← Back to branch summary

~ubuntu-branches/ubuntu/precise/python-imaging/precise-security

« back to all changes in this revision

Viewing changes to libImaging/FliDecode.c

  • Committer: Package Import Robot
  • Author(s): Emily Ratliff
  • Date: 2016-09-09 14:45:49 UTC
  • Revision ID: package-import@ubuntu.com-20160909144549-1fnzq92xxawzmelp
Tags: 1.1.7-4ubuntu0.12.04.2
* SECURITY UPDATE: Fixes for buffer overflows
  - PIL/IcnsImagePlugin.py, libImaging/PcdDecode.c, libImaging/FliDecode.c
  - CVE-2016-0775
  - CVE-2016-2533
  - CVE-2014-3596
  - Kudos to Andrew Drake and Eric Soroos for discovering these issues.

Show diffs side-by-side

added added

removed removed

Lines of Context:
libImaging/FliDecode.c
185
185
            /* COPY chunk */
186
186
            for (y = 0; y < state->ysize; y++) {
187
187
                UINT8* buf = (UINT8*) im->image[y];
188
 
                memcpy(buf+x, data, state->xsize);
 
188
                memcpy(buf, data, state->xsize);
189
189
                data += state->xsize;
190
190
            }
191
191
            break;