File gdk-pixbuf-cve-2017-6312-ico-integer-overflow.patch of Package gdk-pixbuf.33887

diff --git a/gdk-pixbuf/io-ico.c b/gdk-pixbuf/io-ico.c
index 924d3d1..3abf140 100644
--- a/gdk-pixbuf/io-ico.c
+++ b/gdk-pixbuf/io-ico.c
@@ -318,10 +318,7 @@ static void DecodeHeader(guchar *Data, gint Bytes,
 			return;
 		}
 
-		/* We know how many bytes are in the "header" part. */
-		State->HeaderSize = entry->DIBoffset + 40; /* 40 = sizeof(InfoHeader) */
-
-		if (State->HeaderSize < 0) {
+		if (entry->DIBoffset > G_MAXINT - 40) {
 			g_set_error_literal (error,
 			                     GDK_PIXBUF_ERROR,
 			                     GDK_PIXBUF_ERROR_CORRUPT_IMAGE,
@@ -329,6 +326,9 @@ static void DecodeHeader(guchar *Data, gint Bytes,
 			return;
 		}
 
+		/* We know how many bytes are in the "header" part. */
+		State->HeaderSize = entry->DIBoffset + 40;
+
 		if (State->HeaderSize>State->BytesInHeaderBuf) {
 			guchar *tmp=g_try_realloc(State->HeaderBuf,State->HeaderSize);
 			if (!tmp) {