lang/php5/patches/patch-ay


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17

$NetBSD: patch-ay,v 1.1.2.3 2009/11/30 23:10:20 tron Exp $

* Fix for http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3546
	http://svn.php.net/viewvc?view=revision&revision=289557

--- ext/gd/libgd/gd_gd.c.orig	2007-08-09 23:21:38.000000000 +0900
+++ ext/gd/libgd/gd_gd.c
@@ -39,6 +39,9 @@ int _gdGetColors (gdIOCtx * in, gdImageP
 			if (!gdGetWord(&im->colorsTotal, in)) {
 				goto fail1;
 			}
+			if (im->colorsTotal > gdMaxColors) {
+				goto fail1;
+			}
 		}
 		/* Int to accommodate truecolor single-color transparency */
 		if (!gdGetInt(&im->transparent, in)) {