Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP5:GA
php7
php-CVE-2016-10168.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File php-CVE-2016-10168.patch of Package php7
Index: php-7.0.7/ext/gd/libgd/gd_gd2.c =================================================================== --- php-7.0.7.orig/ext/gd/libgd/gd_gd2.c 2017-08-08 13:19:55.955600094 +0200 +++ php-7.0.7/ext/gd/libgd/gd_gd2.c 2017-08-08 13:19:55.963600225 +0200 @@ -136,6 +136,10 @@ static int _gd2GetHeader(gdIOCtxPtr in, GD2_DBG(php_gd_error("%d Chunks vertically", *ncy)); if (gd2_compressed(*fmt)) { + if (*ncx <= 0 || *ncy <= 0 || *ncx > INT_MAX / *ncy) { + GD2_DBG(printf ("Illegal chunk counts: %d * %d\n", *ncx, *ncy)); + goto fail1; + } nc = (*ncx) * (*ncy); GD2_DBG(php_gd_error("Reading %d chunk index entries", nc)); if (overflow2(sizeof(t_chunk_info), nc)) {
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor