Prevent integer overflow
This commit is contained in:
parent
4793e93d69
commit
386126ffdb
|
@ -828,7 +828,10 @@ load (app_context_t *app)
|
||||||
if (fscanf (fp, "%d %d %zu %zu", &x, &y, &w, &h) != 4)
|
if (fscanf (fp, "%d %d %zu %zu", &x, &y, &w, &h) != 4)
|
||||||
goto error;
|
goto error;
|
||||||
|
|
||||||
|
if (w && h > SIZE_MAX / w)
|
||||||
|
goto error;
|
||||||
size_t size = w * h;
|
size_t size = w * h;
|
||||||
|
|
||||||
uint8_t *bitmap = calloc (size, sizeof *bitmap);
|
uint8_t *bitmap = calloc (size, sizeof *bitmap);
|
||||||
if (!bitmap)
|
if (!bitmap)
|
||||||
goto error;
|
goto error;
|
||||||
|
|
Loading…
Reference in New Issue