Backported of: From 3e52dabe3e64dc50f4422effe364a1457a8a8592 Mon Sep 17 00:00:00 2001 From: Sam Hocevar <sam@hocevar.net> Date: Sat, 29 Dec 2018 22:35:07 +0100 Subject: [PATCH] img2txt: fix an integer overflow in the BMP loader. Fixes: #37 (CVE-2018-20545) Fixes: #40 (CVE-2018-20548) Fixes: #41 (CVE-2018-20549) diff --git a/src/common-image.h b/src/common-image.h index efc6069..1b99302 100644 --- a/src/common-image.h +++ b/src/common-image.h @@ -13,7 +13,7 @@ struct image { char *pixels; - unsigned int w, h; + size_t w, h; struct caca_dither *dither; void *priv; };