v4games
/
assimp
3
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix out-of-bounds read in ReadFirstSkin 

Fix https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=25401
pull/4146/head
Alex Rebert 2021-10-28 23:12:54 -04:00
parent 1fe9d405f5
commit 107371657b
No known key found for this signature in database
GPG Key ID: E082090D746F1A81
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
code/AssetLib/HMP/HMPLoader.cpp
View File

@ -451,6 +451,7 @@ void HMPImporter::ReadFirstSkin(unsigned int iNumSkins, const unsigned char *szC
// now we need to skip any other skins ... // now we need to skip any other skins ...
for (unsigned int i = 1; i < iNumSkins; ++i) { for (unsigned int i = 1; i < iNumSkins; ++i) {
SizeCheck(szCursor + 3 * sizeof(uint32_t));
iType = *((uint32_t *)szCursor); iType = *((uint32_t *)szCursor);
szCursor += sizeof(uint32_t); szCursor += sizeof(uint32_t);
iWidth = *((uint32_t *)szCursor); iWidth = *((uint32_t *)szCursor);