File gd-2.1.0-CVE-2014-2497.patch of Package gd.2670

Description: Patch to fix PHP bug 66901.
Author: Andres Mejia <mejiaa@amazon.com>
Forwarded: no

Index: src/gdxpm.c
===================================================================
--- src/gdxpm.c.orig	2014-04-04 12:56:02.570160501 +0200
+++ src/gdxpm.c	2014-04-04 13:01:24.031976322 +0200
@@ -62,6 +62,14 @@
 
 	for(i = 0; i < number; i++) {
 		char *c_color = image.colorTable[i].c_color;
+                if (!image.colorTable[i].c_color)
+                {
+                        /* unsupported color key or color key not defined */
+                        gdImageDestroy(im);
+                        gdFree(colors);
+                        im = 0;
+                        goto done;
+                }
 		if(strcmp(c_color, "None") == 0) {
 			colors[i] = gdImageGetTransparent(im);
 			if(colors[i] == -1) colors[i] = gdImageColorAllocate(im, 0, 0, 0);
openSUSE Build Service is sponsored by