From 1fd3b478e1921402aa855bd9c6e3dd2367a8909d Mon Sep 17 00:00:00 2001 From: John Cupitt Date: Sat, 14 Dec 2019 05:13:44 +0000 Subject: [PATCH] always check memory area length vips_image_new_from_memory() allowed you to use length == 0 to mean "don't check memory length". This was part of some very old vips7 compatibility. The ppm loader could pass length == 0 if header size was equal to file size, bypassing the length check. --- libvips/foreign/ppmload.c | 6 ++++-- libvips/iofuncs/image.c | 6 +----- 2 files changed, 5 insertions(+), 7 deletions(-) diff --git a/libvips/foreign/ppmload.c b/libvips/foreign/ppmload.c index f22554a9..33ed119e 100644 --- a/libvips/foreign/ppmload.c +++ b/libvips/foreign/ppmload.c @@ -65,8 +65,8 @@ */ /* -#define DEBUG */ +#define DEBUG #ifdef HAVE_CONFIG_H #include @@ -426,6 +426,7 @@ vips_foreign_load_ppm_generate_binary( VipsRegion *or, { VipsRect *r = &or->valid; VipsForeignLoadPpm *ppm = (VipsForeignLoadPpm *) a; + VipsObjectClass *class = VIPS_OBJECT_GET_CLASS( ppm ); VipsImage *image = or->im; size_t sizeof_line = VIPS_IMAGE_SIZEOF_LINE( image ); @@ -438,7 +439,8 @@ vips_foreign_load_ppm_generate_binary( VipsRegion *or, bytes_read = vips_streami_read( ppm->streami, q, sizeof_line ); if( bytes_read != sizeof_line ) { - vips_error( "ppmload", "%s", _( "file truncated" ) ); + vips_error( class->nickname, + "%s", _( "file truncated" ) ); return( -1 ); } } diff --git a/libvips/iofuncs/image.c b/libvips/iofuncs/image.c index 36a480de..3d41f19d 100644 --- a/libvips/iofuncs/image.c +++ b/libvips/iofuncs/image.c @@ -2072,11 +2072,7 @@ vips_image_new_from_memory( const void *data, size_t size, return( NULL ); } - /* Allow len == 0, meaning don't check. Used for im_image() - * compatibility. - */ - if( size > 0 && - size < VIPS_IMAGE_SIZEOF_IMAGE( image ) ) { + if( size < VIPS_IMAGE_SIZEOF_IMAGE( image ) ) { vips_error( "VipsImage", _( "memory area too small --- " "should be %" G_GINT64_FORMAT " bytes, "