From 893225c0aabd4503d2d4d8f6f92c44de0126d2ed Mon Sep 17 00:00:00 2001
From: Pierre Joye <pajoye@php.net>
Date: Sat, 2 Jun 2007 15:41:02 +0000
Subject: [PATCH] - MFB: sx/sy must be > 0 and < INT_MAX

---
 ext/gd/gd.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/ext/gd/gd.c b/ext/gd/gd.c
index 0b1d29edec..11ba9d9388 100644
--- a/ext/gd/gd.c
+++ b/ext/gd/gd.c
@@ -1560,7 +1560,7 @@ PHP_FUNCTION(imagecreatetruecolor)
 		return;
 	}
 
-	if (x_size <= 0 || y_size <= 0) {
+	if (x_size <= 0 || y_size <= 0 ||  x_size >= INT_MAX || y_size >= INT_MAX) {
 		php_error_docref(NULL TSRMLS_CC, E_WARNING, "Invalid image dimensions");
 		RETURN_FALSE;
 	}
@@ -2109,7 +2109,7 @@ PHP_FUNCTION(imagecreate)
 		return;
 	}
 
-	if (x_size <= 0 || y_size <= 0) {
+	if (x_size <= 0 || y_size <= 0 ||  x_size >= INT_MAX || y_size >= INT_MAX) {
 		php_error_docref(NULL TSRMLS_CC, E_WARNING, "Invalid image dimensions");
 		RETURN_FALSE;
 	}
-- 
2.50.1