未验证 提交 75671107 编写于 作者: O openharmony_ci 提交者: Gitee

!47 release3.1修复CVE漏洞CVE-2022-33068,限制图片长宽范围

Merge pull request !47 from wanghao-free/OpenHarmony-3.1-Release
......@@ -298,6 +298,12 @@ struct sbix
const PNGHeader &png = *blob->as<PNGHeader>();
if ((png.IHDR.height >= 65536) | (png.IHDR.width >= 65536))
{
hb_blob_destroy (blob);
return false;
}
extents->x_bearing = x_offset;
extents->y_bearing = png.IHDR.height + y_offset;
extents->width = png.IHDR.width;
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册