From: Christophe CURIS <christophe.cu...@free.fr>
As pointed by Coverity, the function blindly trust the data read from the
file, but in case of problem (corrupted file, not enough memory) it could
behave badly.
This patch adds a check for the depth, counts on RCreateImage to check the
width and height, and in any case it now includes a message for the user in
case he would like to understand what's wrong.
Signed-off-by: Christophe CURIS <christophe.cu...@free.fr>
---
WPrefs.app/Appearance.c | 12 ++++++++++++
1 file changed, 12 insertions(+)
diff --git a/WPrefs.app/Appearance.c b/WPrefs.app/Appearance.c
index 53ee1da..7e22dec 100644
--- a/WPrefs.app/Appearance.c
+++ b/WPrefs.app/Appearance.c
@@ -1310,10 +1310,22 @@ static Pixmap loadRImage(WMScreen * scr, const char
*path)
cnt = fscanf(f, "%02x%02x%1x", &w, &h, &d);
if (cnt != 3) {
+ wwarning(_("could not read size of image from '%s', ignoring"),
path);
+ fclose(f);
+ return None;
+ }
+ if (d < 3 || d > 4) {
+ wwarning(_("image \"%s\" has an invalid depth of %d,
ignoring"), path, d);
fclose(f);
return None;
}
image = RCreateImage(w, h, d == 4);
+ if (image == NULL) {
+ wwarning(_("could not create RImage for \"%s\": %s"),
+ path, RMessageForError(RErrorCode));
+ fclose(f);
+ return None;
+ }
read_size = w * h * d;
if (fread(image->data, 1, read_size, f) == read_size)
RConvertImage(WMScreenRContext(scr), image, &pixmap);
--
2.1.1
--
To unsubscribe, send mail to wmaker-dev-unsubscr...@lists.windowmaker.org.
