kwo pushed a commit to branch master. http://git.enlightenment.org/legacy/imlib2.git/commit/?id=ce94edca1ccfbe314cb7cd9453433fad404ec7ef
commit ce94edca1ccfbe314cb7cd9453433fad404ec7ef Author: Kim Woelders <[email protected]> Date: Wed Apr 6 02:35:43 2016 +0200 Fix off-by-one OOB read in __imlib_MergeUpdate(). Patch by Yuriy M. Kaminskiy. https://bugs.debian.org/819818 --- src/lib/updates.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/lib/updates.c b/src/lib/updates.c index 8167284..2f55fe7 100644 --- a/src/lib/updates.c +++ b/src/lib/updates.c @@ -112,7 +112,7 @@ __imlib_MergeUpdate(ImlibUpdate * u, int w, int h, int hgapmax) int xx, yy, ww, hh, ok, xww; for (xx = x + 1, ww = 1; - (T(xx, y).used & T_USED) && (xx < tw); xx++, ww++); + (xx < tw) && (T(xx, y).used & T_USED); xx++, ww++); xww = x + ww; for (yy = y + 1, hh = 1, ok = 1; (yy < th) && (ok); yy++, hh++) --
