56 lines
1.7 KiB
Diff
56 lines
1.7 KiB
Diff
From 394d6a180a4b63a149a223b13e98a3209f837147 Mon Sep 17 00:00:00 2001
|
|
From: Eric Soroos <eric-github@soroos.net>
|
|
Date: Sat, 28 Mar 2020 13:00:46 +0000
|
|
Subject: [PATCH 1/4] Track number of pixels, not the number of runs
|
|
|
|
---
|
|
src/libImaging/SgiRleDecode.c | 8 ++++++--
|
|
1 file changed, 6 insertions(+), 2 deletions(-)
|
|
|
|
diff --git a/src/libImaging/SgiRleDecode.c b/src/libImaging/SgiRleDecode.c
|
|
index e9b2c0b..087b7b4 100644
|
|
--- a/src/libImaging/SgiRleDecode.c
|
|
+++ b/src/libImaging/SgiRleDecode.c
|
|
@@ -28,6 +28,7 @@ static void read4B(UINT32* dest, UINT8* buf)
|
|
static int expandrow(UINT8* dest, UINT8* src, int n, int z, int xsize)
|
|
{
|
|
UINT8 pixel, count;
|
|
+ int x = 0;
|
|
|
|
for (;n > 0; n--)
|
|
{
|
|
@@ -37,9 +38,10 @@ static int expandrow(UINT8* dest, UINT8* src, int n, int z, int xsize)
|
|
count = pixel & RLE_MAX_RUN;
|
|
if (!count)
|
|
return count;
|
|
- if (count > xsize){
|
|
+ if (x + count > xsize){
|
|
return -1;
|
|
}
|
|
+ x += count;
|
|
if (pixel & RLE_COPY_FLAG) {
|
|
while(count--) {
|
|
*dest = *src++;
|
|
@@ -62,7 +64,8 @@ static int expandrow(UINT8* dest, UINT8* src, int n, int z, int xsize)
|
|
static int expandrow2(UINT8* dest, const UINT8* src, int n, int z, int xsize)
|
|
{
|
|
UINT8 pixel, count;
|
|
-
|
|
+
|
|
+ int x = 0;
|
|
|
|
for (;n > 0; n--)
|
|
{
|
|
@@ -73,9 +76,10 @@ static int expandrow2(UINT8* dest, const UINT8* src, int n, int z, int xsize)
|
|
count = pixel & RLE_MAX_RUN;
|
|
if (!count)
|
|
return count;
|
|
- if (count > xsize){
|
|
+ if (x + count > xsize){
|
|
return -1;
|
|
}
|
|
+ x += count;
|
|
if (pixel & RLE_COPY_FLAG) {
|
|
while(count--) {
|
|
memcpy(dest, src, 2);
|