Chiebot-Mirror
/
opencv
8
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

imgcodecs: add overflow checks

Browse Source
pull/10563/head
Alexander Alekhin 7 years ago
parent be5247921d
commit 8a76fadaa3
2 changed files with 8 additions and 1 deletions
Unified View
  1. 8
      modules/imgcodecs/src/bitstrm.cpp
  2. 1
      modules/imgcodecs/src/grfmt_bmp.cpp

8
modules/imgcodecs/src/bitstrm.cpp
Unescape View File

@ -42,6 +42,7 @@
#include "precomp.hpp" #include "precomp.hpp"
#include "bitstrm.hpp" #include "bitstrm.hpp"
#include "utils.hpp"
namespace cv namespace cv
{ {
@ -183,13 +184,18 @@ void RBaseStream::setPos( int pos )
int RBaseStream::getPos() int RBaseStream::getPos()
{ {
CV_Assert(isOpened()); CV_Assert(isOpened());
return m_block_pos + (int)(m_current - m_start); int pos = validateToInt((m_current - m_start) + m_block_pos);
CV_Assert(pos >= m_block_pos); // overflow check
CV_Assert(pos >= 0); // overflow check
return pos;
} }
void RBaseStream::skip( int bytes ) void RBaseStream::skip( int bytes )
{ {
CV_Assert(bytes >= 0); CV_Assert(bytes >= 0);
uchar* old = m_current;
m_current += bytes; m_current += bytes;
CV_Assert(m_current >= old); // overflow check
} }
///////////////////////// RLByteStream //////////////////////////// ///////////////////////// RLByteStream ////////////////////////////

1
modules/imgcodecs/src/grfmt_bmp.cpp
Unescape View File

@ -95,6 +95,7 @@ bool BmpDecoder::readHeader()
m_offset = m_strm.getDWord(); m_offset = m_strm.getDWord();
int size = m_strm.getDWord(); int size = m_strm.getDWord();
CV_Assert(size > 0); // overflow, 2Gb limit
if( size >= 36 ) if( size >= 36 )
{ {

Write Preview
Loading…
Cancel
Save