From: Mattias Bengtsson <mattias@php.net>
Date: Tue, 23 Oct 2007 01:58:41 +0000 (+0000)
Subject: -MFB, Be paranoid and dont allow multiplication with zero
X-Git-Tag: RELEASE_2_0_0a1~1558
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=f2b8a7500426952ab6286d4d16f8b73599ed0e02;p=php

-MFB, Be paranoid and dont allow multiplication with zero
---

diff --git a/ext/gd/libgd/gd_security.c b/ext/gd/libgd/gd_security.c
index a5fea34c14..897c302539 100644
--- a/ext/gd/libgd/gd_security.c
+++ b/ext/gd/libgd/gd_security.c
@@ -19,12 +19,10 @@
 
 int overflow2(int a, int b)
 {
-	if(a < 0 || b < 0) {
-		php_gd_error("gd warning: one parameter to a memory allocation multiplication is negative, failing operation gracefully\n");
+	if(a <= 0 || b <= 0) {
+		php_gd_error("gd warning: one parameter to a memory allocation multiplication is negative or zero, failing operation gracefully\n");
 		return 1;
 	}
-	if(b == 0)
-		return 0;
 	if(a > INT_MAX / b) {
 		php_gd_error("gd warning: product of memory allocation multiplication would exceed INT_MAX, failing operation gracefully\n");
 		return 1;