diff options
author | giraffedata <giraffedata@9d0c8265-081b-0410-96cb-a4ca84ce46f8> | 2023-09-29 17:52:10 +0000 |
---|---|---|
committer | giraffedata <giraffedata@9d0c8265-081b-0410-96cb-a4ca84ce46f8> | 2023-09-29 17:52:10 +0000 |
commit | bf85274a5c089c1c6295f0caf54ecf0c1c42e887 (patch) | |
tree | 54564e27e71bb7e6f85a6bf121d47df731c04f99 /lib/libpbm1.c | |
parent | c8ea970312eb3e9877d876e5b4d5575237187197 (diff) | |
download | netpbm-mirror-bf85274a5c089c1c6295f0caf54ecf0c1c42e887.tar.gz netpbm-mirror-bf85274a5c089c1c6295f0caf54ecf0c1c42e887.tar.xz netpbm-mirror-bf85274a5c089c1c6295f0caf54ecf0c1c42e887.zip |
Validate computable image size and maxval in libnetpbm write init functions
git-svn-id: http://svn.code.sf.net/p/netpbm/code/trunk@4706 9d0c8265-081b-0410-96cb-a4ca84ce46f8
Diffstat (limited to 'lib/libpbm1.c')
-rw-r--r-- | lib/libpbm1.c | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/lib/libpbm1.c b/lib/libpbm1.c index d3403311..9e51970c 100644 --- a/lib/libpbm1.c +++ b/lib/libpbm1.c @@ -22,6 +22,7 @@ #include "netpbm/mallocvar.h" #include "netpbm/shhopt.h" +#include "libpbm.h" #include "pbm.h" @@ -85,6 +86,28 @@ pbm_check(FILE * const fileP, +void +pbm_validateComputableSize(unsigned int const cols, + unsigned int const rows) { +/*---------------------------------------------------------------------------- + Validate that the dimensions of the image are such that it can be + processed in typical ways on this machine without worrying about + overflows. Note that in C, arithmetic is always modulus + arithmetic, so if your values are too big, the result is not what + you expect. That failed expectation can be disastrous if you use + it to allocate memory. + + See comments at 'validateComputableSize' in libpam.c for details on + the purpose of these validations. +-----------------------------------------------------------------------------*/ + if (cols > INT_MAX - 10) + pm_error("image width (%u) too large to be processed", cols); + if (rows > INT_MAX - 10) + pm_error("image height (%u) too large to be processed", rows); +} + + + static unsigned int bitpop8(unsigned char const x) { /*---------------------------------------------------------------------------- |