[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH 0/2] Fix Coverity untrusted loop bound bugs in jpeg.c
From: |
Daniel Kiper |
Subject: |
Re: [PATCH 0/2] Fix Coverity untrusted loop bound bugs in jpeg.c |
Date: |
Fri, 21 Oct 2022 14:02:12 +0200 |
On Thu, Oct 20, 2022 at 05:11:12PM -0400, Alec Brown wrote:
> In grub-core/video/readers/jpeg.c, Coverity identified an untrusted loop bound
> bug. After resolving this bug, a private Coverity scan identified another
> untrusted loop bound bug in a different function. Since this bug only shows up
> after resolving the first bug, there isn't a CID for the second bug.
>
> The Coverity bugs being addressed are:
> CID 292450
>
> Alec Brown (2):
> video/readers: Add artificial limit to image dimensions
> video/readers/jpeg: Check next_marker is within file size
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com> for both...
Thank you for fixing these issues!
Daniel