On Sat, 02 Apr 2016 04:49:08 +0300 [email protected] (Yuriy M. Kaminskiy) said:
> As reported on http://bugs.debian.org/734425, when ColorCount is less > than 256, it is possible that image loading will trigger out of bound > read. > Security imlications: DoS (application crash), potentially host memory > exposure. > Attached patch(es) gracefully handles out-of-range image data, out-of-range > background and transparent colors, and make code a bit simplier and > faster. oh wait... i wass reading the patch looking for < 0 .. sorry < 256 but intex values can be greater. (up to 255) eg colormap is 32 entriess but you have pixels with > 31 value. btw the debian bug you link to is not disscussing that - imlib2 config thing. :) -- ------------- Codito, ergo sum - "I code, therefore I am" -------------- The Rasterman (Carsten Haitzler) [email protected] ------------------------------------------------------------------------------ Transform Data into Opportunity. Accelerate data analysis in your applications with Intel Data Analytics Acceleration Library. Click to learn more. http://pubads.g.doubleclick.net/gampad/clk?id=278785471&iu=/4140 _______________________________________________ enlightenment-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/enlightenment-devel
