CVE-2019-6245

Source

https://nvd.nist.gov/vuln/detail/CVE-2019-6245

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-6245.json

Related

DLA-1656-1
DLA-2872-1
DLA-3376-1

Published

2019-01-13T00:29:00Z

Modified

2023-11-29T07:33:03.889693Z

Details

An issue was discovered in Anti-Grain Geometry (AGG) 2.4 as used in SVG++ (aka svgpp) 1.2.3. In the function agg::cellaa::notequal, dx is assigned to (x2 - x1). If dx >= dxlimit, which is (16384 << polysubpixelshift), this function will call itself recursively. There can be a situation where (x2 - x1) is always bigger than dxlimit during the recursion, leading to continual stack consumption.

References

https://lists.debian.org/debian-lts-announce/2019/02/msg00001.html
https://lists.debian.org/debian-lts-announce/2021/12/msg00038.html
https://github.com/svgpp/svgpp/issues/70
https://lists.debian.org/debian-lts-announce/2023/04/msg00001.html

Affected packages

Git / github.com/svgpp/svgpp

Affected ranges

Type: GIT
Repo: https://github.com/svgpp/svgpp
Events: Introduced

0The exact introduced commit is unknown

Last affected

17e54ff509ae8d9433b9e6d09b9855aac64ded99

Affected versions

v1.*

v1.2.2

v1.2.3