From 30bf8ddad56dc90f016a0932297bf0c1ddb7a5a8 Mon Sep 17 00:00:00 2001
From: CoprDistGit <infra@openeuler.org>
Date: Tue, 6 Aug 2024 02:45:21 +0000
Subject: automatic import of libpng15

---
 libpng15-CVE-2018-13785.patch | 34 ++++++++++++++++++++++++++++++++++
 1 file changed, 34 insertions(+)
 create mode 100644 libpng15-CVE-2018-13785.patch

(limited to 'libpng15-CVE-2018-13785.patch')

diff --git a/libpng15-CVE-2018-13785.patch b/libpng15-CVE-2018-13785.patch
new file mode 100644
index 0000000..32d8df7
--- /dev/null
+++ b/libpng15-CVE-2018-13785.patch
@@ -0,0 +1,34 @@
+From 1748e52e41b7bd8bde8cc917053c39bd6849c17d Mon Sep 17 00:00:00 2001
+From: Cosmin Truta <ctruta@gmail.com>
+Date: Sun, 17 Jun 2018 22:56:29 -0400
+Subject: [PATCH] Fix the calculation of row_factor in png_check_chunk_length
+
+(Bug report by Thuan Pham, SourceForge issue #278)
+---
+ pngrutil.c | 9 ++++++---
+ 1 file changed, 6 insertions(+), 3 deletions(-)
+
+diff --git a/pngrutil.c b/pngrutil.c
+index d5a344d..1e90863 100644
+--- a/pngrutil.c
++++ b/pngrutil.c
+@@ -2839,10 +2839,13 @@ png_check_chunk_length(png_structp png_ptr, png_uint_32 length)
+    {
+       png_alloc_size_t idat_limit = PNG_UINT_31_MAX;
+       size_t row_factor =
+-         (png_ptr->width * png_ptr->channels * (png_ptr->bit_depth > 8? 2: 1)
+-          + 1 + (png_ptr->interlaced? 6: 0));
++         (size_t)png_ptr->width
++         * (size_t)png_ptr->channels
++         * (png_ptr->bit_depth > 8? 2: 1)
++         + 1
++         + (png_ptr->interlaced? 6: 0);
+       if (png_ptr->height > PNG_UINT_32_MAX/row_factor)
+-         idat_limit=PNG_UINT_31_MAX;
++         idat_limit = PNG_UINT_31_MAX;
+       else
+          idat_limit = png_ptr->height * row_factor;
+       row_factor = row_factor > 32566? 32566 : row_factor;
+-- 
+2.17.1
+
-- 
cgit v1.2.3