diff options
| author | Campbell Barton <ideasman42@gmail.com> | 2020-11-11 08:14:09 +0300 |
|---|---|---|
| committer | Campbell Barton <ideasman42@gmail.com> | 2020-11-11 08:14:09 +0300 |
| commit | 15ffda3bcd697e6f3a0cc13e141da865f36f3b53 (patch) | |
| tree | f98d9fc831f18a9194818f5428466884654e802b /source/blender/imbuf/intern/openexr | |
| parent | 2d60845786aeab099c61ffa42b7f72cccc68bff1 (diff) | |
Fix T82602: checking image header reads past buffer bounds
Use the size argument to ensure checking the header doesn't read
past the buffer bounds when reading corrupt/truncated headers
from image files.
Diffstat (limited to 'source/blender/imbuf/intern/openexr')
| -rw-r--r-- | source/blender/imbuf/intern/openexr/openexr_api.cpp | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/source/blender/imbuf/intern/openexr/openexr_api.cpp b/source/blender/imbuf/intern/openexr/openexr_api.cpp index 467454ddb7a..56188fbe98a 100644 --- a/source/blender/imbuf/intern/openexr/openexr_api.cpp +++ b/source/blender/imbuf/intern/openexr/openexr_api.cpp @@ -330,8 +330,12 @@ extern "C" { * Test presence of OpenEXR file. * \param mem: pointer to loaded OpenEXR bitstream */ -bool imb_is_a_openexr(const unsigned char *mem, const size_t UNUSED(size)) +bool imb_is_a_openexr(const unsigned char *mem, const size_t size) { + /* No define is exposed for this size. */ + if (size < 4) { + return false; + } return Imf::isImfMagic((const char *)mem); } |