[Bf-blender-cvs] [c8e8f107bf8] master: Fix T99711: Eternal loop reading blend file thumbnail
Campbell Barton
noreply at git.blender.org
Fri Jul 15 06:54:13 CEST 2022
Commit: c8e8f107bf82fb56f49101e1098f4c697b16cfeb
Author: Campbell Barton
Date: Fri Jul 15 14:47:18 2022 +1000
Branches: master
https://developer.blender.org/rBc8e8f107bf82fb56f49101e1098f4c697b16cfeb
Fix T99711: Eternal loop reading blend file thumbnail
Account for negative BHead length (already handled by blend file loading).
===================================================================
M source/blender/blendthumb/src/blendthumb_extract.cc
===================================================================
diff --git a/source/blender/blendthumb/src/blendthumb_extract.cc b/source/blender/blendthumb/src/blendthumb_extract.cc
index 369da559fc8..163197c8b67 100644
--- a/source/blender/blendthumb/src/blendthumb_extract.cc
+++ b/source/blender/blendthumb/src/blendthumb_extract.cc
@@ -121,6 +121,9 @@ static eThumbStatus blendthumb_extract_from_file_impl(FileReader *file,
while (file_read(file, bhead_data, bhead_size)) {
/* Parse type and size from `BHead`. */
const int32_t block_size = bytes_to_native_i32(&bhead_data[4], endian_switch);
+ if (UNLIKELY(block_size < 0)) {
+ return BT_INVALID_THUMB;
+ }
/* We're looking for the thumbnail, so skip any other block. */
switch (*((int32_t *)bhead_data)) {
More information about the Bf-blender-cvs
mailing list