Overview

File chafa-CVE-2022-1507.patch of Package chafa.17471

Index: chafa-1.4.1/libnsgif/libnsgif.c
===================================================================
--- chafa-1.4.1.orig/libnsgif/libnsgif.c
+++ chafa-1.4.1/libnsgif/libnsgif.c
@@ -596,6 +596,12 @@ gif_internal_decode_frame(gif_animation
         unsigned int x, y, decode_y, burst_bytes;
         register unsigned char colour;
 
+	/* If the GIF has no frame data, frame holders will not be allocated in
+	 * gif_initialise() */
+	if (gif->frames == NULL) {
+		return GIF_INSUFFICIENT_DATA;
+	}
+
         /* Ensure this frame is supposed to be decoded */
         if (gif->frames[frame].display == false) {
                 return GIF_OK;
openSUSE Build Service is sponsored by
Places