forked from old/legacy-imlib2
loader_gif(): Abort gif parsing if DGifGetLine() fails
Prevents multiple conditinal jumps based on and uses of unitinitialied memory when parsing fuzzed file id:000067,src:000000,op:havoc,rep:4,+cov.
This commit is contained in:
parent
2a53f202fe
commit
2c6a3af9b6
|
@ -85,7 +85,10 @@ load(ImlibImage * im, ImlibProgressFunction progress, char progress_granularity,
|
|||
{
|
||||
for (j = intoffset[i]; j < h; j += intjump[i])
|
||||
{
|
||||
DGifGetLine(gif, rows[j], w);
|
||||
if (DGifGetLine(gif, rows[i], w) == GIF_ERROR)
|
||||
{
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -93,7 +96,10 @@ load(ImlibImage * im, ImlibProgressFunction progress, char progress_granularity,
|
|||
{
|
||||
for (i = 0; i < h; i++)
|
||||
{
|
||||
DGifGetLine(gif, rows[i], w);
|
||||
if (DGifGetLine(gif, rows[i], w) == GIF_ERROR)
|
||||
{
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
done = 1;
|
||||
|
|
Loading…
Reference in New Issue