FWGS
/
xash3d-fwgs
mirror of https://github.com/FWGS/xash3d-fwgs
2
0
Fork 0
Code Issues 2 Projects Releases Wiki Activity

engine: imagelib: fix crash when chunk length is more than file size

This commit is contained in:
Alibek Omarov 2022-12-05 05:39:41 +03:00
parent 5c2c02c317
commit 9b001987e9
1 changed files with 8 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
engine/common/imagelib/img_png.c
View File

@ -161,7 +161,14 @@ qboolean Image_LoadPNG( const char *name, const byte *buffer, fs_offset_t filesi
if( chunk_len > INT_MAX )
{
Con_DPrintf( S_ERROR "Image_LoadPNG: Found chunk with wrong size (%s)\n", name );
Mem_Free( idat_buf );
if( idat_buf ) Mem_Free( idat_buf );
return false;
}
if( chunk_len > filesize - ( buf_p - buffer ))
{
Con_DPrintf( S_ERROR "Image_LoadPNG: Found chunk with size past file size (%s)\n", name );
if( idat_buf ) Mem_Free( idat_buf );
return false;
}