Fix gd library security problem refering PHP's SVN repositry.

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3546 Bump PKGREVISION. (This fix is for php5 only and I don't know about php4.)
author: taca <taca> 2009-10-22 14:39:55 +0000
committer: taca <taca> 2009-10-22 14:39:55 +0000
commit: 79585335bcf911f56cc05fead0591f9351d42d59 (patch)
tree: 62a055a1af31eb1aceae8d8b64a6695502bc6dc2 /graphics/gd/patches
parent: f564701b268283b25307c37668fb7e7c342262c6 (diff)
download: pkgsrc-79585335bcf911f56cc05fead0591f9351d42d59.tar.gz
1 files changed, 18 insertions, 0 deletions
diff --git a/graphics/gd/patches/patch-ad b/graphics/gd/patches/patch-ad
new file mode 100644
index 00000000000..3c5e92a6b73
--- /dev/null
+++ b/graphics/gd/patches/patch-ad
@@ -0,0 +1,18 @@
+$NetBSD: patch-ad,v 1.1 2009/10/22 14:39:55 taca Exp $
+
+* Fix for http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3546,
+  similar chagne from PHP's SVN repositry r289557.
+
+--- gd_gd.c.orig	2006-04-06 00:52:22.000000000 +0900
++++ gd_gd.c
+@@ -44,6 +44,10 @@ _gdGetColors (gdIOCtx * in, gdImagePtr i
+ 	    {
+ 	      goto fail1;
+ 	    }
++	  if (im->colorsTotal > gdMaxColors)
++	    {
++	        goto fail1;
++	    }
+ 	}
+       /* Int to accommodate truecolor single-color transparency */
+       if (!gdGetInt (&im->transparent, in))
author	taca <taca>	2009-10-22 14:39:55 +0000
committer	taca <taca>	2009-10-22 14:39:55 +0000
commit	79585335bcf911f56cc05fead0591f9351d42d59 (patch)
tree	62a055a1af31eb1aceae8d8b64a6695502bc6dc2 /graphics/gd/patches
parent	f564701b268283b25307c37668fb7e7c342262c6 (diff)
download	pkgsrc-79585335bcf911f56cc05fead0591f9351d42d59.tar.gz