$NetBSD: patch-af,v 1.1 2008/04/01 15:51:25 tonnerre Exp $

Fix buffer overflow vulnerability derived from old code (CVE-2006-4484).

--- pTk/mTk/additions/imgGIF.c.orig	2003-12-23 18:00:44.000000000 +0100
+++ pTk/mTk/additions/imgGIF.c
@@ -776,7 +776,7 @@ ReadImage(interp, imagePtr, handle, len,
     /*
      *  Initialize the decoder
      */
-    if (! ReadOK(handle,&initialCodeSize,1))  {
+    if (! ReadOK(handle,&initialCodeSize,1) || initialCodeSize > MAX_LWZ_BITS)  {
 	Tcl_AppendResult(interp, "error reading GIF image: ",
 		Tcl_PosixError(interp), (char *) NULL);
 	return TCL_ERROR;
