Christoph M. Becker 5cd348c1d6 Fixed bug #75111 (Memory disclosure or DoS via crafted .bmp image) ...

Crafted BMP images can cause dynamicSeek() to be called with a negative
position which must not be allowed, since dynamicSeek() works like
fseek() in SEEK_SET mode. We solve this by bailing out if `pos` is
negative, and let the image reading fail gracefully.

2017-08-24 14:07:10 +02:00

773 B

Raw Blame History

View Raw