File php-CVE-2016-10167.patch of Package php5.14673
Index: php-7.0.7/ext/gd/libgd/gd_gd2.c
===================================================================
--- php-7.0.7.orig/ext/gd/libgd/gd_gd2.c 2017-01-31 12:04:06.175269409 +0100
+++ php-7.0.7/ext/gd/libgd/gd_gd2.c 2017-01-31 12:04:06.439273069 +0100
@@ -340,12 +340,16 @@ gdImagePtr gdImageCreateFromGd2Ctx (gdIO
for (x = xlo; x < xhi; x++) {
if (im->trueColor) {
if (!gdGetInt(&im->tpixels[y][x], in)) {
- im->tpixels[y][x] = 0;
+ php_gd_error("gd2: EOF while reading\n");
+ gdImageDestroy(im);
+ return NULL;
}
} else {
int ch;
if (!gdGetByte(&ch, in)) {
- ch = 0;
+ php_gd_error("gd2: EOF while reading\n");
+ gdImageDestroy(im);
+ return NULL;
}
im->pixels[y][x] = ch;
}