File netpbm-CVE-2017-2579,2580.patch of Package netpbm.18206

Index: netpbm-10.80.1/converter/other/giftopnm.c
===================================================================
--- netpbm-10.80.1.orig/converter/other/giftopnm.c	2019-05-16 14:30:02.041306360 +0200
+++ netpbm-10.80.1/converter/other/giftopnm.c	2019-05-16 14:49:07.719059265 +0200
@@ -1138,8 +1138,21 @@ expandCodeOntoStack(Decompressor * const
         /* LZW string, defined */
         code = incode;
     else if (incode == decompP->nextTableSlot) {
-        /* It's a code that isn't in our translation table yet.
+        /* It's a code that isn't in our translation table yet
+        
+           The only thing it could legally be is one higher than the
+           highest one we've seen so far.
         */
+        if (code > decompP->nextTableSlot) {
+            /* We just abort because we added this to stable code to fix
+               a bug and we don't want to disturb stable code more than we
+               have to.
+            */
+            pm_error("Error in GIF image: LZW string code %u "
+                     "is neither a previously defined one nor the "
+                     "next in sequence to define (%u)",
+                     code, decompP->nextTableSlot);
+        }
         if (decompP->fresh)
             pm_asprintf(&gifError, "LZW string code encountered with "
                         "decompressor in fresh state");
@@ -2042,6 +2055,9 @@ convertImage(FILE *           const ifP,
                  "color map either.");
     }
 
+    if (imageHeader.cols == 0)
+        pm_error("Invalid GIF - width is zero");
+
     if (!skipIt) {
         readImageData(ifP, imageHeader.cols, imageHeader.rows,
                       *currentColorMapP,