summaryrefslogtreecommitdiffstats
path: root/gd-CVE-2014-2497.patch
diff options
context:
space:
mode:
Diffstat (limited to 'gd-CVE-2014-2497.patch')
-rw-r--r--gd-CVE-2014-2497.patch33
1 files changed, 0 insertions, 33 deletions
diff --git a/gd-CVE-2014-2497.patch b/gd-CVE-2014-2497.patch
deleted file mode 100644
index 6a94c48..0000000
--- a/gd-CVE-2014-2497.patch
+++ /dev/null
@@ -1,33 +0,0 @@
-From 463c3bd09bfe8e924e19acad7a2a6af16953a704 Mon Sep 17 00:00:00 2001
-From: Remi Collet <fedora@famillecollet.com>
-Date: Mon, 4 Aug 2014 10:31:25 +0200
-Subject: [PATCH] CVE-2014-2497, NULL pointer dereference, fix #126
-
----
- src/gdxpm.c | 10 ++++++++++
- 1 file changed, 10 insertions(+)
-
-diff --git a/src/gdxpm.c b/src/gdxpm.c
-index ae6e336..15603a6 100644
---- a/src/gdxpm.c
-+++ b/src/gdxpm.c
-@@ -49,6 +49,16 @@ BGD_DECLARE(gdImagePtr) gdImageCreateFromXpm(char *filename)
- if(overflow2(sizeof(int), number)) {
- goto done;
- }
-+ for(i = 0; i < number; i++) {
-+ /*
-+ avoid NULL pointer dereference
-+ TODO better fix need to manage monochrome/monovisual
-+ see m_color or g4_color or g_color
-+ */
-+ if (!image.colorTable[i].c_color) {
-+ goto done;
-+ }
-+ }
-
- colors = (int *)gdMalloc(sizeof(int) * number);
- if(colors == NULL) {
---
-1.8.5.2
-