author | Rich Burridge <rich.burridge@oracle.com> |
Thu, 17 Nov 2011 14:40:44 -0800 | |
changeset 587 | 9cc973a7ad62 |
parent 130 | 5e67396e42dc |
permissions | -rw-r--r-- |
# Patch for libgd2 Version 2.0.35 CVE-2009-3546 --- gd_gd.c 2006-04-05 08:52:22.000000000 -0700 +++ gd_gd.c 2011-02-16 17:57:09.865711091 -0800 @@ -44,6 +44,10 @@ { goto fail1; } + if (im->colorsTotal > gdMaxColors) + { + goto fail1; + } } /* Int to accommodate truecolor single-color transparency */ if (!gdGetInt (&im->transparent, in))