-/*- genpng
+/* genpng
*
* COPYRIGHT: Written by John Cunningham Bowler, 2015.
- * To the extent possible under law, the author has waived all copyright and
+ * Revised by Glenn Randers-Pehrson, 2017, to add buffer-size check.
+ * To the extent possible under law, the authors have waived all copyright and
* related or neighboring rights to this work. This work is published from:
* United States.
*
* joins are mitres; the outside of the lines are continued to the point of
* intersection.
*/
+
#include <stddef.h>
#include <stdlib.h>
#include <string.h>
* { inside_circle_filled, check_circle_filled },
* { inside_circle, check_circle }
*
- * The functions here are analoguous to the square ones; however, they check
+ * The functions here are analogous to the square ones; however, they check
* the corresponding ellipse as opposed to the rectangle.
*/
static int
return 1;
}
+#if 1
+ /* TO do: determine whether this guard against overflow is necessary.
+ * This comment in png.h indicates that it should be safe: "libpng will
+ * refuse to process an image where such an overflow would occur", but
+ * I don't see where the image gets rejected when the buffer is too
+ * large before the malloc is attempted.
+ */
+ if (image.height > ((size_t)(-1))/(8*image.width)) {
+ fprintf(stderr, "genpng: image buffer would be too big");
+ return 1;
+ }
+#endif
+
/* Create the buffer: */
buffer = malloc(PNG_IMAGE_SIZE(image));