Backported of: From 02a09ec9e5ed8981e7a810bfb6a0172dc24f0790 Mon Sep 17 00:00:00 2001 From: Sam Hocevar <sam@hocevar.net> Date: Sun, 30 Dec 2018 13:18:27 +0100 Subject: [PATCH] dither: fix integer multiplication overflow that caused crashes. Fixes: #38 (CVE-2018-20546) Fixes: #39 (CVE-2018-20547) diff --git a/caca/dither.c b/caca/dither.c index 17218b1..fb802da 100644 --- a/caca/dither.c +++ b/caca/dither.c @@ -116,7 +116,7 @@ enum color_mode struct caca_dither { int bpp, has_palette, has_alpha; - int w, h, pitch; + size_t w, h, pitch; int rmask, gmask, bmask, amask; int rright, gright, bright, aright; int rleft, gleft, bleft, aleft;