Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12:Update
gd.11952
gd-CVE-2016-10168.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File gd-CVE-2016-10168.patch of Package gd.11952
Index: libgd-2.1.0/src/gd_gd2.c =================================================================== --- libgd-2.1.0.orig/src/gd_gd2.c 2017-02-01 14:16:51.589695050 +0100 +++ libgd-2.1.0/src/gd_gd2.c 2017-02-01 14:16:51.605695270 +0100 @@ -153,6 +153,10 @@ _gd2GetHeader (gdIOCtxPtr in, int *sx, i GD2_DBG (printf ("%d Chunks vertically\n", *ncy)); if (gd2_compressed (*fmt)) { + if (*ncx <= 0 || *ncy <= 0 || *ncx > INT_MAX / *ncy) { + GD2_DBG(printf ("Illegal chunk counts: %d * %d\n", *ncx, *ncy)); + goto fail1; + } nc = (*ncx) * (*ncy); GD2_DBG (printf ("Reading %d chunk index entries\n", nc)); sidx = sizeof (t_chunk_info) * nc;
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor