tsai
/
ImageSharp
mirror of https://github.com/SixLabors/ImageSharp
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Reintroduced some bounds checks for additional security

pull/1133/head
Sergio Pedri 6 years ago
parent
5b7ac75dfa
commit
70ed21e63b
1 changed files with 2 additions and 9 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 11
      src/ImageSharp/Formats/Png/Zlib/DeflaterHuffman.cs

11
src/ImageSharp/Formats/Png/Zlib/DeflaterHuffman.cs
View File

@ -160,13 +160,9 @@ namespace SixLabors.ImageSharp.Formats.Png.Zlib
this.Pending.WriteBits(this.distTree.NumCodes - 1, 5);
this.Pending.WriteBits(blTreeCodes - 4, 4);
ref byte bitLengthOrderRef = ref MemoryMarshal.GetReference(BitLengthOrder);
for (int rank = 0; rank < blTreeCodes; rank++)
{
ref byte bitsRef = ref Unsafe.Add(ref bitLengthOrderRef, rank);
this.Pending.WriteBits(this.blTree.Length[bitsRef], 3);
this.Pending.WriteBits(this.blTree.Length[BitLengthOrder[rank]], 3);
}
this.literalTree.WriteTree(this.Pending, this.blTree);
@ -255,14 +251,11 @@ namespace SixLabors.ImageSharp.Formats.Png.Zlib
// Build bitlen tree
this.blTree.BuildTree();
ref byte bitLengthOrderRef = ref MemoryMarshal.GetReference(BitLengthOrder);
int blTreeCodes = 4;
for (int i = 18; i > blTreeCodes; i--)
{
ref byte bits = ref Unsafe.Add(ref bitLengthOrderRef, i);
if (this.blTree.Length[bits] > 0)
if (this.blTree.Length[BitLengthOrder[i]] > 0)
{
blTreeCodes = i + 1;
}

Write Preview
Loading…
Cancel
Save