From 61a2d8a2a7b03023e63eae9a3e64607aaaa6d339 Mon Sep 17 00:00:00 2001
From: Glenn Randers-Pehrson <glennrp at users.sourceforge.net>
Date: Sat, 18 Jun 2011 14:51:09 -0500
Subject: [PATCH] [master] Check for sCAL chunk too short.
Update for 1.2.44.
---
pngrutil.c | 8 ++++++++
--- a/pngrutil.c 2010-06-26 09:31:14.000000000 +0900
+++ b/pngrutil.c 2011-07-15 13:22:56.000000000 +0900
@@ -1812,6 +1812,14 @@
return;
}
+ /* Need unit type, width, \0, height: minimum 4 bytes */
+ else if (length < 4)
+ {
+ png_warning(png_ptr, "sCAL chunk too short");
+ png_crc_finish(png_ptr, length);
+ return;
+ }
+
png_debug1(2, "Allocating and reading sCAL chunk data (%lu bytes)",
length + 1);
png_ptr->chunkdata = (png_charp)png_malloc_warn(png_ptr, length + 1);
![[patchlogo]](http://patch-tracker.debian.org/static/img/swirlpatch.png)