From cccc81ccba99600483621e02ae9438a4a5a3d024 Mon Sep 17 00:00:00 2001 From: Jeff Muizelaar Date: Wed, 29 Jun 2022 11:41:47 -0400 Subject: [PATCH] quartz: Avoid reading beyond the end of image surfaces. The last row of data may have less than stride bytes so make sure we only copy what we need. --- src/cairo-quartz-surface.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/src/cairo-quartz-surface.c b/src/cairo-quartz-surface.c index 97ddf2c28..6676dc960 100644 --- a/src/cairo-quartz-surface.c +++ b/src/cairo-quartz-surface.c @@ -772,8 +772,12 @@ _cairo_surface_to_cgimage (cairo_surface_t *source, return _cairo_error (CAIRO_STATUS_NO_MEMORY); } + // The last row of data may have less than stride bytes so make sure we + // only copy the minimum amount required from that row. memcpy (image_data, image_surface->data, - image_surface->height * image_surface->stride); + (image_surface->height - 1) * image_surface->stride + + cairo_format_stride_for_width (image_surface->format, + image_surface->width)); *image_out = CairoQuartzCreateCGImage (image_surface->format, image_surface->width, image_surface->height,