diff options
| author | A. Wilcox <AWilcox@Wilcox-Tech.com> | 2019-10-03 16:20:46 +0000 |
|---|---|---|
| committer | A. Wilcox <AWilcox@Wilcox-Tech.com> | 2019-10-03 16:20:46 +0000 |
| commit | 371b1775733f7c187f0e7384842bf17061c7821d (patch) | |
| tree | c0f42fee9bcd71b5f7984f34ca57c28c94a84a9c /user/libgd/CVE-2019-6977.patch | |
| parent | 85ab1e492790bcf18881202df2c1c27739ee2416 (diff) | |
| download | packages-371b1775733f7c187f0e7384842bf17061c7821d.tar.gz packages-371b1775733f7c187f0e7384842bf17061c7821d.tar.bz2 packages-371b1775733f7c187f0e7384842bf17061c7821d.tar.xz packages-371b1775733f7c187f0e7384842bf17061c7821d.zip | |
user/libgd: secfixes (#159)
Diffstat (limited to 'user/libgd/CVE-2019-6977.patch')
| -rw-r--r-- | user/libgd/CVE-2019-6977.patch | 21 |
1 files changed, 21 insertions, 0 deletions
diff --git a/user/libgd/CVE-2019-6977.patch b/user/libgd/CVE-2019-6977.patch new file mode 100644 index 000000000..4cfb9ab98 --- /dev/null +++ b/user/libgd/CVE-2019-6977.patch @@ -0,0 +1,21 @@ +Bug: https://bts.adelielinux.org/show_bug.cgi?id=159 +Backported-From: http://git.php.net/?p=php-src.git;a=commit;h=7a12dad4dd6c370835b13afae214b240082c7538 +Author: A. Wilcox <awilfox@adelielinux.org> +Bug: https://bugs.php.net/bug.php?id=77270 +Author: Christoph M. Becker <cmbecker69@gmx.de> +Committer: Stanislav Malyshev <stas@php.net> +Upstream-Status: unknown + +--- libgd-2.2.5/src/gd_color_match.c.old 2017-08-30 11:05:54.000000000 +0000 ++++ libgd-2.2.5/src/gd_color_match.c 2019-10-03 16:17:55.842322245 +0000 +@@ -31,8 +31,8 @@ + return -4; /* At least 1 color must be allocated */ + } + +- buf = (unsigned long *)gdMalloc(sizeof(unsigned long) * 5 * im2->colorsTotal); +- memset (buf, 0, sizeof(unsigned long) * 5 * im2->colorsTotal ); ++ buf = (unsigned long *)gdMalloc(sizeof(unsigned long) * 5 * gdMaxColors); ++ memset( buf, 0, sizeof(unsigned long) * 5 * gdMaxColors ); + + for (x=0; x < im1->sx; x++) { + for( y=0; y<im1->sy; y++ ) { |