slackware-current/source/l/libwmf/libwmf-0.2.8.4-CVE-2016-9317.patch

--- libwmf-0.2.8.4/src/extra/gd/gd.c
+++ libwmf-0.2.8.4/src/extra/gd/gd.c
@@ -65,6 +65,18 @@
 {
   int i;
   gdImagePtr im;
+
+  if (overflow2(sx, sy)) {
+    return NULL;
+  }
+
+  if (overflow2(sizeof (unsigned char *), sy)) {
+    return NULL;
+  }
+  if (overflow2(sizeof (unsigned char), sx)) {
+    return NULL;
+  }
+
   im = (gdImage *) gdMalloc (sizeof (gdImage));
   memset (im, 0, sizeof (gdImage));
   /* Row-major ever since gd 1.3 */
Mon May 28 19:12:29 UTC 2018 a/pkgtools-15.0-noarch-13.txz: Rebuilt. installpkg: default line length for --terselength is the number of columns. removepkg: added --terse mode. upgradepkg: default line length for --terselength is the number of columns. upgradepkg: accept -option in addition to --option. ap/vim-8.1.0026-x86_64-1.txz: Upgraded. d/bison-3.0.5-x86_64-1.txz: Upgraded. e/emacs-26.1-x86_64-1.txz: Upgraded. kde/kopete-4.14.3-x86_64-8.txz: Rebuilt. Recompiled against libidn-1.35. n/conntrack-tools-1.4.5-x86_64-1.txz: Upgraded. n/libnetfilter_conntrack-1.0.7-x86_64-1.txz: Upgraded. n/libnftnl-1.1.0-x86_64-1.txz: Upgraded. n/links-2.16-x86_64-2.txz: Rebuilt. Rebuilt to enable X driver for -g mode. n/lynx-2.8.9dev.19-x86_64-1.txz: Upgraded. n/nftables-0.8.5-x86_64-1.txz: Upgraded. n/p11-kit-0.23.11-x86_64-1.txz: Upgraded. n/ulogd-2.0.7-x86_64-1.txz: Upgraded. n/whois-5.3.1-x86_64-1.txz: Upgraded. xap/network-manager-applet-1.8.12-x86_64-1.txz: Upgraded. xap/vim-gvim-8.1.0026-x86_64-1.txz: Upgraded. 2018-05-28 21:12:29 +02:00			`--- libwmf-0.2.8.4/src/extra/gd/gd.c`
			`+++ libwmf-0.2.8.4/src/extra/gd/gd.c`
			`@@ -65,6 +65,18 @@`
			`{`
			`int i;`
			`gdImagePtr im;`
			`+`
			`+ if (overflow2(sx, sy)) {`
			`+ return NULL;`
			`+ }`
			`+`
			`+ if (overflow2(sizeof (unsigned char *), sy)) {`
			`+ return NULL;`
			`+ }`
			`+ if (overflow2(sizeof (unsigned char), sx)) {`
			`+ return NULL;`
			`+ }`
			`+`
			`im = (gdImage *) gdMalloc (sizeof (gdImage));`
			`memset (im, 0, sizeof (gdImage));`
			`/* Row-major ever since gd 1.3 */`