From 04c6245fe8335f950379c276776eaee7d941e019 Mon Sep 17 00:00:00 2001
From: Andreas Kling <kling@serenityos.org>
Date: Mon, 11 Jan 2021 19:24:54 +0100
Subject: [PATCH] LibGfx: Fail PBM decode if there isn't enough color data in
 image

Found by oss-fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=29417
---
 Libraries/LibGfx/PBMLoader.cpp | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/Libraries/LibGfx/PBMLoader.cpp b/Libraries/LibGfx/PBMLoader.cpp
index e92e093dd3..4040b09c97 100644
--- a/Libraries/LibGfx/PBMLoader.cpp
+++ b/Libraries/LibGfx/PBMLoader.cpp
@@ -101,6 +101,12 @@ static bool read_image_data(PBMLoadingContext& context, Streamer& streamer)
         }
     }
 
+    size_t context_size = (u32)context.width * (u32)context.height;
+    if (context_size != color_data.size()) {
+        dbgln("Not enough color data in image.");
+        return false;
+    }
+
     if (!create_bitmap(context)) {
         return false;
     }