Beef icon indicating copy to clipboard operation
Beef copied to clipboard
verified publisher icon beefytech

Fix potential vulnerable cloned function

Open npt-1707 opened this issue 7 months ago • 0 comments

Dear Development team,

I identified a vulnerability in a clone function start_input_tga() in BeefySysLib/third_party/jpeg/rdtarga.c sourced from libjpeg-turbo/libjpeg-turbo. These issues, originally reported in CVE-2018-11212, were resolved in the repository via this commit https://github.com/libjpeg-turbo/libjpeg-turbo/commit/82923eb93a2eacf4a593e00e3e672bbb86a8a3a0.

This PR applies the corresponding patch to prevent a potential integer overflow in this codebase.

Please review at your convenience. Thank you for your time and attention!

npt-1707 avatar May 02 '25 16:05 npt-1707