File chafa-CVE-2022-2061.patch of Package chafa.17526

Index: chafa-1.8.0/libnsgif/lzw.c
===================================================================
--- chafa-1.8.0.orig/libnsgif/lzw.c
+++ chafa-1.8.0/libnsgif/lzw.c
@@ -329,6 +329,10 @@ lzw_result lzw_decode(struct lzw_ctx *ct
 		/* Code is invalid */
 		return LZW_BAD_CODE;
 
+    } else if (code_new >= 1 << LZW_CODE_MAX) {
+        /* Don't access out of bound */
+        return LZW_BAD_CODE;
+
 	} else if (code_new < current_entry) {
 		/* Code is in table */
 		code_out = code_new;

Places

File chafa-CVE-2022-2061.patch of Package chafa.17526

Places