giflib: Fix CVE CVE-2022-28506 - linux/meta-openembedded.git - Mirror of git.openembedded.org/meta-openembedded

diff options

author	nikhil <nikhilar2410@gmail.com>	2024-04-17 11:25:23 +0530
committer	Armin Kuster <akuster808@gmail.com>	2024-04-28 13:10:23 -0400
commit	ca4f69e66c30249ca7e0ed9ecf038bbf425cae50 (patch)
tree	c269b02d15b7caacd6be84ce3a2d77196b8a9628 /meta-python/recipes-devtools/python/python3-asyncio-glib_0.1.bb
parent	ac06a6540499c2492c6f4eb87481ba4df83a21cb (diff)
download	meta-openembedded-ca4f69e66c30249ca7e0ed9ecf038bbf425cae50.tar.gz

giflib: Fix CVE CVE-2022-28506

There is a heap buffer overflow in DumpScreen2RGB() in gif2rgb.c. This occurs when a crafted gif file, where size of color table is < 256 but image data contains pixels with color code highier than size of color table. This causes oferflow of ColorMap->Colors array. Fix the issue by checking if value of each pixel is within bounds of given color table. If the value is out of color table, print error message and exit. Signed-off-by: Nikhil R <nikhil.r@kpit.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>

Diffstat (limited to 'meta-python/recipes-devtools/python/python3-asyncio-glib_0.1.bb')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: