From a04472df2e53802ec8f457eca2cde4342c137b81 Mon Sep 17 00:00:00 2001 From: Mattias Bengtsson Date: Tue, 23 Oct 2007 01:58:08 +0000 Subject: [PATCH] - Be paranoid and dont allow multiplication with zero --- ext/gd/libgd/gd_security.c | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/ext/gd/libgd/gd_security.c b/ext/gd/libgd/gd_security.c index a5fea34c14..897c302539 100644 --- a/ext/gd/libgd/gd_security.c +++ b/ext/gd/libgd/gd_security.c @@ -19,12 +19,10 @@ int overflow2(int a, int b) { - if(a < 0 || b < 0) { - php_gd_error("gd warning: one parameter to a memory allocation multiplication is negative, failing operation gracefully\n"); + if(a <= 0 || b <= 0) { + php_gd_error("gd warning: one parameter to a memory allocation multiplication is negative or zero, failing operation gracefully\n"); return 1; } - if(b == 0) - return 0; if(a > INT_MAX / b) { php_gd_error("gd warning: product of memory allocation multiplication would exceed INT_MAX, failing operation gracefully\n"); return 1; -- 2.50.1