98878 – Gracefully handle EOF while parsing files.

Bug 98878 - Gracefully handle EOF while parsing files.

Summary: Gracefully handle EOF while parsing files.

Status:	RESOLVED FIXED

Alias:	None

Product:	xorg
Classification:	Unclassified
Component:	Lib/Xpm (show other bugs)
Version:	git
Hardware:	Other All

Importance:	medium normal
Assignee:	Xorg Project Team
QA Contact:	Xorg Project Team

URL:
Whiteboard:
Keywords:	patch

Depends on:
Blocks:

Reported:	2016-11-27 18:08 UTC by Tobias Stoeckmann
Modified:	2016-12-15 17:43 UTC (History)
CC List:	0 users

See Also:
i915 platform:
i915 features:

Attachments
My proposed patch (2.83 KB, patch) 2016-11-27 18:08 UTC, Tobias Stoeckmann	no flags	Details \| Splinter Review
View All

Description Tobias Stoeckmann 2016-11-27 18:08:11 UTC

Created attachment 128227 [details] [review]
My proposed patch

libXpm does not properly handle EOF conditions when xpmGetC is called
multiple times in a row to construct a string. Instead of checking
its return value for EOF, the result is automatically casted into a
char and attached to a string.

By carefully crafting the color table in an XPM file, it is possible to
send a libXpm program like gimp into a very long lasting loop and
massive memory allocations.

Otherwise no memory issues arise, therefore this is just a purely
functional patch to dismiss invalid input.

Comment 1 Matthieu Herrb 2016-12-15 17:43:44 UTC

Committed. https://cgit.freedesktop.org/xorg/lib/libXpm/commit/?id=1ec33006a9e4214b390045b820464e24297dc6c0

Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.