Fixes crash in gif image decoder

Fuzzing test revealed that for certain malformed gif files, qgifhandler would segfault. Change-Id: I5bb6f60e1c61849e0d8c735edc3869945e5331c1 (cherry picked from qtbase/ea2c5417fcd374302f5019e67f72af5facbd29f6) Reviewed-by: Richard J. Moore <[email protected]>
PaPaNebo · Mar 13, 2015 · a1cf194 · a1cf194
1 parent fb7fa29
commit a1cf194
Showing 1 changed file with 2 additions and 0 deletions.
diff --git a/src/gui/image/qgifhandler.cpp b/src/gui/image/qgifhandler.cpp
@@ -944,6 +944,8 @@ void QGIFFormat::fillRect(QImage *image, int col, int row, int w, int h, QRgb co
 
 void QGIFFormat::nextY(unsigned char *bits, int bpl)
 {
+    if (out_of_bounds)
+        return;
     int my;
     switch (interlace) {
     case 0: // Non-interlaced