summaryrefslogtreecommitdiff
path: root/patches/source/libwmf/libwmf-0.2.8.4-CVE-2016-10167.patch
blob: 5e28197439f23f9aa35dd7fe2775b7ef36f1ea42 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
--- libwmf-0.2.8.4/src/extra/gd/gd_gd2.c
+++ libwmf-0.2.8.4/src/extra/gd/gd_gd2.c
@@ -362,10 +362,9 @@
 			{
 			  if (!gdGetInt (&im->tpixels[y][x], in))
 			    {
-			      /*printf("EOF while reading\n"); */
-			      /*gdImageDestroy(im); */
-			      /*return 0; */
-			      im->tpixels[y][x] = 0;
+                               fprintf(stderr, "gd2: EOF while reading\n");
+                               gdImageDestroy(im);
+                               return NULL;
 			    }
 			}
 		      else
@@ -373,10 +372,9 @@
 			  int ch;
 			  if (!gdGetByte (&ch, in))
 			    {
-			      /*printf("EOF while reading\n"); */
-			      /*gdImageDestroy(im); */
-			      /*return 0; */
-			      ch = 0;
+                              fprintf(stderr, "gd2: EOF while reading\n");
+                              gdImageDestroy(im);
+                              return NULL;
 			    }
 			  im->pixels[y][x] = ch;
 			}