Jump to content

Buffer overflow in BMP open

Recommended Posts

gdispImageOpen_BMP() functions uses up to 36 bytes of allocated buffer in priv->buf.

Default allocated length of priv->buf is defined by GDISP_IMAGE_BMP_BLIT_BUFFER_SIZE which is only 32 bytes. By default this causes a buffer overflow,.

Please increase default value of GDISP_IMAGE_BMP_BLIT_BUFFER_SIZE to 36.

Link to post
Share on other sites
  • 4 weeks later...

The problem does not occur for most people as GDISP_IMAGE_BMP_BLIT_BUFFER_SIZE is specified in pixels (not bytes). The issue occurs for pixel formats of a byte per pixel or less.

This has now been corrected by using the compiler to detect if it is too small and adjust the setting if necessary (along with displaying a warning).


This is now in the repository.

Link to post
Share on other sites
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Create New...