blob: 7b7ca5a0befa50e117bf00ddf3790c6c064de0ca (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
|
Simple bounds checks for CVE-2023-40889, based on third-party
fix by Remi Meier @
https://github.com/Raemi/zbar/commit/5e8acc6974f17e56c3ddaa5509870beb8d7a599c
--- a/zbar/qrcode/qrdec.c
+++ b/zbar/qrcode/qrdec.c
@@ -3900,8 +3900,8 @@ void qr_reader_match_centers(qr_reader *_reader,qr_code_data_list *_qrlist,
/*TODO: We might be able to accelerate this step significantly by
considering the remaining finder centers in a more intelligent order,
based on the first finder center we just chose.*/
- for(j=i+1;!mark[i]&&j<_ncenters;j++){
- for(k=j+1;!mark[j]&&k<_ncenters;k++)if(!mark[k]){
+ for(j=i+1; i < _ncenters && !mark[i]&&j<_ncenters;j++){
+ for(k=j+1; j < _ncenters && !mark[j]&&k<_ncenters;k++)if(!mark[k]){
qr_finder_center *c[3];
qr_code_data qrdata;
int version;
|