Fixed bug #75111 (Memory disclosure or DoS via crafted .bmp image)

Crafted BMP images can cause dynamicSeek() to be called with a negative
position which must not be allowed, since dynamicSeek() works like
fseek() in SEEK_SET mode. We solve this by bailing out if `pos` is
negative, and let the image reading fail gracefully.

0 files changed, 0 insertions, 0 deletions