File gd-2.1.0-CVE-2014-2497.patch of Package gd.2670
Description: Patch to fix PHP bug 66901.
Author: Andres Mejia <mejiaa@amazon.com>
Forwarded: no
Index: src/gdxpm.c
===================================================================
--- src/gdxpm.c.orig 2014-04-04 12:56:02.570160501 +0200
+++ src/gdxpm.c 2014-04-04 13:01:24.031976322 +0200
@@ -62,6 +62,14 @@
for(i = 0; i < number; i++) {
char *c_color = image.colorTable[i].c_color;
+ if (!image.colorTable[i].c_color)
+ {
+ /* unsupported color key or color key not defined */
+ gdImageDestroy(im);
+ gdFree(colors);
+ im = 0;
+ goto done;
+ }
if(strcmp(c_color, "None") == 0) {
colors[i] = gdImageGetTransparent(im);
if(colors[i] == -1) colors[i] = gdImageColorAllocate(im, 0, 0, 0);