28 lines
888 B
Diff
28 lines
888 B
Diff
From d548fd5eb04d62ad65db18e6425a36e7ab6645dc Mon Sep 17 00:00:00 2001
|
|
From: Cary Phillips <cary@ilm.com>
|
|
Date: Sat, 8 Aug 2020 16:27:03 -0700
|
|
Subject: [PATCH] Avoid integer overflow in calculateNumTiles()
|
|
|
|
Signed-off-by: Cary Phillips <cary@ilm.com>
|
|
---
|
|
IlmImf/ImfTiledMisc.cpp | 6 +++++-
|
|
1 file changed, 5 insertions(+), 1 deletion(-)
|
|
|
|
diff --git a/IlmImf/ImfTiledMisc.cpp b/IlmImf/ImfTiledMisc.cpp
|
|
index 8552ada20..1cff8037d 100644
|
|
--- a/IlmImf/ImfTiledMisc.cpp
|
|
+++ b/IlmImf/ImfTiledMisc.cpp
|
|
@@ -301,7 +301,11 @@ calculateNumTiles (int *numTiles,
|
|
{
|
|
for (int i = 0; i < numLevels; i++)
|
|
{
|
|
- numTiles[i] = (levelSize (min, max, i, rmode) + size - 1) / size;
|
|
+ int l = levelSize (min, max, i, rmode);
|
|
+ if (l >= std::numeric_limits<int>::max() - size + 1)
|
|
+ throw IEX_NAMESPACE::ArgExc ("Invalid size.");
|
|
+
|
|
+ numTiles[i] = (l + size - 1) / size;
|
|
}
|
|
}
|
|
|