Open NBickford-NV opened 1 year ago
Thank you! I have just applied this as a downstream patch in Fedora Linux.
That's amazingly fast, thank you Ben! (I figured I'd send you an email later this morning since I remember you saw and applied the earlier stb_image patches, but you beat me to it!)
Tracking CVE numbers: this is a patch for https://nvd.nist.gov/vuln/detail/CVE-2023-43898 ((#1521).
Hi stb maintainers!
I just saw issue #1452, and put together this pull request to fix it. When stbipic_load_core returns
NULL
, this code now frees the allocated image and returns 0 immediately, instead of passing a null pointer to `stbiconvert_format()`.Thanks!