From 542b78d08dd94e73ca79a197e8f102cb610b87a7 Mon Sep 17 00:00:00 2001
From: Alex Dupre <ale@FreeBSD.org>
Date: Mon, 14 Jun 2010 14:43:44 +0000
Subject: [PATCH] Security fix for gd remote buffer overflow vulnerability.

PR:		ports/147163
Submitted by:	Michael Ranner <michael@ranner.eu>
---
 graphics/php4-gd/Makefile                  |  1 +
 graphics/php4-gd/files/patch-libgd_gd_gd.c | 12 ++++++++++++
 2 files changed, 13 insertions(+)
 create mode 100644 graphics/php4-gd/files/patch-libgd_gd_gd.c

diff --git a/graphics/php4-gd/Makefile b/graphics/php4-gd/Makefile
index 4e1f0b87e77b..58d544d91d16 100644
--- a/graphics/php4-gd/Makefile
+++ b/graphics/php4-gd/Makefile
@@ -5,6 +5,7 @@
 # $FreeBSD$
 #
 
+PORTREVISION=	4
 CATEGORIES=	graphics
 
 MASTERDIR=	${.CURDIR}/../../lang/php4
diff --git a/graphics/php4-gd/files/patch-libgd_gd_gd.c b/graphics/php4-gd/files/patch-libgd_gd_gd.c
new file mode 100644
index 000000000000..121a02498fe0
--- /dev/null
+++ b/graphics/php4-gd/files/patch-libgd_gd_gd.c
@@ -0,0 +1,12 @@
+--- libgd/gd_gd.c.orig	2010-03-26 14:26:22.000000000 +0100
++++ libgd/gd_gd.c	2010-03-26 14:28:03.000000000 +0100
+@@ -40,6 +40,9 @@
+ 			if (!gdGetWord(&im->colorsTotal, in)) {
+ 				goto fail1;
+ 			}
++			if (im->colorsTotal > gdMaxColors) {
++				goto fail1;
++			}
+ 		}
+ 		/* Int to accommodate truecolor single-color transparency */
+ 		if (!gdGetInt(&im->transparent, in)) {