File libpng14-1.4.4-CVE-2011-2692.patch of Package libpng14.import4949

http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng;a=commit;h=61a2d8a2a7b03023e63eae9a3e64607aaaa6d339
Index: pngrutil.c
===================================================================
--- pngrutil.c.orig
+++ pngrutil.c
@@ -1810,6 +1810,14 @@ png_handle_sCAL(png_structp png_ptr, png
       return;
    }
 
+   /* Need unit type, width, \0, height: minimum 4 bytes */
+   else if (length < 4)
+   {
+      png_warning(png_ptr, "sCAL chunk too short");
+      png_crc_finish(png_ptr, length);
+      return;
+   }
+
    png_debug1(2, "Allocating and reading sCAL chunk data (%lu bytes)",
       length + 1);
    png_ptr->chunkdata = (png_charp)png_malloc_warn(png_ptr, length + 1);
openSUSE Build Service is sponsored by