From aa7aa03609fa6ab6f3a51b6f6a8d9e2dfa509ad2 Mon Sep 17 00:00:00 2001
From: Rodger Combs <rodger.combs@gmail.com>
Date: Sat, 11 Feb 2017 19:19:31 -0600
Subject: Remove arbitrary bitmap size limit

We're not aware of any specific reason for this number to be used,
and actual potentially-dangerous cases should be handled by the
other limits.

Fixes #260
---
 libass/ass_bitmap.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/libass/ass_bitmap.c b/libass/ass_bitmap.c
index e46ef0a..ff2eac4 100644
--- a/libass/ass_bitmap.c
+++ b/libass/ass_bitmap.c
@@ -219,7 +219,7 @@ Bitmap *outline_to_bitmap(ASS_Renderer *render_priv,
 
     int mask = (1 << render_priv->engine->tile_order) - 1;
 
-    if (w < 0 || h < 0 || w > 8000000 / FFMAX(h, 1) ||
+    if (w < 0 || h < 0 ||
         w > INT_MAX - (2 * bord + mask) || h > INT_MAX - (2 * bord + mask)) {
         ass_msg(render_priv->library, MSGL_WARN, "Glyph bounding box too large: %dx%dpx",
                 w, h);
@@ -280,7 +280,7 @@ static Bitmap *outline_to_bitmap_ft(ASS_Renderer *render_priv,
     bbox.xMin >>= 6;
     bbox.yMax >>= 6;
 
-    if (w < 0 || h < 0 || w > 8000000 / FFMAX(h, 1) ||
+    if (w < 0 || h < 0 ||
         w > INT_MAX - 2 * bord || h > INT_MAX - 2 * bord) {
         ass_msg(render_priv->library, MSGL_WARN, "Glyph bounding box too large: %dx%dpx",
                 w, h);
-- 
cgit v1.2.3