graphics/SDL_image/patches/patch-ab


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15

$NetBSD: patch-ab,v 1.1 2008/02/11 10:12:24 drochner Exp $

--- IMG_gif.c.orig	2007-07-02 04:03:48.000000000 +0200
+++ IMG_gif.c
@@ -418,6 +418,10 @@ LWZReadByte(SDL_RWops *src, int flag, in
     static int stack[(1 << (MAX_LWZ_BITS)) * 2], *sp;
     register int i;
 
+    /* Fixed buffer overflow found by Michael Skladnikiewicz */
+    if (input_code_size > MAX_LWZ_BITS)
+        return -1;
+
     if (flag) {
 	set_code_size = input_code_size;
 	code_size = set_code_size + 1;