mirror of
https://github.com/LadybirdBrowser/ladybird.git
synced 2025-08-07 08:39:22 +00:00
LibGfx: Fix heap-overflow in BMP RLE
The field previously named 'data_size' apparently was misunderstood.
This commit is contained in:
Ben Wiederhake
Andreas Kling
parent
d66b0683eb
commit
461bdeda2b
Notes:
sideshowbarker
2024-07-19 01:06:42 +09:00
Author: https://github.com/BenWiederhake
Commit: 461bdeda2b
Pull-request: https://github.com/SerenityOS/serenity/pull/4294
Issue: https://github.com/SerenityOS/serenity/issues/4206
1 changed files with 1 additions and 1 deletions
|
|
@ -931,7 +931,7 @@ static bool uncompress_bmp_rle_data(BMPLoadingContext& context, ByteBuffer& buff
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
Streamer streamer(context.file_bytes + context.data_offset, context.file_size);
|
Streamer streamer(context.file_bytes + context.data_offset, context.file_size - context.data_offset);
|
||||||
|
|
||||||
auto compression = context.dib.info.compression;
|
auto compression = context.dib.info.compression;
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue