From a4895e4439e472af2056f1018facfa9e40e13567 Mon Sep 17 00:00:00 2001
From: Xin LI <delphij@FreeBSD.org>
Date: Mon, 9 Nov 2009 17:14:27 +0000
Subject: Add a patch from vendor to fix CVE-2009-3546.

Security:	vuln e8344a3-ca52-11de-8ee8-00215c6a37bb
Approved by:	ale (maintainer)
---
 graphics/php5-gd/Makefile                  |  1 +
 graphics/php5-gd/files/patch-CVE-2009-3546 | 12 ++++++++++++
 2 files changed, 13 insertions(+)
 create mode 100644 graphics/php5-gd/files/patch-CVE-2009-3546

(limited to 'graphics')

diff --git a/graphics/php5-gd/Makefile b/graphics/php5-gd/Makefile
index 6ed41946bb21..2a8bcdd5e908 100644
--- a/graphics/php5-gd/Makefile
+++ b/graphics/php5-gd/Makefile
@@ -6,6 +6,7 @@
 #
 
 CATEGORIES=	graphics
+PORTREVISION=	2
 
 MASTERDIR=	${.CURDIR}/../../lang/php5
 
diff --git a/graphics/php5-gd/files/patch-CVE-2009-3546 b/graphics/php5-gd/files/patch-CVE-2009-3546
new file mode 100644
index 000000000000..2010c6829504
--- /dev/null
+++ b/graphics/php5-gd/files/patch-CVE-2009-3546
@@ -0,0 +1,12 @@
+--- ./libgd/gd_gd.c.orig	2007-08-09 07:21:38.000000000 -0700
++++ ./libgd/gd_gd.c	2009-11-08 23:13:19.144908056 -0800
+@@ -39,6 +39,9 @@
+ 			if (!gdGetWord(&im->colorsTotal, in)) {
+ 				goto fail1;
+ 			}
++			if (im->colorsTotal > gdMaxColors) {
++				goto fail1;
++			}
+ 		}
+ 		/* Int to accommodate truecolor single-color transparency */
+ 		if (!gdGetInt(&im->transparent, in)) {
-- 
cgit