Added a limit for PNG image size

author: Jorge Arellano Cid <jcid@dillo.org> 2009-06-19 13:11:36 -0400
committer: Jorge Arellano Cid <jcid@dillo.org> 2009-06-19 13:11:36 -0400
commit: c1ff2a39f4abae6cf587df14a9754b98c1ccc0e3 (patch)
tree: 7e2b1f7698a756d0531ebc40711948a83b471ad7 /src/png.c
parent: f04e6473ce9df77056e7b188b17a5e3e0015c297 (diff)
1 files changed, 6 insertions, 0 deletions
diff --git a/src/png.c b/src/png.c
index c1257119..2184dd01 100644
--- a/src/png.c
+++ b/src/png.c
@@ -137,6 +137,12 @@ Png_datainfo_callback(png_structp png_ptr, png_infop info_ptr)
 
    png_get_IHDR(png_ptr, info_ptr, &png->width, &png->height,
                 &bit_depth, &color_type, &interlace_type, NULL, NULL);
+   if (abs(png->width*png->height) > IMAGE_MAX_W * IMAGE_MAX_H) {
+      MSG("Png_datainfo_callback: suspicious image size request %ldx%ld\n",
+          png->width, png->height);
+      Png_error_handling(png_ptr, "Aborting...");
+      return; /* not reached */
+   }
 
    _MSG("Png_datainfo_callback: png->width  = %ld\n"
         "Png_datainfo_callback: png->height = %ld\n",
author	Jorge Arellano Cid <jcid@dillo.org>	2009-06-19 13:11:36 -0400
committer	Jorge Arellano Cid <jcid@dillo.org>	2009-06-19 13:11:36 -0400
commit	c1ff2a39f4abae6cf587df14a9754b98c1ccc0e3 (patch)
tree	7e2b1f7698a756d0531ebc40711948a83b471ad7 /src/png.c
parent	f04e6473ce9df77056e7b188b17a5e3e0015c297 (diff)