From 3e52dabe3e64dc50f4422effe364a1457a8a8592 Mon Sep 17 00:00:00 2001 From: Sam Hocevar Date: Sat, 29 Dec 2018 22:35:07 +0100 Subject: [PATCH] img2txt: fix an integer overflow in the BMP loader. Fixes: #37 (CVE-2018-20545) Fixes: #40 (CVE-2018-20548) Fixes: #41 (CVE-2018-20549) --- src/common-image.h | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/src/common-image.h b/src/common-image.h index b78b05c6..438b2bce 100644 --- a/src/common-image.h +++ b/src/common-image.h @@ -1,19 +1,19 @@ /* * Imaging tools for cacaview and img2irc - * Copyright (c) 2003-2012 Sam Hocevar - * All Rights Reserved + * Copyright © 2003—2018 Sam Hocevar + * All Rights Reserved * * This program is free software. It comes without any warranty, to * the extent permitted by applicable law. You can redistribute it * and/or modify it under the terms of the Do What the Fuck You Want - * to Public License, Version 2, as published by Sam Hocevar. See - * http://www.wtfpl.net/ for more details. + * to Public License, Version 2, as published by the WTFPL Task Force. + * See http://www.wtfpl.net/ for more details. */ struct image { char *pixels; - unsigned int w, h; + size_t w, h; struct caca_dither *dither; void *priv; };