File gd-CVE-2019-6977.patch of Package gd.21221

Index: libgd-2.2.5/src/gd_color_match.c
===================================================================
--- libgd-2.2.5.orig/src/gd_color_match.c	2019-01-31 12:56:44.944336318 +0100
+++ libgd-2.2.5/src/gd_color_match.c	2019-01-31 12:58:11.368836899 +0100
@@ -31,8 +31,8 @@ BGD_DECLARE(int) gdImageColorMatch (gdIm
 		return -4; /* At least 1 color must be allocated */
 	}
 
-	buf = (unsigned long *)gdMalloc(sizeof(unsigned long) * 5 * im2->colorsTotal);
-	memset (buf, 0, sizeof(unsigned long) * 5 * im2->colorsTotal );
+	buf = (unsigned long *)gdMalloc(sizeof(unsigned long) * 5 * gdMaxColors);
+	memset (buf, 0, sizeof(unsigned long) * 5 * gdMaxColors );
 
 	for (x=0; x < im1->sx; x++) {
 		for( y=0; y<im1->sy; y++ ) {
openSUSE Build Service is sponsored by