dnrops
/
gimp
mirror of https://github.com/GNOME/gimp.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

core: Improve security of ASE palette loading 

Per @Wormnest comment on ACB palette loading,
g_utf16_to_utf8 () now uses the string length rather than -1 to prevent malicious non-NULL terminated strings.
This commit is contained in:
Alx Sa 2023-09-13 02:36:05 +00:00
parent ab29c4478e
commit 9a15f65a64
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/core/gimppalette-load.c
View File

@ -1247,7 +1247,7 @@ gimp_palette_load_ase_block_name (GInputStream *input,
pal_name[i] = GUINT16_FROM_BE (pal_name[i]);
}
pal_name_utf8 = g_utf16_to_utf8 (pal_name, -1, NULL, NULL, NULL);
pal_name_utf8 = g_utf16_to_utf8 (pal_name, pal_name_len, NULL, NULL, NULL);
g_free (pal_name);
return pal_name_utf8;