Overview

File Tk-804.028-CVE-2006-4484.diff of Package perl-Tk

--- pTk/mTk/additions/imgGIF.c
+++ pTk/mTk/additions/imgGIF.c
@@ -776,7 +776,7 @@
     /*
      *  Initialize the decoder
      */
-    if (! ReadOK(handle,&initialCodeSize,1))  {
+    if (! ReadOK(handle,&initialCodeSize,1) || inititalCodeSize > MAX_LWZ_BITS)  {
 	Tcl_AppendResult(interp, "error reading GIF image: ",
 		Tcl_PosixError(interp), (char *) NULL);
 	return TCL_ERROR;
--- pTk/mTk/generic/tkImgGIF.c
+++ pTk/mTk/generic/tkImgGIF.c
@@ -826,7 +826,7 @@
     /*
      *  Initialize the decoder
      */
-    if (! ReadOK(chan, &initialCodeSize, 1))  {
+    if (! ReadOK(chan, &initialCodeSize, 1) || initialCodeSize > MAX_LWZ_BITS)  {
 	Tcl_AppendResult(interp, "error reading GIF image: ",
 		Tcl_PosixError(interp), (char *) NULL);
 	return TCL_ERROR;
openSUSE Build Service is sponsored by
Places