Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
home:Alexander_Naumov:SLE-12:Update
php5.4366
php-CVE-2016-6161.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File php-CVE-2016-6161.patch of Package php5.4366
X-Git-Url: http://72.52.91.13:8000/?p=php-src.git;a=blobdiff_plain;f=ext%2Fgd%2Flibgd%2Fgd_gif_out.c;h=0178dd9741dc4d9f0a956b99670a5838a2f7b22b;hp=14045385ab834abe2c3183f48a6a32dd3a2a19f2;hb=2fbce5f51f4ba01e4d0de3b8592bb14773a98d4d;hpb=0fbcff1b35c1005b8d2cdfd33184867912d9d83a diff --git a/ext/gd/libgd/gd_gif_out.c b/ext/gd/libgd/gd_gif_out.c index 1404538..0178dd9 100644 --- a/ext/gd/libgd/gd_gif_out.c +++ b/ext/gd/libgd/gd_gif_out.c @@ -601,14 +601,26 @@ nomatch: * code in turn. When the buffer fills up empty it and start over. */ -static unsigned long masks[] = { 0x0000, 0x0001, 0x0003, 0x0007, 0x000F, +static const unsigned long masks[] = { 0x0000, 0x0001, 0x0003, 0x0007, 0x000F, 0x001F, 0x003F, 0x007F, 0x00FF, 0x01FF, 0x03FF, 0x07FF, 0x0FFF, 0x1FFF, 0x3FFF, 0x7FFF, 0xFFFF }; + +/* Arbitrary value to mark output is done. When we see EOFCode, then we don't + * expect to see any more data. If we do (e.g. corrupt image inputs), cur_bits + * might be negative, so flag it to return early. + */ +#define CUR_BITS_FINISHED -1000 + + static void output(code_int code, GifCtx *ctx) { + if (ctx->cur_bits == CUR_BITS_FINISHED) { + return; + } + ctx->cur_accum &= masks[ ctx->cur_bits ]; if( ctx->cur_bits > 0 ) @@ -655,8 +667,10 @@ output(code_int code, GifCtx *ctx) ctx->cur_bits -= 8; } - flush_char(ctx); + /* Flag that it's done to prevent re-entry. */ + ctx->cur_bits = CUR_BITS_FINISHED; + flush_char(ctx); } }
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor