[cairo-bugs] [Bug 10730] potential controllable integer overflow in cairo-png.c
bugzilla-daemon at freedesktop.org
bugzilla-daemon at freedesktop.org
Tue Sep 25 16:01:01 PDT 2007
http://bugs.freedesktop.org/show_bug.cgi?id=10730
chris at chris-wilson.co.uk changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |FIXED
------- Comment #7 from chris at chris-wilson.co.uk 2007-09-25 16:02 PST -------
Vlad fixed this a while ago:
commit 5c7d2d14d78e4dfb1ef6d2c40f0910f177e07360
Author: Vladimir Vukicevic <vladimir at pobox.com>
Date: Tue Jun 19 13:15:21 2007 -0700
[fix] Avoid int overflow when allocating large buffers
This patch introduces three macros: _cairo_malloc_ab,
_cairo_malloc_abc, _cairo_malloc_ab_plus_c and replaces various calls
to malloc(a*b), malloc(a*b*c), and malloc(a*b+c) with them. The macros
return NULL if int overflow would occur during the allocation. See
CODING_STYLE for more information.
--
Configure bugmail: http://bugs.freedesktop.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug, or are watching the QA contact.
More information about the cairo-bugs
mailing list