diff options
author | Geremy Condra <gcondra@google.com> | 2012-04-10 19:29:55 -0700 |
---|---|---|
committer | Android (Google) Code Review <android-gerrit@google.com> | 2012-04-10 19:29:55 -0700 |
commit | 34efb3d5dcb9d1c7552725702ba2cfc905b4c39a (patch) | |
tree | 1257afdb6b0568634b4d31f9d993579e8c4ac851 | |
parent | c5ac2140cad524c0df13aafb82211bef3068580d (diff) | |
parent | 54d908dc93dbbaacd15b8a53b29a8fb88b6c472c (diff) | |
download | external_libpng-34efb3d5dcb9d1c7552725702ba2cfc905b4c39a.zip external_libpng-34efb3d5dcb9d1c7552725702ba2cfc905b4c39a.tar.gz external_libpng-34efb3d5dcb9d1c7552725702ba2cfc905b4c39a.tar.bz2 |
Merge "Fix for CVE-2011-3045"
-rw-r--r-- | pngrutil.c | 4 |
1 files changed, 2 insertions, 2 deletions
@@ -264,8 +264,8 @@ png_inflate(png_structp png_ptr, const png_byte *data, png_size_t size, { if (output != 0 && output_size > count) { - int copy = output_size - count; - if (avail < copy) copy = avail; + png_size_t copy = output_size - count; + if ((png_size_t) avail < copy) copy = (png_size_t) avail; png_memcpy(output + count, png_ptr->zbuf, copy); } count += avail; |