PNM loader: Fix reading PNM bitmaps.

Attempting to read a PNM bitmap (ASCII format) would cause a lockup due to infinite loop, and in certain cases write access outside allocated memory. Fixes CVE-2016-6348 (out-of-bounds writes ... presumably - CVE text not disclosed yet). Found by Neelima Krishnan, Intel Corporation.
author: Kim Woelders <kim@woelders.dk> 2016-07-30 16:44:57 +0200
committer: Kim Woelders <kim@woelders.dk> 2016-09-03 10:53:11 +0200
commit: f6d902efd9e5a9438a0fbdc9b187e8c2ac08a01f (patch)
tree: 451297e4fc6528186b0603559978ab41b031e1f1
parent: 9780f8dbc40332a8cb2cd0e91d2a552c2ce5d176 (diff)
download: imlib2-f6d902efd9e5a9438a0fbdc9b187e8c2ac08a01f.tar.gz
1 files changed, 1 insertions, 0 deletions
diff --git a/src/modules/loaders/loader_pnm.c b/src/modules/loaders/loader_pnm.c
index 509523c..04b01b0 100644
--- a/src/modules/loaders/loader_pnm.c
+++ b/src/modules/loaders/loader_pnm.c
@@ -179,6 +179,7 @@ load(ImlibImage * im, ImlibProgressFunction progress,
                                goto quit_error;
                             ptr2++;
                             i++;
+                            x++;
                          }
                     }
                   if (progress &&
author	Kim Woelders <kim@woelders.dk>	2016-07-30 16:44:57 +0200
committer	Kim Woelders <kim@woelders.dk>	2016-09-03 10:53:11 +0200
commit	f6d902efd9e5a9438a0fbdc9b187e8c2ac08a01f (patch)
tree	451297e4fc6528186b0603559978ab41b031e1f1
parent	9780f8dbc40332a8cb2cd0e91d2a552c2ce5d176 (diff)
download	imlib2-f6d902efd9e5a9438a0fbdc9b187e8c2ac08a01f.tar.gz