From 1a9b5d6cb625f0203a7665a413b9c279cf8ef335 Mon Sep 17 00:00:00 2001
From: Albert Astals Cid <aacid@kde.org>
Date: Wed, 1 May 2019 01:48:14 +0200
Subject: [PATCH] tga: don't try to read more than max_palette_size into
 palette

---
 src/imageformats/tga.cpp | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/imageformats/tga.cpp b/src/imageformats/tga.cpp
index f41d5ba..46129bb 100644
--- a/src/imageformats/tga.cpp
+++ b/src/imageformats/tga.cpp
@@ -206,6 +206,9 @@ static bool LoadTGA(QDataStream &s, const TgaHeader &tga, QImage &img)
     if (info.pal) {
         // @todo Support palettes in other formats!
         const int palette_size = 3 * tga.colormap_length;
+        if (palette_size > max_palette_size) {
+            return false;
+        }
         const int dataRead = s.readRawData(palette, palette_size);
         if (dataRead < 0) {
             return false;