From 52045ff84d271752a528af6c13290fb3494c6317 Mon Sep 17 00:00:00 2001 From: Mirco Miranda Date: Fri, 5 Jun 2026 14:56:08 +0200 Subject: [PATCH] Added limit to maximum number of channels --- src/imageformats/chunks.cpp | 4 +--- src/imageformats/psd.cpp | 2 +- src/imageformats/qoi.cpp | 2 +- src/imageformats/rgb.cpp | 14 +++++--------- src/imageformats/util_p.h | 5 +++++ 5 files changed, 13 insertions(+), 14 deletions(-) diff --git a/src/imageformats/chunks.cpp b/src/imageformats/chunks.cpp index 817c4fe..b50a6e2 100644 --- a/src/imageformats/chunks.cpp +++ b/src/imageformats/chunks.cpp @@ -3756,9 +3756,7 @@ qint32 DPELChunk::count() const return 0; } auto cnt = i32(data(), 0); - if (cnt < 0 || cnt > 128) { - // an image should have 3, 4 or 5 channels: - // 128 is enough to give an error. + if (cnt < 0 || cnt > KIF_MAX_IMAGE_CHANNELS) { cnt = 0; } return cnt; diff --git a/src/imageformats/psd.cpp b/src/imageformats/psd.cpp index 210325e..91cc376 100644 --- a/src/imageformats/psd.cpp +++ b/src/imageformats/psd.cpp @@ -728,7 +728,7 @@ static bool IsValid(const PSDHeader &header) } // Specs tells: "Supported range is 1 to 56" but when the alpha channel is present the limit is 57: // Photoshop does not make you add more (see also 53alphas.psd test case). - if (header.channel_count < 1 || header.channel_count > 57) { + if (header.channel_count < 1 || header.channel_count > std::min(57, KIF_MAX_IMAGE_CHANNELS)) { qCDebug(LOG_PSDPLUGIN) << "PSD header: invalid number of channels" << header.channel_count; return false; } diff --git a/src/imageformats/qoi.cpp b/src/imageformats/qoi.cpp index 578cd92..1907004 100644 --- a/src/imageformats/qoi.cpp +++ b/src/imageformats/qoi.cpp @@ -105,7 +105,7 @@ static bool IsSupported(const QoiHeader &head) return false; } // Check if the header is a valid QOI header - if (head.Width == 0 || head.Height == 0 || head.Channels < 3 || head.Colorspace > 1) { + if (head.Width == 0 || head.Height == 0 || head.Channels < 3 || head.Channels > 4 || head.Colorspace > 1) { return false; } // Set a reasonable upper limit diff --git a/src/imageformats/rgb.cpp b/src/imageformats/rgb.cpp index c2b4917..1052fac 100644 --- a/src/imageformats/rgb.cpp +++ b/src/imageformats/rgb.cpp @@ -300,21 +300,17 @@ bool SGIImagePrivate::readImage(QImage &img) return false; } + if (_zsize > KIF_MAX_IMAGE_CHANNELS) { + qCDebug(LOG_RGBPLUGIN) << "Too many channels: the plugin is limited to" << KIF_MAX_IMAGE_CHANNELS << "channels"; + return false; + } + img = imageAlloc(size(), format()); if (img.isNull()) { qCWarning(LOG_RGBPLUGIN) << "Failed to allocate image, invalid dimensions?" << QSize(_xsize, _ysize); return false; } - if (_zsize > 4) { - // qCDebug(LOG_RGBPLUGIN) << "using first 4 of " << _zsize << " channels"; - // Only let this continue if it won't cause a int overflow later - // this is most likely a broken file anyway - if (_ysize > std::numeric_limits::max() / _zsize) { - return false; - } - } - _numrows = _ysize * _zsize; if (_rle) { diff --git a/src/imageformats/util_p.h b/src/imageformats/util_p.h index 48560bb..fda946e 100644 --- a/src/imageformats/util_p.h +++ b/src/imageformats/util_p.h @@ -16,6 +16,11 @@ #include #include +// Default maximum number of channels (do not exceed 256). +#ifndef KIF_MAX_IMAGE_CHANNELS +#define KIF_MAX_IMAGE_CHANNELS 60 +#endif + // Default maximum width and height for the large image plugins. #ifndef KIF_LARGE_IMAGE_PIXEL_LIMIT #define KIF_LARGE_IMAGE_PIXEL_LIMIT 300000