LineageOS/android_packages_apps_Messaging
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

32322450 Security Vulnerability - heap buffer overflow in libgiftranscode.so am: bcc1f62715 am: 5311a02e27 am: 954e81ed44 am: e215495b3b am: a044afd70d

Browse Source 
am: a1562e5ab6

Change-Id: Icc21314c2194d15c22fa62dc1d59e6734ffd1108
This commit is contained in:
Tom Taylor
2016-12-05 23:10:21 +00:00
committed by android-build-merger
parent 1156cd7408 a1562e5ab6
commit d65f900883
1 changed files with 5 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
jni/GifTranscoder.cpp
View File

@@ -274,6 +274,11 @@ bool GifTranscoder::resizeBoxFilter(GifFileType* gifIn, GifFileType* gifOut) {
// matches what libframesequence (Rastermill) does. // matches what libframesequence (Rastermill) does.
if (imageIndex == 0 && gifIn->SColorMap) { if (imageIndex == 0 && gifIn->SColorMap) {
if (gcb.TransparentColor == NO_TRANSPARENT_COLOR) { if (gcb.TransparentColor == NO_TRANSPARENT_COLOR) {
if (gifIn->SBackGroundColor < 0 ||
gifIn->SBackGroundColor >= gifIn->SColorMap->ColorCount) {
LOGE("SBackGroundColor overflow");
return false;
}
GifColorType bgColorIndex = GifColorType bgColorIndex =
gifIn->SColorMap->Colors[gifIn->SBackGroundColor]; gifIn->SColorMap->Colors[gifIn->SBackGroundColor];
bgColor = gifColorToColorARGB(bgColorIndex); bgColor = gifColorToColorARGB(bgColorIndex);