File php-CVE-2016-5767.patch of Package php5.openSUSE_Leap_42.1_Update
Index: php-5.6.1/ext/gd/libgd/gd.c
===================================================================
--- php-5.6.1.orig/ext/gd/libgd/gd.c 2016-06-27 17:56:00.300140794 +0200
+++ php-5.6.1/ext/gd/libgd/gd.c 2016-06-27 17:56:22.296510589 +0200
@@ -133,6 +133,10 @@ gdImagePtr gdImageCreate (int sx, int sy
return NULL;
}
+ if (overflow2(sizeof(unsigned char *), sx)) {
+ return NULL;
+ }
+
im = (gdImage *) gdCalloc(1, sizeof(gdImage));
/* Row-major ever since gd 1.3 */