packages/OpenEXR
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
OpenEXR/CVE-2021-3598.patch
wang_yue111 fd1686c897 fix CVE-2021-3598
2021-07-10 17:03:06 +08:00

27 lines
1.0 KiB
Diff
Raw Blame History

From e2667ae1a3ff8a9fce730e61129868b326abb3f5 Mon Sep 17 00:00:00 2001
From: peterhillman <peterh@wetafx.co.nz>
Date: Fri, 4 Jun 2021 11:13:49 +1200
Subject: [PATCH] verify data size in deepscanlines with NO_COMPRESSION (#1037)
Signed-off-by: Peter Hillman <peterh@wetafx.co.nz>
---
IlmImf/ImfDeepScanLineInputFile.cpp | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/IlmImf/ImfDeepScanLineInputFile.cpp b/IlmImf/ImfDeepScanLineInputFile.cpp
index 5f0f43989..ead43c729 100644
--- a/IlmImf/ImfDeepScanLineInputFile.cpp
+++ b/IlmImf/ImfDeepScanLineInputFile.cpp
@@ -647,6 +647,11 @@ LineBufferTask::execute ()
_lineBuffer->format = Compressor::XDR;
_lineBuffer->uncompressedData = _lineBuffer->buffer;
+
+ if(_lineBuffer->packedDataSize!=maxBytesPerLine)
+ {
+ THROW (IEX_NAMESPACE::InputExc, "Incorrect size for uncompressed data. Expected " << maxBytesPerLine << " got " << _lineBuffer->packedDataSize << " bytes");
+ }
}
}
Reference in New Issue View Git Blame Copy Permalink