File php-5.1.2-CVE-2007-3476.patch of Package php - openSUSE Build Service

File php-5.1.2-CVE-2007-3476.patch of Package php

--- ext/gd/libgd/gd_gif_in.c
+++ ext/gd/libgd/gd_gif_in.c
@@ -552,6 +552,10 @@
        /*} */
 
        while ((v = LWZReadByte(fd,FALSE,c)) >= 0 ) {
+               if (v >= gdMaxColors) {
+                       v = 0;
+               }
+
                /* This how we recognize which colors are actually used. */
                if (im->open[v]) {
                        im->open[v] = 0;

openSUSE Build Service is sponsored by