nixpkgs-suyu/pkgs/development/libraries/gd/CVE-2016-3074.patch
Joachim Fasting 220836d066
gd: apply patch for CVE-2016-3074 from upstream
Source:
2bb97f407c.patch

The original patch contains binary data, however, which is not supported
by `patch`; we could use `git apply` here, of course, but it was simpler
to just copy-paste only the fix into a separate file and include it in
the repo.
2016-05-14 07:15:41 +02:00

13 lines
343 B
Diff

diff --git a/src/gd_gd2.c b/src/gd_gd2.c
index 6f28461..a50b33d 100644
--- a/src/gd_gd2.c
+++ b/src/gd_gd2.c
@@ -165,6 +165,8 @@ _gd2GetHeader (gdIOCtxPtr in, int *sx, int *sy,
if (gdGetInt (&cidx[i].size, in) != 1) {
goto fail2;
};
+ if (cidx[i].offset < 0 || cidx[i].size < 0)
+ goto fail2;
};
*chunkIdx = cidx;
};