diff options
| author | giraffedata <giraffedata@9d0c8265-081b-0410-96cb-a4ca84ce46f8> | 2015-07-29 02:19:10 +0000 |
|---|---|---|
| committer | giraffedata <giraffedata@9d0c8265-081b-0410-96cb-a4ca84ce46f8> | 2015-07-29 02:19:10 +0000 |
| commit | 837426154951b38c683303a874d1b220be20a314 (patch) | |
| tree | 395b138dd2bf5486cead83ca32290ff436303deb | |
| parent | e821db62a988c16efdf2256928a3c68fb7cdf9d3 (diff) | |
| download | netpbm-mirror-837426154951b38c683303a874d1b220be20a314.tar.gz netpbm-mirror-837426154951b38c683303a874d1b220be20a314.tar.xz netpbm-mirror-837426154951b38c683303a874d1b220be20a314.zip | |
Fix buffer overrun
git-svn-id: http://svn.code.sf.net/p/netpbm/code/trunk@2614 9d0c8265-081b-0410-96cb-a4ca84ce46f8
| -rw-r--r-- | converter/other/pnmtopclxl.c | 4 | ||||
| -rw-r--r-- | doc/HISTORY | 3 |
2 files changed, 5 insertions, 2 deletions
diff --git a/converter/other/pnmtopclxl.c b/converter/other/pnmtopclxl.c index 4cd7c4d0..ad1b3261 100644 --- a/converter/other/pnmtopclxl.c +++ b/converter/other/pnmtopclxl.c @@ -269,10 +269,10 @@ XY_RLEnew(size_t const size) { MALLOCVAR(rleP); if (rleP) { - rleP->fbuf = malloc(size); + rleP->fbufsize = MAX(1024, size); + rleP->fbuf = malloc(rleP->fbufsize); if (rleP->fbuf) { - rleP->fbufsize = MAX(1024, size); retval = rleP; } else retval = NULL; diff --git a/doc/HISTORY b/doc/HISTORY index b2dfc61d..fb7a5c7c 100644 --- a/doc/HISTORY +++ b/doc/HISTORY @@ -23,6 +23,9 @@ not yet BJH Release 10.72.00 pbmtoescp2: Pad output horizontally to a multiple of 8 columns and vertically to a whole stripe to prevent image loss. + Pnmtopclxl: fix buffer overrun causing unpredictable behavior. + (Introduced in Netpbm 10.54 (March 2011). + escp2topbm: Fix -plain. Always broken (escp2topbm was new in Netpbm 10.18 (September 2003)). |