diff options
| author | Sebastian Rasmussen <sebras@gmail.com> | 2016-09-27 13:12:54 +0800 |
|---|---|---|
| committer | Sebastian Rasmussen <sebras@gmail.com> | 2016-09-27 20:04:04 +0800 |
| commit | cf2272c69587196d2274e2f760265f05569e1d4f (patch) | |
| tree | ed0f6f4d14c8a11eaa789b621d46dd163573ab0a /source/fitz/load-tiff.c | |
| parent | 1bebb9feb7ffd62d8945790b2426d6cf09027d60 (diff) | |
| download | mupdf-cf2272c69587196d2274e2f760265f05569e1d4f.tar.xz | |
Bug 697163: gif: Fix integer overflow in image dimensions.
Diffstat (limited to 'source/fitz/load-tiff.c')
| -rw-r--r-- | source/fitz/load-tiff.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/source/fitz/load-tiff.c b/source/fitz/load-tiff.c index fa366a8e..e36914f1 100644 --- a/source/fitz/load-tiff.c +++ b/source/fitz/load-tiff.c @@ -336,7 +336,7 @@ fz_expand_tiff_colormap(fz_context *ctx, struct tiff *tiff) fz_throw(ctx, FZ_ERROR_GENERIC, "insufficient colormap data"); if (tiff->imagelength > UINT_MAX / tiff->imagewidth / (tiff->samplesperpixel + 2)) - fz_throw(ctx, FZ_ERROR_GENERIC, "image dimensions might overflow"); + fz_throw(ctx, FZ_ERROR_GENERIC, "image too large"); stride = tiff->imagewidth * (tiff->samplesperpixel + 2); |