$OpenBSD: patch-lib_Xm_Xpmparse_c,v 1.2 2007/07/18 21:41:06 mbalmer Exp $
--- lib/Xm/Xpmparse.c.orig	Mon Dec  5 17:31:46 2005
+++ lib/Xm/Xpmparse.c	Sat Jun 30 10:50:09 2007
@@ -1,4 +1,5 @@
 /* $XConsortium: Xpmparse.c /main/6 1996/09/20 08:15:49 pascale $ */
+/* $XdotOrg: pre-CVS proposed fix for CESA-2004-003 alanc 7/25/2004 $ */
 /*
  * Copyright (C) 1989-95 GROUPE BULL
  *
@@ -49,7 +50,7 @@
 #include "XpmI.h"
 #include <ctype.h>
 #include <string.h>
- 
+
 #ifdef HAS_STRLCAT
 # define STRLCAT(dst, src, dstsize) do { \
        if (strlcat(dst, src, dstsize) >= (dstsize)) \
@@ -555,6 +556,9 @@ ParsePixels(data, width, height, ncolors, cpp, colorTa
 	        return (XpmFileInvalid);
 	    }
 
+	    if (ncolors > 256)
+		return (XpmFileInvalid);
+
 	    bzero((char *)colidx, 256 * sizeof(short));
 	    for (a = 0; a < ncolors; a++)
 		colidx[(unsigned char)colorTable[a].string[0]] = a + 1;
@@ -635,6 +639,9 @@ do \
 	{
 	    char *s;
 	    char buf[BUFSIZ];
+
+	    if (cpp >= sizeof(buf))
+		return (XpmFileInvalid);
 
 	    if (cpp >= sizeof(buf)) {
  		XpmFree(iptr2); /* found by Egbert Eich */