diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/option.cpp | 2 | ||||
| -rw-r--r-- | src/window.cpp | 12 |
2 files changed, 9 insertions, 5 deletions
diff --git a/src/option.cpp b/src/option.cpp index a301e7d..1fb69f0 100644 --- a/src/option.cpp +++ b/src/option.cpp @@ -486,7 +486,7 @@ CompOption::Restriction::Restriction () : { } -CompOption::Restriction::Restriction (const CompOption::Restriction::Restriction &r) : +CompOption::Restriction::Restriction (const CompOption::Restriction &r) : priv (new PrivateRestriction (*r.priv)) { } diff --git a/src/window.cpp b/src/window.cpp index eb5243f..6072f96 100644 --- a/src/window.cpp +++ b/src/window.cpp @@ -4064,18 +4064,22 @@ CompWindow::getIcon (int width, if (result == Success && data) { - CARD32 *p; - CARD32 alpha, red, green, blue; - int iw, ih, j; + CARD32 *p; + CARD32 alpha, red, green, blue; + unsigned long iw, ih; for (i = 0; i + 2 < n; i += iw * ih + 2) { unsigned long *idata = (unsigned long *) data; + unsigned long j; iw = idata[i]; ih = idata[i + 1]; - if (iw * ih + 2 > (int) (n - i)) + /* iw * ih may be larger than the value range of unsigned + * long, so better do some checking for extremely weird + * icon sizes first */ + if (iw > 2048 || ih > 2048 || iw * ih + 2 > n - i) break; if (iw && ih) |