]>
Commit | Line | Data |
---|---|---|
847756f6 SS |
1 | --- trunk/SDL_image/IMG_gif.c 2007/12/28 08:17:23 3461 |
2 | +++ trunk/SDL_image/IMG_gif.c 2007/12/28 16:43:56 3462 | |
3 | @@ -418,6 +418,10 @@ | |
4 | static int stack[(1 << (MAX_LWZ_BITS)) * 2], *sp; | |
5 | register int i; | |
6 | ||
7 | + /* Fixed buffer overflow found by Michael Skladnikiewicz */ | |
8 | + if (input_code_size > MAX_LWZ_BITS) | |
9 | + return -1; | |
10 | + | |
11 | if (flag) { | |
12 | set_code_size = input_code_size; | |
13 | code_size = set_code_size + 1; |