author | Mike Sullivan <Mike.Sullivan@Oracle.COM> |
Mon, 11 Mar 2013 10:38:09 -0700 | |
branch | s11-update |
changeset 2520 | ceec631e74d1 |
parent 130 | 5e67396e42dc |
permissions | -rw-r--r-- |
# Patch for libgd2 Version 2.0.35 CVE-2009-3546 --- gd_gd.c 2006-04-05 08:52:22.000000000 -0700 +++ gd_gd.c 2011-02-16 17:57:09.865711091 -0800 @@ -44,6 +44,10 @@ { goto fail1; } + if (im->colorsTotal > gdMaxColors) + { + goto fail1; + } } /* Int to accommodate truecolor single-color transparency */ if (!gdGetInt (&im->transparent, in))