slackware-current/source/l/libwmf/libwmf-0.2.8.4-CVE-2016-10168.patch

--- libwmf-0.2.8.4/src/extra/gd/gd_gd2.c
+++ libwmf-0.2.8.4/src/extra/gd/gd_gd2.c
@@ -145,6 +145,11 @@
 
   if ((*fmt) == GD2_FMT_COMPRESSED)
     {
+      if (*ncx <= 0 || *ncy <= 0 || *ncx > INT_MAX / *ncy) {
+              GD2_DBG(printf ("Illegal chunk counts: %d * %d\n", *ncx, *ncy));
+              goto fail1;
+      }
+
       nc = (*ncx) * (*ncy);
       GD2_DBG (printf ("Reading %d chunk index entries\n", nc));
       sidx = sizeof (t_chunk_info) * nc;
Mon May 28 19:12:29 UTC 2018 a/pkgtools-15.0-noarch-13.txz: Rebuilt. installpkg: default line length for --terselength is the number of columns. removepkg: added --terse mode. upgradepkg: default line length for --terselength is the number of columns. upgradepkg: accept -option in addition to --option. ap/vim-8.1.0026-x86_64-1.txz: Upgraded. d/bison-3.0.5-x86_64-1.txz: Upgraded. e/emacs-26.1-x86_64-1.txz: Upgraded. kde/kopete-4.14.3-x86_64-8.txz: Rebuilt. Recompiled against libidn-1.35. n/conntrack-tools-1.4.5-x86_64-1.txz: Upgraded. n/libnetfilter_conntrack-1.0.7-x86_64-1.txz: Upgraded. n/libnftnl-1.1.0-x86_64-1.txz: Upgraded. n/links-2.16-x86_64-2.txz: Rebuilt. Rebuilt to enable X driver for -g mode. n/lynx-2.8.9dev.19-x86_64-1.txz: Upgraded. n/nftables-0.8.5-x86_64-1.txz: Upgraded. n/p11-kit-0.23.11-x86_64-1.txz: Upgraded. n/ulogd-2.0.7-x86_64-1.txz: Upgraded. n/whois-5.3.1-x86_64-1.txz: Upgraded. xap/network-manager-applet-1.8.12-x86_64-1.txz: Upgraded. xap/vim-gvim-8.1.0026-x86_64-1.txz: Upgraded. 2018-05-28 21:12:29 +02:00			`--- libwmf-0.2.8.4/src/extra/gd/gd_gd2.c`
			`+++ libwmf-0.2.8.4/src/extra/gd/gd_gd2.c`
			`@@ -145,6 +145,11 @@`

			`if ((*fmt) == GD2_FMT_COMPRESSED)`
			`{`
			`+ if (ncx <= 0 \|\| ncy <= 0 \|\| ncx > INT_MAX / ncy) {`
			`+ GD2_DBG(printf ("Illegal chunk counts: %d * %d\n", ncx, ncy));`
			`+ goto fail1;`
			`+ }`
			`+`
			`nc = (ncx) (*ncy);`
			`GD2_DBG (printf ("Reading %d chunk index entries\n", nc));`
			`sidx = sizeof (t_chunk_info) * nc;`