mirrors/serenity
1
0
Fork 0
mirror of https://github.com/SerenityOS/serenity.git synced 2025-01-23 18:02:05 -05:00
Code Issues Projects Releases Packages Wiki Activity

LibGfx: Let ICC code validate tag data alignment

Browse source 
Both when reading the main tag table and when reading embedded
curve data in lutAToBType or lutBToAType.
This commit is contained in:
Nico Weber 2023-02-12 10:33:53 -05:00 committed by Linus Groh
parent b15a889ca4
commit 7e915b145b
2 changed files with 8 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
Userland/Libraries/LibGfx/ICC/Profile.cpp
View file

@ -558,6 +558,10 @@ ErrorOr<void> Profile::read_header(ReadonlyBytes bytes)
ErrorOr<NonnullRefPtr<TagData>> Profile::read_tag(ReadonlyBytes bytes, u32 offset_to_beginning_of_tag_data_element, u32 size_of_tag_data_element)
{
// "All tag data elements shall start on a 4-byte boundary (relative to the start of the profile data stream)"
if (offset_to_beginning_of_tag_data_element % 4 != 0)
return Error::from_string_literal("ICC::Profile: Tag data not aligned");
if (offset_to_beginning_of_tag_data_element + size_of_tag_data_element > bytes.size())
return Error::from_string_literal("ICC::Profile: Tag data out of bounds");

4
Userland/Libraries/LibGfx/ICC/TagTypes.cpp
View file

@ -382,6 +382,10 @@ static ErrorOr<CLUTData> read_clut_data(ReadonlyBytes bytes, AdvancedLUTHeader c
static ErrorOr<LutCurveType> read_curve(ReadonlyBytes bytes, u32 offset)
{
// "All tag data elements shall start on a 4-byte boundary (relative to the start of the profile data stream)"
if (offset % 4 != 0)
return Error::from_string_literal("ICC::Profile: lut curve data not aligned");
// See read_curves() below.
if (offset + sizeof(u32) > bytes.size())
return Error::from_string_literal("ICC::Profile: not enough data for lut curve type");