File php-CVE-2016-5767.patch of Package php5.openSUSE_Leap_42.3_Update

Index: php-5.6.1/ext/gd/libgd/gd.c
===================================================================
--- php-5.6.1.orig/ext/gd/libgd/gd.c	2016-06-27 17:56:00.300140794 +0200
+++ php-5.6.1/ext/gd/libgd/gd.c	2016-06-27 17:56:22.296510589 +0200
@@ -133,6 +133,10 @@ gdImagePtr gdImageCreate (int sx, int sy
 		return NULL;
 	}
 
+       if (overflow2(sizeof(unsigned char *), sx)) {
+               return NULL;
+       }
+
 	im = (gdImage *) gdCalloc(1, sizeof(gdImage));
 
 	/* Row-major ever since gd 1.3 */
openSUSE Build Service is sponsored by