Overview

File php-CVE-2016-10167.patch of Package php5.14673

Index: php-7.0.7/ext/gd/libgd/gd_gd2.c
===================================================================
--- php-7.0.7.orig/ext/gd/libgd/gd_gd2.c	2017-01-31 12:04:06.175269409 +0100
+++ php-7.0.7/ext/gd/libgd/gd_gd2.c	2017-01-31 12:04:06.439273069 +0100
@@ -340,12 +340,16 @@ gdImagePtr gdImageCreateFromGd2Ctx (gdIO
 					for (x = xlo; x < xhi; x++) {
 						if (im->trueColor) {
 							if (!gdGetInt(&im->tpixels[y][x], in)) {
-								im->tpixels[y][x] = 0;
+								php_gd_error("gd2: EOF while reading\n");
+								gdImageDestroy(im);
+								return NULL;
 							}
 						} else {
 							int ch;
 							if (!gdGetByte(&ch, in)) {
-								ch = 0;
+								php_gd_error("gd2: EOF while reading\n");
+								gdImageDestroy(im);
+								return NULL;
 							}
 							im->pixels[y][x] = ch;
 						}
openSUSE Build Service is sponsored by
Places