oss-fuzz: make max sane bitmap allocation smaller

(cherry picked from commit a6b6980afa443b3d317de5f24d993f939073d73a) Change-Id: I0b924f615ed4652ce605c12d2d2e9ca2ad2befbf (cherry picked from commit 5276062670a8a8b7e072917ddc1e58c2a4cc8124)
author: Caolán McNamara <caolanm@redhat.com> 2017-01-06 20:54:19 +0000
committer: Ashod Nakashian <ashod.nakashian@collabora.co.uk> 2017-12-18 01:07:39 -0500
commit: 10ac3111dce63e0f651f12f0943e5054feb36a08 (patch)
tree: 8c24806fe53fba54992d3a69bfb66a2c93bf8714
parent: 6625510ed71bf11fc91eae3642efbb2a6206cbaa (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/vcl/headless/svpbmp.cxx b/vcl/headless/svpbmp.cxx
index 967fd910bec3..ad14169b7243 100644
--- a/vcl/headless/svpbmp.cxx
+++ b/vcl/headless/svpbmp.cxx
@@ -140,7 +140,7 @@ BitmapBuffer* ImplCreateDIB(
         size_t size;
         bFail = o3tl::checked_multiply<size_t>(pDIB->mnHeight, pDIB->mnScanlineSize, size);
         SAL_WARN_IF(bFail, "vcl.gdi", "checked multiply failed");
-        if (bFail)
+        if (bFail || size > SAL_MAX_INT32/2)
         {
             delete pDIB;
             return nullptr;
@@ -194,7 +194,7 @@ bool SvpSalBitmap::Create(const SalBitmap& rBmp)
         mpDIB = new BitmapBuffer( *rSalBmp.mpDIB );
 
         const size_t size = mpDIB->mnScanlineSize * mpDIB->mnHeight;
-        if (size > SAL_MAX_INT32)
+        if (size > SAL_MAX_INT32/2)
         {
             delete mpDIB;
             mpDIB = nullptr;
author	Caolán McNamara <caolanm@redhat.com>	2017-01-06 20:54:19 +0000
committer	Ashod Nakashian <ashod.nakashian@collabora.co.uk>	2017-12-18 01:07:39 -0500
commit	10ac3111dce63e0f651f12f0943e5054feb36a08 (patch)
tree	8c24806fe53fba54992d3a69bfb66a2c93bf8714
parent	6625510ed71bf11fc91eae3642efbb2a6206cbaa (diff)