There is a heap-based buffer overflow in bmpcompress1row in appliers.cpp in sam2p 0.49.4 that leads to a denial of service or possibly unspecified other impact.