ofz#11188 avoid timeout

Change-Id: I3726eb249e3bc290fa9bd5e8fe6747b1ce5ce9bb
Reviewed-on: https://gerrit.libreoffice.org/66149
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
Tested-by: Caolán McNamara <caolanm@redhat.com>

1 files changed, 8 insertions, 0 deletions

diff --git a/vcl/source/gdi/dibtools.cxx b/vcl/source/gdi/dibtools.cxx
index 07c7c043f2d6..b6735649a909 100644
--- a/vcl/source/gdi/dibtools.cxx
+++ b/vcl/source/gdi/dibtools.cxx
@@ -563,6 +563,14 @@ bool ImplReadDIBBits(SvStream& rIStm, DIBV5Header& rHeader, BitmapWriteAccess& r
         {
             const long nWidth(rHeader.nWidth);
             const long nHeight(rHeader.nHeight);
+            if (nAlignedWidth > rIStm.remainingSize())
+            {
+                // ofz#11188 avoid timeout
+                // all following paths will enter a case statement, and nCount
+                // is always at least 1, so we can check here before allocation
+                // if at least one row can be read
+                return false;
+            }
             std::vector<sal_uInt8> aBuf(nAlignedWidth);
 
             const long nI(bTopDown ? 1 : -1);