imageloadfont: Perform overflow check before calculation

Instead of afterwards...

diff --git a/ext/gd/gd.c b/ext/gd/gd.c
index eb6a3fcca92d8e21f6d5e21934b1b8d9c24066d7..1ae52c663ec17fbd6470f468ab0167b96b1a4983 100644 (file)
--- a/ext/gd/gd.c
+++ b/ext/gd/gd.c
@@ -1443,6 +1443,13 @@ PHP_FUNCTION(imageloadfont)
        body_size_check = php_stream_tell(stream) - hdr_size;
        php_stream_seek(stream, i, SEEK_SET);
 
+       if (overflow2(font->nchars, font->h) || overflow2(font->nchars * font->h, font->w )) {
+               php_error_docref(NULL, E_WARNING, "Error reading font, invalid font header");
+               efree(font);
+               php_stream_close(stream);
+               RETURN_FALSE;
+       }
+
        body_size = font->w * font->h * font->nchars;
        if (body_size != body_size_check) {
                font->w = FLIPWORD(font->w);
@@ -1451,13 +1458,6 @@ PHP_FUNCTION(imageloadfont)
                body_size = font->w * font->h * font->nchars;
        }
 
-       if (overflow2(font->nchars, font->h) || overflow2(font->nchars * font->h, font->w )) {
-               php_error_docref(NULL, E_WARNING, "Error reading font, invalid font header");
-               efree(font);
-               php_stream_close(stream);
-               RETURN_FALSE;
-       }
-
        if (body_size != body_size_check) {
                php_error_docref(NULL, E_WARNING, "Error reading font");
                efree(font);