diff options
author | Brecht Van Lommel <brechtvanlommel@gmail.com> | 2018-01-15 01:26:31 +0300 |
---|---|---|
committer | Brecht Van Lommel <brechtvanlommel@gmail.com> | 2018-01-17 22:25:42 +0300 |
commit | 07aed404cfb2759f97c60b9f64d8a9392dabaf1a (patch) | |
tree | ae47bdb684d0fbc8928dd2c011ca24a7fbfcb0d7 /source/blender/blenloader/BLO_blend_defs.h | |
parent | d30cc1ea0b9ba64d8a1e22105528b6cb8077692c (diff) |
Fix buffer overflow vulernability in thumbnail file reading.
Fixes CVE-2017-2908 from T52924.
Differential Revision: https://developer.blender.org/D3001
Diffstat (limited to 'source/blender/blenloader/BLO_blend_defs.h')
-rw-r--r-- | source/blender/blenloader/BLO_blend_defs.h | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/source/blender/blenloader/BLO_blend_defs.h b/source/blender/blenloader/BLO_blend_defs.h index a6b06a080cc..6776b1c3338 100644 --- a/source/blender/blenloader/BLO_blend_defs.h +++ b/source/blender/blenloader/BLO_blend_defs.h @@ -75,6 +75,6 @@ enum { ENDB = BLEND_MAKE_ID('E', 'N', 'D', 'B'), }; -#define BLEN_THUMB_MEMSIZE_FILE(_x, _y) (sizeof(int) * (size_t)(2 + (_x) * (_y))) +#define BLEN_THUMB_MEMSIZE_FILE(_x, _y) (sizeof(int) * (2 + (size_t)(_x) * (size_t)(_y))) #endif /* __BLO_BLEND_DEFS_H__ */ |