--- libwmf-0.2.8.3/src/extra/gd/gd_png.c.can-2004-0990	2001-05-19 07:09:34.000000000 -0600
+++ libwmf-0.2.8.3/src/extra/gd/gd_png.c	2006-06-29 06:08:34.961119463 -0600
@@ -181,6 +181,14 @@ gdImageCreateFromPngCtx (gdIOCtx * infil
 
   png_get_IHDR (png_ptr, info_ptr, &width, &height, &bit_depth, &color_type,
 		&interlace_type, NULL, NULL);
+  if (overflow2(sizeof (int), width)) 
+    {
+      return NULL;
+    }
+  if (overflow2(sizeof (int) * width, height)) 
+    {
+      return NULL;
+    }  
   if ((color_type == PNG_COLOR_TYPE_RGB) ||
       (color_type == PNG_COLOR_TYPE_RGB_ALPHA))
     {