Valentin LEFEBVRE
GitHub
3 weeks ago
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 16 additions and 0 deletions
Unified View
Diff Options
-
+7 -0caca/canvas.c
-
+9 -0caca/frame.c
+ 7
- 0
caca/canvas.c
View File
| @@ -375,6 +375,13 @@ int caca_resize(caca_canvas_t *cv, int width, int height) | |||||
| return -1; | return -1; | ||||
| } | } | ||||
| int new_size = width * height; | int new_size = width * height; | ||||
| /* Check for overflow when multiplying by sizeof(uint32_t) on 32-bit | |||||
| * systems */ | |||||
| if (new_size > 0 && (size_t)new_size > SIZE_MAX / sizeof(uint32_t)) | |||||
| { | |||||
| seterrno(EOVERFLOW); | |||||
| return -1; | |||||
| } | |||||
| old_width = cv->width; | old_width = cv->width; | ||||
| old_height = cv->height; | old_height = cv->height; | ||||
+ 9
- 0
caca/frame.c
View File
| @@ -147,6 +147,15 @@ int caca_create_frame(caca_canvas_t *cv, int id) | |||||
| int size = cv->width * cv->height; | int size = cv->width * cv->height; | ||||
| int f; | int f; | ||||
| /* Check for overflow when multiplying by sizeof(uint32_t) on 32-bit | |||||
| * systems */ | |||||
| if (size > 0 && (size_t)size > SIZE_MAX / sizeof(uint32_t)) | |||||
| { | |||||
| seterrno(EOVERFLOW); | |||||
| return -1; | |||||
| } | |||||
| if(id < 0) | if(id < 0) | ||||
| id = 0; | id = 0; | ||||
| else if(id > cv->framecount) | else if(id > cv->framecount) | ||||