ALT Linux Sisyphus

diff -up cups-1.2.4/filter/image-gif.c.CVE-2008-1373 cups-1.2.4/filter/image-gif.c

--- cups-1.2.4/filter/image-gif.c.CVE-2008-1373	2006-05-11 12:41:36.000000000 +0100
+++ cups-1.2.4/filter/image-gif.c	2008-03-20 15:32:18.000000000 +0000
@@ -47,6 +47,8 @@
 #define GIF_INTERLACE	0x40
 #define GIF_COLORMAP	0x80
 
+#define MAX_LWZ_BITS	12
+
 typedef cups_ib_t	gif_cmap_t[256][4];
 typedef short		gif_table_t[4096];
 
@@ -471,6 +473,9 @@ gif_read_image(FILE         *fp,	/* I - 
   pass      = 0;
   code_size = getc(fp);
 
+  if (code_size > MAX_LWZ_BITS)
+    return (-1);
+
   if (gif_read_lzw(fp, 1, code_size) < 0)
     return (-1);
 