From ccb89a889a322f60c8fe73400a8f3dc929bcc6c7 Mon Sep 17 00:00:00 2001 From: Alexander Alekhin Date: Sun, 31 Mar 2019 10:43:30 +0000 Subject: [PATCH] imgcodecs(bmp): limit size of processed images 2Gb+ images can't be handled properly by current implementation backporting of commit: 50a6f9d251bfe9c3aec6c977391f38a7b790fe4c --- modules/imgcodecs/src/grfmt_bmp.cpp | 3 +++ 1 file changed, 3 insertions(+) diff --git a/modules/imgcodecs/src/grfmt_bmp.cpp b/modules/imgcodecs/src/grfmt_bmp.cpp index 7018f8a16b..d626de1a54 100644 --- a/modules/imgcodecs/src/grfmt_bmp.cpp +++ b/modules/imgcodecs/src/grfmt_bmp.cpp @@ -203,6 +203,9 @@ bool BmpDecoder::readData( Mat& img ) int nch = color ? 3 : 1; int y, width3 = m_width*nch; + // FIXIT: use safe pointer arithmetic (avoid 'int'), use size_t, intptr_t, etc + CV_Assert(((uint64)m_height * m_width * nch < (CV_BIG_UINT(1) << 30)) && "BMP reader implementation doesn't support large images >= 1Gb"); + if( m_offset < 0 || !m_strm.isOpened()) return false;