File php-CVE-2014-2497.patch of Package php5.openSUSE_Leap_42.1_Update
Description: Patch to fix PHP bug 66901.
Author: Andres Mejia <mejiaa@amazon.com>
Forwarded: no
Index: ext/gd/libgd/gdxpm.c
===================================================================
--- ext/gd/libgd/gdxpm.c.orig 2014-02-05 11:00:36.000000000 +0100
+++ ext/gd/libgd/gdxpm.c 2014-04-04 14:06:15.991206709 +0200
@@ -39,6 +39,14 @@
number = image.ncolors;
colors = (int *) safe_emalloc(number, sizeof(int), 0);
for (i = 0; i < number; i++) {
+ if (!image.colorTable[i].c_color)
+ {
+ /* unsupported color key or color key not defined */
+ gdImageDestroy(im);
+ gdFree(colors);
+ im = 0;
+ goto done;
+ }
switch (strlen (image.colorTable[i].c_color)) {
case 4:
buf[1] = '\0';