[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH 0/2] Fix Coverity untrusted loop bound bugs in jpeg.c
|
From: |
Alec Brown |
|
Subject: |
[PATCH 0/2] Fix Coverity untrusted loop bound bugs in jpeg.c |
|
Date: |
Thu, 20 Oct 2022 17:11:12 -0400 |
In grub-core/video/readers/jpeg.c, Coverity identified an untrusted loop bound
bug. After resolving this bug, a private Coverity scan identified another
untrusted loop bound bug in a different function. Since this bug only shows up
after resolving the first bug, there isn't a CID for the second bug.
The Coverity bugs being addressed are:
CID 292450
Alec Brown (2):
video/readers: Add artificial limit to image dimensions
video/readers/jpeg: Check next_marker is within file size
docs/grub.texi | 3 ++-
grub-core/video/readers/jpeg.c | 12 +++++++++++-
grub-core/video/readers/png.c | 6 +++++-
grub-core/video/readers/tga.c | 7 +++++++
include/grub/bitmap.h | 2 ++
5 files changed, 27 insertions(+), 3 deletions(-)
- [PATCH 0/2] Fix Coverity untrusted loop bound bugs in jpeg.c,
Alec Brown <=