Added image size sanity checksrelease-2_1

author: Jorge Arellano Cid <jcid@dillo.org> 2009-06-19 19:07:47 -0400
committer: Jorge Arellano Cid <jcid@dillo.org> 2009-06-19 19:07:47 -0400
commit: d1e9237fdaf8a2e5ba5993fbd0efa9a016b4cc6e (patch)
tree: 6825edd02e38a175eaa4fcd35f8cb722d59b8706 /src/jpeg.c
parent: 30ef110e2384e0ad26c2131b9d530f53954bcde9 (diff)
1 files changed, 10 insertions, 0 deletions
diff --git a/src/jpeg.c b/src/jpeg.c
index 212b61f6..09bdfb3d 100644
--- a/src/jpeg.c
+++ b/src/jpeg.c
@@ -279,6 +279,16 @@ static void Jpeg_write(DilloJpeg *jpeg, void *Buf, uint_t BufSize)
              !(a_Capi_get_flags(jpeg->url) & CAPI_Completed))
             jpeg->cinfo.buffered_image = TRUE;
 
+         /* check max image size */
+         if ((uint_t)jpeg->cinfo.image_width *
+             (uint_t)jpeg->cinfo.image_height  > IMAGE_MAX_W * IMAGE_MAX_H) {
+            MSG("Jpeg_write: suspicious image size request %ux%u\n",
+                (uint_t)jpeg->cinfo.image_width,
+                (uint_t)jpeg->cinfo.image_height);
+            jpeg->state = DILLO_JPEG_ERROR;
+            return;
+         }
+
          a_Dicache_set_parms(jpeg->url, jpeg->version, jpeg->Image,
                              (uint_t)jpeg->cinfo.image_width,
                              (uint_t)jpeg->cinfo.image_height,
author	Jorge Arellano Cid <jcid@dillo.org>	2009-06-19 19:07:47 -0400
committer	Jorge Arellano Cid <jcid@dillo.org>	2009-06-19 19:07:47 -0400
commit	d1e9237fdaf8a2e5ba5993fbd0efa9a016b4cc6e (patch)
tree	6825edd02e38a175eaa4fcd35f8cb722d59b8706 /src/jpeg.c
parent	30ef110e2384e0ad26c2131b9d530f53954bcde9 (diff)