diff options
| author | Slávek Banko <[email protected]> | 2015-05-23 18:48:51 +0200 |
|---|---|---|
| committer | Slávek Banko <[email protected]> | 2015-05-23 18:48:51 +0200 |
| commit | 538d6a2440fbe645b970402fa7e86dfd3e36192b (patch) | |
| tree | 3651689eb3a6090d02641d063bf3b1d355c4b0e1 /src/kernel | |
| parent | b3037160f25730efca66966559779559a4946bf3 (diff) | |
| download | qt3-538d6a2440fbe645b970402fa7e86dfd3e36192b.tar.gz qt3-538d6a2440fbe645b970402fa7e86dfd3e36192b.zip | |
Fix security issue CVE-2015-1860
[taken from RedHat Qt3 patches]
Diffstat (limited to 'src/kernel')
| -rw-r--r-- | src/kernel/qasyncimageio.cpp | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/src/kernel/qasyncimageio.cpp b/src/kernel/qasyncimageio.cpp index e16125b..7be8ddb 100644 --- a/src/kernel/qasyncimageio.cpp +++ b/src/kernel/qasyncimageio.cpp @@ -1226,6 +1226,8 @@ void QGIFFormat::fillRect(QImage& img, int col, int row, int w, int h, QRgb colo void QGIFFormat::nextY(QImage& img, QImageConsumer* consumer) { + if (out_of_bounds) + return; int my; switch (interlace) { case 0: |