gdPutBuf return value check

Hi,
Two previous issues #247  and #697, show that a return value check for `gdGetBuf` is necessary and it can cause `read out of bound` with a corrupted TGA file.

`gdPutBuf` is similar to `gdGetBuf` and it also shows the error condition in its return value.
some usages for `gdPutBuf` are comparing return values to see any error occurred or not. (in [gd_jpeg.c](https://github.com/libgd/libgd/blob/master/src/gd_jpeg.c) and [gd_gd2.c](https://github.com/libgd/libgd/blob/master/src/gd_gd2.c))

but there are some other call sites that do not check the return value and also the passed arguments are tainted and can be corrupted.
this is the list of them:
|file|function|line|
|----|----|----|
|gd_webp.c| _gdImageWebpCtx|230 [link](https://github.com/libgd/libgd/blob/master/src/gd_webp.c#L230)|
|gd_bmp.c | _gdImageBmpCtx  |269 [link](https://github.com/libgd/libgd/blob/master/src/gd_bmp.c#L269)|
|gd_bmp.c | _gdImageBmpCtx |328 [link](https://github.com/libgd/libgd/blob/master/src/gd_bmp.c#L328)|
|gd_gif_out.c|flush_char|1635 [link](https://github.com/libgd/libgd/blob/master/src/gd_gif_out.c#L1635)|

so they need to add some condition check for `gdPutBuf`.

Regards.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

gdPutBuf return value check #750

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

file	function	line
gd_webp.c	_gdImageWebpCtx	230 link
gd_bmp.c	_gdImageBmpCtx	269 link
gd_bmp.c	_gdImageBmpCtx	328 link
gd_gif_out.c	flush_char	1635 link

gdPutBuf return value check #750

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions