From 2978fd701a6987668a4ff41f9434f6c0da705596 Mon Sep 17 00:00:00 2001
From: Tobias Stoeckmann <tobias@stoeckmann.org>
Date: Thu, 12 Sep 2024 22:18:30 +0200
Subject: [PATCH] cursor: Ignore invalid cursor files

The header offset must not be smaller than file header length.
Ignore such invalid files.

Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
---
 cursor/xcursor.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/cursor/xcursor.c b/cursor/xcursor.c
index f7156cdb..6e54cdbd 100644
--- a/cursor/xcursor.c
+++ b/cursor/xcursor.c
@@ -259,6 +259,8 @@ xcursor_read_file_header(FILE *file)
 		return NULL;
 	if (!xcursor_read_uint(file, &head.ntoc))
 		return NULL;
+	if (head.header < XCURSOR_FILE_HEADER_LEN)
+		return NULL;
 	skip = head.header - XCURSOR_FILE_HEADER_LEN;
 	if (skip)
 		if (fseek(file, skip, SEEK_CUR) == EOF)