19 lines
583 B
Plaintext
19 lines
583 B
Plaintext
$OpenBSD: patch-gd_gd_c,v 1.1 2010/01/04 15:05:49 jasper Exp $
|
|
|
|
CVE-2009-3546: buffer overflow or buffer over-read attacks via a crafted GD file
|
|
http://svn.php.net/viewvc?view=revision&revision=289557
|
|
|
|
--- gd_gd.c.orig Mon Jan 4 16:00:52 2010
|
|
+++ gd_gd.c Mon Jan 4 16:01:35 2010
|
|
@@ -44,6 +44,10 @@ _gdGetColors (gdIOCtx * in, gdImagePtr im, int gd2xFla
|
|
{
|
|
goto fail1;
|
|
}
|
|
+ if (im->colorsTotal > gdMaxColors)
|
|
+ {
|
|
+ goto fail1;
|
|
+ }
|
|
}
|
|
/* Int to accommodate truecolor single-color transparency */
|
|
if (!gdGetInt (&im->transparent, in))
|