1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
|
CVE-2009-3546: buffer overflow or buffer over-read attacks via a crafted GD file
http://svn.php.net/viewvc?view=revision&revision=289557
--- a/gd_gd.c
+++ b/gd_gd.c
@@ -44,6 +44,10 @@
{
goto fail1;
}
+ if (im->colorsTotal > gdMaxColors)
+ {
+ goto fail1;
+ }
}
/* Int to accommodate truecolor single-color transparency */
if (!gdGetInt (&im->transparent, in))
|
