src/fuzz/cdrfuzzer.cpp | 2 +- src/fuzz/cmxfuzzer.cpp | 2 +- src/lib/CDRStylesCollector.cpp | 8 ++++---- 3 files changed, 6 insertions(+), 6 deletions(-)
New commits: commit b719dfdcabb43114553d02eeb9c91728ef835a48 Author: David Tardon <[email protected]> AuthorDate: Fri Dec 28 13:08:28 2018 +0100 Commit: David Tardon <[email protected]> CommitDate: Fri Dec 28 13:08:28 2018 +0100 avoid reading past the end of data buffer Change-Id: Ie91f77b68eed686890b2b6346c6f97c4e4ac4ca1 diff --git a/src/lib/CDRStylesCollector.cpp b/src/lib/CDRStylesCollector.cpp index 2cc3647..3222a34 100644 --- a/src/lib/CDRStylesCollector.cpp +++ b/src/lib/CDRStylesCollector.cpp @@ -117,9 +117,9 @@ void libcdr::CDRStylesCollector::collectBmp(unsigned imageId, unsigned colorMode writeU32(image, m_ps.getBMPColor(libcdr::CDRColor(colorModel, palette[c]))); } } - else if (bpp == 24) + else if (bpp == 24 && lineWidth >= 3) { - while (i < lineWidth && k < width) + while (i < lineWidth -2 && k < width) { unsigned c = ((unsigned)bitmap[j*lineWidth+i+2] << 16) | ((unsigned)bitmap[j*lineWidth+i+1] << 8) | ((unsigned)bitmap[j*lineWidth+i]); i += 3; commit ac478ec40afbded9c2f9dd14519caf575ed72af9 Author: David Tardon <[email protected]> AuthorDate: Fri Dec 28 13:05:36 2018 +0100 Commit: David Tardon <[email protected]> CommitDate: Fri Dec 28 13:05:36 2018 +0100 ofz#8328 avoid reading past the end of data buffer Change-Id: I20d9f1aa723dc113e62ae7014bfaa1a61df693d2 diff --git a/src/lib/CDRStylesCollector.cpp b/src/lib/CDRStylesCollector.cpp index 2dfeba2..2cc3647 100644 --- a/src/lib/CDRStylesCollector.cpp +++ b/src/lib/CDRStylesCollector.cpp @@ -127,9 +127,9 @@ void libcdr::CDRStylesCollector::collectBmp(unsigned imageId, unsigned colorMode k++; } } - else if (bpp == 32) + else if (bpp == 32 && lineWidth >= 4) { - while (i < lineWidth && k < width) + while (i < lineWidth - 3 && k < width) { unsigned c = (bitmap[j*lineWidth+i+3] << 24) | (bitmap[j*lineWidth+i+2] << 16) | (bitmap[j*lineWidth+i+1] << 8) | (bitmap[j*lineWidth+i]); i += 4; commit 325b61ab177abb4328dafa36eb99391b9afb5fcd Author: David Tardon <[email protected]> AuthorDate: Fri Dec 28 11:09:24 2018 +0100 Commit: David Tardon <[email protected]> CommitDate: Fri Dec 28 11:09:24 2018 +0100 fix project name in license header Change-Id: I3c31dbcc1c669758ed1e7624cc0a136c2946d3e8 diff --git a/src/fuzz/cdrfuzzer.cpp b/src/fuzz/cdrfuzzer.cpp index 46b7115..986c421 100644 --- a/src/fuzz/cdrfuzzer.cpp +++ b/src/fuzz/cdrfuzzer.cpp @@ -1,6 +1,6 @@ /* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ /* - * This file is part of the libmspub project. + * This file is part of the libcdr project. * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this diff --git a/src/fuzz/cmxfuzzer.cpp b/src/fuzz/cmxfuzzer.cpp index 713c93d..01376e2 100644 --- a/src/fuzz/cmxfuzzer.cpp +++ b/src/fuzz/cmxfuzzer.cpp @@ -1,6 +1,6 @@ /* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ /* - * This file is part of the libmspub project. + * This file is part of the libcdr project. * * This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this _______________________________________________ Libreoffice-commits mailing list [email protected] https://lists.freedesktop.org/mailman/listinfo/libreoffice-commits
