From 30bf8ddad56dc90f016a0932297bf0c1ddb7a5a8 Mon Sep 17 00:00:00 2001
From: CoprDistGit <infra@openeuler.org>
Date: Tue, 6 Aug 2024 02:45:21 +0000
Subject: automatic import of libpng15

---
 libpng15-CVE-2013-6954.patch | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)
 create mode 100644 libpng15-CVE-2013-6954.patch

(limited to 'libpng15-CVE-2013-6954.patch')

diff --git a/libpng15-CVE-2013-6954.patch b/libpng15-CVE-2013-6954.patch
new file mode 100644
index 0000000..43a1d46
--- /dev/null
+++ b/libpng15-CVE-2013-6954.patch
@@ -0,0 +1,21 @@
+diff --git a/pngset.c b/pngset.c
+index 4177e62..3876103 100644
+--- a/pngset.c
++++ b/pngset.c
+@@ -524,6 +524,16 @@ png_set_PLTE(png_structp png_ptr, png_infop info_ptr,
+          return;
+       }
+    }
++   if ((num_palette > 0 && palette == NULL) ||
++      (num_palette == 0
++ #       ifdef PNG_MNG_FEATURES_SUPPORTED
++            && (png_ptr->mng_features_permitted & PNG_FLAG_MNG_EMPTY_PLTE) == 0
++ #       endif
++      ))
++   {
++      png_error(png_ptr, "Invalid palette");
++      return;
++   }
+ 
+    /* It may not actually be necessary to set png_ptr->palette here;
+     * we do it for backward compatibility with the way the png_handle_tRNS
-- 
cgit v1.2.3