fix gif import crash

Change-Id: I3a5e0efef6843fb8f8b485fa2369ac5b99513c31 (cherry picked from commit 839e051c658a638a259be6a6bb091b654fac405f) Reviewed-on: https://gerrit.libreoffice.org/16954 Reviewed-by: David Tardon <dtardon@redhat.com> Tested-by: David Tardon <dtardon@redhat.com>
author: Caolán McNamara <caolanm@redhat.com> 2015-07-11 15:31:19 +0100
committer: David Tardon <dtardon@redhat.com> 2015-07-13 13:16:20 +0000
commit: 6bdca73d186ab1c01129c094acaa8b261e092fcc (patch)
tree: f3754e89f0661076ba1b781367ffec3eece1d2fb /vcl
parent: f202ff6ba07a75e0423fa8e5be2e0f41dc7f056d (diff)
2 files changed, 2 insertions, 0 deletions
diff --git a/vcl/qa/cppunit/graphicfilter/data/gif/pass/crash-1.gif b/vcl/qa/cppunit/graphicfilter/data/gif/pass/crash-1.gif
new file mode 100644
index 000000000000..860f9e1d8fae
--- /dev/null
+++ b/vcl/qa/cppunit/graphicfilter/data/gif/pass/crash-1.gif
diff --git a/vcl/source/filter/igif/decode.cxx b/vcl/source/filter/igif/decode.cxx
index d50ac7c3bd15..4d278d9ddda9 100644
--- a/vcl/source/filter/igif/decode.cxx
+++ b/vcl/source/filter/igif/decode.cxx
@@ -197,6 +197,8 @@ bool GIFLZWDecompressor::ProcessOneCode()
         pE = pTable + nCode;
         do
         {
+            if (pOutBufData == pOutBuf) //can't go back past start
+                return false;
             nOutBufDataLen++;
             *(--pOutBufData) = pE->nData;
             pE = pE->pPrev;
author	Caolán McNamara <caolanm@redhat.com>	2015-07-11 15:31:19 +0100
committer	David Tardon <dtardon@redhat.com>	2015-07-13 13:16:20 +0000
commit	6bdca73d186ab1c01129c094acaa8b261e092fcc (patch)
tree	f3754e89f0661076ba1b781367ffec3eece1d2fb /vcl
parent	f202ff6ba07a75e0423fa8e5be2e0f41dc7f056d (diff)