$OpenBSD: patch-gd_gd_c,v 1.1 2010/01/04 15:05:49 jasper Exp $

CVE-2009-3546: buffer overflow or buffer over-read attacks via a crafted GD file
http://svn.php.net/viewvc?view=revision&revision=289557

--- gd_gd.c.orig	Mon Jan  4 16:00:52 2010
+++ gd_gd.c	Mon Jan  4 16:01:35 2010
@@ -44,6 +44,10 @@ _gdGetColors (gdIOCtx * in, gdImagePtr im, int gd2xFla
 	    {
 	      goto fail1;
 	    }
+	  if (im->colorsTotal > gdMaxColors)
+	    {
+	      goto fail1;
+	    }
 	}
       /* Int to accommodate truecolor single-color transparency */
       if (!gdGetInt (&im->transparent, in))