1
Description: fix denial of service via malformed .fit file header
2
Origin: upstream, http://git.gnome.org/browse/gimp/commit/plug-ins/file-fits/fits-io.c?id=ace45631595e8781a1420842582d67160097163c
3
Bug: https://bugzilla.gnome.org/show_bug.cgi?id=676804
5
Index: gimp-2.6.12/plug-ins/file-fits/fits-io.c
6
===================================================================
7
--- gimp-2.6.12.orig/plug-ins/file-fits/fits-io.c 2012-01-31 08:50:15.000000000 -0500
8
+++ gimp-2.6.12/plug-ins/file-fits/fits-io.c 2012-09-05 13:38:00.650225303 -0400
9
@@ -1055,10 +1055,18 @@
10
hdulist->used.simple = (strncmp (hdr->data, "SIMPLE ", 8) == 0);
11
hdulist->used.xtension = (strncmp (hdr->data, "XTENSION", 8) == 0);
12
if (hdulist->used.xtension)
14
- fdat = fits_decode_card (fits_search_card (hdr, "XTENSION"), typ_fstring);
15
- strcpy (hdulist->xtension, fdat->fstring);
18
+ fdat = fits_decode_card (fits_search_card (hdr, "XTENSION"), typ_fstring);
21
+ strcpy (hdulist->xtension, fdat->fstring);
25
+ strcpy (errmsg, "No valid XTENSION header found.");
30
FITS_DECODE_CARD (hdr, "NAXIS", fdat, typ_flong);
31
hdulist->naxis = fdat->flong;