-4244)
+
2013-08-13 Frank Warmerdam <warmerdam@pobox.com>
* tools/gif2tiff.c: Be more careful about corrupt or
View
@@ -400,6 +400,10 @@ process(register int code, unsigned char** fill)
}
if (oldcode == -1) {
+ if (code >= clear) {
+ fprintf(stderr, "bad input: code=%d is larger than clear=%d\n",code, clear);
+ return 0;
+ }
*(*fill)++ = suffix[code];
firstchar = oldcode = code;
return 1;

0 comments on commit ce6841d

Please sign in to comment.