1
Description: fix denial of service and possible code execution via
2
malformed PSP image file
3
Origin: upstream, http://git.gnome.org/browse/gimp/commit/?id=48ec15890e1751dede061f6d1f469b6508c13439
4
Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=608497
5
Bug: https://bugzilla.gnome.org/show_bug.cgi?id=639203
7
Index: gimp-2.6.11/plug-ins/common/file-psp.c
8
===================================================================
9
--- gimp-2.6.11.orig/plug-ins/common/file-psp.c 2011-04-07 10:55:48.556192230 -0400
10
+++ gimp-2.6.11/plug-ins/common/file-psp.c 2011-04-07 10:55:58.576192227 -0400
11
@@ -1244,6 +1244,10 @@
14
fread (buf, runcount, 1, f);
16
+ /* prevent buffer overflow for bogus data */
17
+ runcount = MIN (runcount, endq - q);
21
memmove (q, buf, runcount);