Blame SOURCES/autotrace-0.31.1-CVE-2013-1953.patch

12a50f
diff -up autotrace-0.31.1/input-bmp.c.orig autotrace-0.31.1/input-bmp.c
12a50f
--- autotrace-0.31.1/input-bmp.c.orig	2002-10-10 22:44:08.000000000 +0200
12a50f
+++ autotrace-0.31.1/input-bmp.c	2013-06-28 10:24:58.336056959 +0200
12a50f
@@ -166,7 +166,7 @@ input_bmp_reader (at_string filename,
12a50f
                                                         /* 36 */
12a50f
       Maps = 4;
12a50f
     }
12a50f
-  else if (Bitmap_File_Head.biSize <= 64) /* Probably OS/2 2.x */
12a50f
+  else if (Bitmap_File_Head.biSize >= 40 && Bitmap_File_Head.biSize <= 64) /* Probably OS/2 2.x */
12a50f
     {
12a50f
       if (!ReadOK (fd, buffer, Bitmap_File_Head.biSize - 4))
12a50f
 	{