From 7b64246af2cdf9c7b9fae0f29e5483bb6a7376d2 Mon Sep 17 00:00:00 2001 From: John Cupitt Date: Fri, 26 May 2017 09:04:15 +0100 Subject: [PATCH] fix a couple of issues with huge profiles The base64 encode limit was 1MB, but some huge profiles can get over that, so it's now 10MB. transform_save_string_blob() was incorrectly setting a refstring not a blob as an error fallback, potentially leaving a dangling pointer. Thanks Jaume! See https://github.com/jcupitt/libvips/issues/666 --- ChangeLog | 2 ++ libvips/iofuncs/base64.c | 6 ++++-- libvips/iofuncs/type.c | 2 +- 3 files changed, 7 insertions(+), 3 deletions(-) diff --git a/ChangeLog b/ChangeLog index 74587bcf..ace8cf09 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,7 @@ 19/5/17 started 8.5.6 - tiff read with start page > 0 could break edge tiles or strips +- raise b64 limit to allow for huge profiles (thanks jaume) +- fix error return in blob save (thanks jaume) 23/4/17 started 8.5.5 - doc polishing diff --git a/libvips/iofuncs/base64.c b/libvips/iofuncs/base64.c index c972d3f3..a55b553a 100644 --- a/libvips/iofuncs/base64.c +++ b/libvips/iofuncs/base64.c @@ -65,7 +65,7 @@ Modified on: - move to vips_ namespace 31/5/15 - - oops siged/unsignned mess-up meant we were not padding correctly + - oops siged/unsigned mess-up meant we were not padding correctly */ @@ -237,7 +237,9 @@ vips__b64_decode( const char *buffer, size_t *data_length ) int nbits; int i; - if( output_data_length > 1024 * 1024 ) { + /* A large ICC profile can be a couple of MB, so 10 should be plenty. + */ + if( output_data_length > 10 * 1024 * 1024 ) { /* We shouldn't really be used for large amounts of data, plus * we are using an int for offset. */ diff --git a/libvips/iofuncs/type.c b/libvips/iofuncs/type.c index 0c7d26b8..d9ffac94 100644 --- a/libvips/iofuncs/type.c +++ b/libvips/iofuncs/type.c @@ -692,7 +692,7 @@ transform_save_string_blob( const GValue *src_value, GValue *dest_value ) /* No error return from transform, but we should set it to * something. */ - vips_value_set_save_string( dest_value, "" ); + vips_value_set_blob( dest_value, NULL, NULL, 0 ); } GType