From 15750af31a5d130ea63ac133453eb5448cefa636 Mon Sep 17 00:00:00 2001 From: xiaoxiaoafeifei Date: Mon, 21 Aug 2023 01:26:19 +0800 Subject: [PATCH] fix(bmp): fix signed integer overflow when computing total number of pixels (#3948) fix #3947: runtime error: signed integer overflow in file src/bmp.imageio/bmpinput.cpp:302 --- src/bmp.imageio/bmpinput.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/bmp.imageio/bmpinput.cpp b/src/bmp.imageio/bmpinput.cpp index 96fb7c2501..19d8f1bf9d 100644 --- a/src/bmp.imageio/bmpinput.cpp +++ b/src/bmp.imageio/bmpinput.cpp @@ -299,7 +299,7 @@ BmpInput::read_rle_image() int rletype = m_dib_header.compression == RLE4_COMPRESSION ? 4 : 8; m_spec.attribute("compression", rletype == 4 ? "rle4" : "rle8"); m_uncompressed.clear(); - m_uncompressed.resize(m_spec.height * m_spec.width); + m_uncompressed.resize(m_spec.image_pixels()); // Note: the clear+resize zeroes out the buffer bool ok = true; int y = 0, x = 0;