diff options
author | Robert Loehning <robert.loehning@qt.io> | 2022-06-03 16:40:30 +0200 |
---|---|---|
committer | Robert Löhning <robert.loehning@qt.io> | 2022-06-09 09:49:54 +0000 |
commit | ea4684c6b17110d4ce0504f382da16462c048662 (patch) | |
tree | 0658339f3ae545fd664fc1aee9468c260c3cc1f8 /src | |
parent | 7ceb1dd6abecaeaa88501cf61dcb2155a2cc839e (diff) | |
download | qtimageformats-ea4684c6b17110d4ce0504f382da16462c048662.tar.gz |
Check earlier to avoid sanitzer warnings
Fixes oss-fuzz issue 47689: "load of value 65, which
is not a valid value for type 'ICNSEntry::Depth'"
Pick-to: 6.4 6.3 6.2 5.15
Change-Id: Ia1b119d863e9518e308117ed1dd6a297297bc537
Reviewed-by: Eirik Aavitsland <eirik.aavitsland@qt.io>
Diffstat (limited to 'src')
-rw-r--r-- | src/plugins/imageformats/icns/qicnshandler.cpp | 10 |
1 files changed, 7 insertions, 3 deletions
diff --git a/src/plugins/imageformats/icns/qicnshandler.cpp b/src/plugins/imageformats/icns/qicnshandler.cpp index f924219..b665c83 100644 --- a/src/plugins/imageformats/icns/qicnshandler.cpp +++ b/src/plugins/imageformats/icns/qicnshandler.cpp @@ -462,8 +462,12 @@ static bool parseIconEntryInfo(ICNSEntry &icon) if (isIconCompressed(icon)) return true; // Icon depth: - if (!depth.isEmpty()) - icon.depth = ICNSEntry::Depth(depth.toUInt()); + if (!depth.isEmpty()) { + const uint depthUInt = depth.toUInt(); + if (depthUInt > 32) + return false; + icon.depth = ICNSEntry::Depth(depthUInt); + } // Try mono if depth not found if (icon.depth == ICNSEntry::DepthUnknown) icon.depth = ICNSEntry::DepthMono; @@ -516,7 +520,7 @@ static bool parseIconEntryInfo(ICNSEntry &icon) icon.height = icon.width; } // Sanity check - if (icon.width == 0 || icon.width > 4096 || icon.depth > 32) + if (icon.width == 0 || icon.width > 4096) return false; return true; } |