packages/assimp
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
assimp/CVE-2024-40724-Fix-out-of-bound-access-5651.patch
yinyongkang 729508b205 fix CVE-2024-40724 
(cherry picked from commit 668be84e41799743974066dc4c7f9ce42f7ba1d2)
2024-07-22 16:14:53 +08:00

28 lines
1004 B
Diff
Raw Blame History

From ddb74c2bbdee1565dda667e85f0c82a0588c8053 Mon Sep 17 00:00:00 2001
From: Kim Kulling <kimkulling@users.noreply.github.com>
Date: Wed, 3 Jul 2024 21:37:24 +0200
Subject: [PATCH] Fix out of bound access (#5651)
---
code/AssetLib/Ply/PlyLoader.cpp | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/code/AssetLib/Ply/PlyLoader.cpp b/code/AssetLib/Ply/PlyLoader.cpp
index 783c7f1..e109541 100644
--- a/code/AssetLib/Ply/PlyLoader.cpp
+++ b/code/AssetLib/Ply/PlyLoader.cpp
@@ -567,6 +567,10 @@ void PLYImporter::LoadFace(const PLY::Element *pcElement, const PLY::ElementInst
if (mGeneratedMesh->mFaces == nullptr) {
mGeneratedMesh->mNumFaces = pcElement->NumOccur;
mGeneratedMesh->mFaces = new aiFace[mGeneratedMesh->mNumFaces];
+ } else {
+ if (mGeneratedMesh->mNumFaces < pcElement->NumOccur) {
+ throw DeadlyImportError("Invalid .ply file: Too many faces");
+ }
}
if (!bIsTriStrip) {
--
2.41.0
Reference in New Issue View Git Blame Copy Permalink