diff options
| author | abma <spring@abma.de> | 2014-08-10 22:59:35 +0200 |
|---|---|---|
| committer | abma <spring@abma.de> | 2014-08-10 23:06:26 +0200 |
| commit | 8cf8940410590fe51ab25a07a2f4176f65a25271 (patch) | |
| tree | 8661d2ed0934ea43ea643b7b3bba7bc70b6cf662 | |
| parent | e9c49587bdefc520241f30d00ff10748a855a587 (diff) | |
| download | devil-8cf8940410590fe51ab25a07a2f4176f65a25271.tar.gz | |
reapply CVE-2009-3994
| -rw-r--r-- | DevIL/src-IL/src/il_dicom.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/DevIL/src-IL/src/il_dicom.c b/DevIL/src-IL/src/il_dicom.c index fbba48c4..9fc087de 100644 --- a/DevIL/src-IL/src/il_dicom.c +++ b/DevIL/src-IL/src/il_dicom.c @@ -427,9 +427,11 @@ ILboolean GetUID(ILubyte *UID) return IL_FALSE; ValLen = GetLittleUShort(); + if (ValLen > 64) + return IL_FALSE; if (iread(UID, ValLen, 1) != 1) return IL_FALSE; - UID[64] = 0; // Just to make sure that our string is terminated. + UID[ValLen] = 0; // Just to make sure that our string is terminated. return IL_TRUE; } |