From 53db09d0e5bc17854dd24fd65428827a73eae173 Mon Sep 17 00:00:00 2001
From: fx <fx@trac.wxwidgets.org>
Date: Sat, 30 Jan 2016 23:48:59 +0100
Subject: [PATCH] Fixed checking buffer overflow while loading RLE-compressed
 TARGA image.

Output data length (stored in 'index' variable) can be <= image buffer size so an error occurs if it exceeds this value.

Closes #14672.
---
 src/common/imagtga.cpp | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/common/imagtga.cpp b/src/common/imagtga.cpp
index 893107ba07..86a4fcccfd 100644
--- a/src/common/imagtga.cpp
+++ b/src/common/imagtga.cpp
@@ -130,7 +130,7 @@ int DecodeRLE(unsigned char* imageData, unsigned long imageSize,
 
             index += current * pixelSize;
 
-            if (index >= imageSize)
+            if (index > imageSize)
             {
                 return wxTGA_IOERR;
             }
@@ -155,7 +155,7 @@ int DecodeRLE(unsigned char* imageData, unsigned long imageSize,
 
             index += length;
 
-            if (index >= imageSize)
+            if (index > imageSize)
             {
                 return wxTGA_IOERR;
             }