File optipng-reallocation-security.diff of Package optipng

diff -ru optipng-0.6.1/lib/pngxtern/gif/gifread.c optipng-0.6.1.2/lib/pngxtern/gif/gifread.c
--- optipng-0.6.1/lib/pngxtern/gif/gifread.c	2006-08-10 20:17:00.000000000 -0400
+++ optipng-0.6.1.2/lib/pngxtern/gif/gifread.c	2009-02-20 03:11:00.000000000 -0500
@@ -219,8 +219,7 @@
  **/
 static void GIFReadNextExtension(struct GIFExtension *ext, FILE *stream)
 {
-    unsigned char *ptr;
-    unsigned int len;
+    unsigned int offset, len;
     int count, label;
 
     GIF_FGETC(label, stream);
@@ -233,7 +232,7 @@
         return;
     }
 
-    ptr = ext->Buffer;
+    offset = 0;
     len = ext->BufferSize;
     for ( ;; )
     {
@@ -243,10 +242,10 @@
             ext->BufferSize += 1024;
             ext->Buffer = realloc(ext->Buffer, ext->BufferSize);
         }
-        count = ReadDataBlock(ptr, stream);
+        count = ReadDataBlock(ext->Buffer + offset, stream);
         if (count == 0)
             break;
-        ptr += count;
+        offset += count;
         len -= count;
     }
 }