diff -up espgs-8.15.2/src/zicc.c.CVE-2008-0411 espgs-8.15.2/src/zicc.c
--- espgs-8.15.2/src/zicc.c.CVE-2008-0411 2005-01-19 04:08:41.000000000 +0000
+++ espgs-8.15.2/src/zicc.c 2008-02-19 09:44:35.000000000 +0000
@@ -80,6 +80,9 @@ zseticcspace(i_ctx_t * i_ctx_p)
dict_find_string(op, "N", &pnval);
ncomps = pnval->value.intval;
+ if (2*ncomps > sizeof(range_buff)/sizeof(float))
+ return_error(e_rangecheck);
+
/* verify the DataSource entry */
if (dict_find_string(op, "DataSource", &pstrmval) <= 0)
return_error(e_undefined);
distrib
>
Scientific%20Linux
>
5x
>
x86_64
>
by-pkgid
>
bcad270e706b49dcd7d3b92dded440f2
>
files
>
7
