From 584e90ce12856d036977f82e509782ae0d0dc927 Mon Sep 17 00:00:00 2001
From: lillolollo <4179-lillolollo@users.noreply.gitlab.gnome.org>
Date: Mon, 10 Feb 2025 03:03:43 +0000
Subject: [PATCH 1/2] plug-ins/file-lnk avoid possible underflow

---
 plug-ins/common/file-lnk.c | 46 +++++++++++++++++++++-----------------
 1 file changed, 25 insertions(+), 21 deletions(-)

diff --git a/plug-ins/common/file-lnk.c b/plug-ins/common/file-lnk.c
index 997d305f9c..017fd66120 100644
--- a/plug-ins/common/file-lnk.c
+++ b/plug-ins/common/file-lnk.c
@@ -252,29 +252,33 @@ load_image (GFile        *file,
   /* Length of the filename */
   link_size = length - link_pos - 1;
 
-  if (link_size > 0)
+  if (link_size <= 0) {
+      g_set_error (error, G_FILE_ERROR, g_file_error_from_errno (errno),
+                   _("Invalid link size."));
+      fclose (fp);
+      return NULL;
+  }
+
+  gchar file_name[link_size];
+
+  /* Jump to link address and read in the real file name */
+  if (fseek (fp, base + link_pos, SEEK_SET) < 0 ||
+      fread (file_name, sizeof (gchar), link_size, fp) != link_size)
     {
-      gchar file_name[link_size];
-
-      /* Jump to link address and read in the real file name */
-      if (fseek (fp, base + link_pos, SEEK_SET) < 0 ||
-          fread (file_name, sizeof (gchar), link_size, fp) != link_size)
-        {
-          g_set_error (error, G_FILE_ERROR, g_file_error_from_errno (errno),
-                       _("Invalid file."));
-          fclose (fp);
-          return NULL;
-        }
-
-      file_name[link_size - 1] = '\0';
-      image = gimp_file_load (GIMP_RUN_NONINTERACTIVE,
-                              g_file_new_for_path (file_name));
-
-      if (! image)
-        g_set_error (error, G_FILE_ERROR, G_FILE_ERROR_FAILED,
-                     "%s", gimp_pdb_get_last_error (gimp_get_pdb ()));
-
+      g_set_error (error, G_FILE_ERROR, g_file_error_from_errno (errno),
+                   _("Invalid file."));
+      fclose (fp);
+      return NULL;
     }
+
+  file_name[link_size - 1] = '\0';
+  image = gimp_file_load (GIMP_RUN_NONINTERACTIVE,
+                          g_file_new_for_path (file_name));
+
+  if (! image)
+      g_set_error (error, G_FILE_ERROR, G_FILE_ERROR_FAILED,
+                   "%s", gimp_pdb_get_last_error (gimp_get_pdb ()));
+
   fclose (fp);
 
   return image;

From ba97361f2d88e97d9d7fd9bfbbdc913d8c83cc47 Mon Sep 17 00:00:00 2001
From: lillolollo <4179-lillolollo@users.noreply.gitlab.gnome.org>
Date: Mon, 10 Feb 2025 03:45:08 +0000
Subject: [PATCH 2/2] Update file-lnk.c

---
 plug-ins/common/file-lnk.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/plug-ins/common/file-lnk.c b/plug-ins/common/file-lnk.c
index 017fd66120..3f0a8b0766 100644
--- a/plug-ins/common/file-lnk.c
+++ b/plug-ins/common/file-lnk.c
@@ -254,7 +254,7 @@ load_image (GFile        *file,
 
   if (link_size <= 0) {
       g_set_error (error, G_FILE_ERROR, g_file_error_from_errno (errno),
-                   _("Invalid link size."));
+                   _("Invalid file."));
       fclose (fp);
       return NULL;
   }