dnrops
/
gimp
mirror of https://github.com/GNOME/gimp.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

plug-ins, exr: ensure dimensions are not outside our limits... 

when loading an exr image.
While looking at the openexr fuzzed images I noticed we do not check
whether height or width are larger than our maximum.

Although this was caught in libgimp when trying to create the image,
let's add checks in the exr plug-in itself.
This commit is contained in:
Jacob Boerema 2025-01-09 18:32:43 -05:00
parent 565ead32b8
commit 473d07d364
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
plug-ins/file-exr/file-exr.c
View File

@ -210,7 +210,8 @@ load_image (GFile *file,
width = exr_loader_get_width (loader);
height = exr_loader_get_height (loader);
if ((width < 1) || (height < 1))
if (width < 1 || height < 1 ||
width > GIMP_MAX_IMAGE_SIZE || height > GIMP_MAX_IMAGE_SIZE)
{
g_set_error (error, G_FILE_ERROR, G_FILE_ERROR_FAILED,
_("Error querying image dimensions from '%s'"),