$NetBSD: patch-CVE-2014-0190,v 1.1 2014/11/28 21:07:51 spz Exp $

patch for CVE-2014-0190 from https://codereview.qt-project.org/#/c/84035/1/src/gui/image/qgifhandler.cpp,unified

Upstream commit message:
   Author: Lars Knoll <lars.knoll@digia.com>
   AuthorDate: 2014-04-24 15:33:27 +0200
   Commit: Lars Knoll <lars.knoll@digia.com>
   CommitDate: 2014-04-24 15:43:28 +0200
   
   Don't crash on broken GIF images
   
   Broken GIF images could set invalid width and height
   values inside the image, leading to Qt creating a null
   QImage for it. In that case we need to abort decoding
   the image and return an error.
   
   Initial patch by Rich Moore.
   
   Backport of Id82a4036f478bd6e49c402d6598f57e7e5bb5e1e from Qt 5
   
   Task-number: QTBUG-38367
   Change-Id: I0680740018aaa8356d267b7af3f01fac3697312a
   Security-advisory: CVE-2014-0190

--- src/gui/image/qgifhandler.cpp.orig	2014-04-10 18:37:12.000000000 +0000
+++ src/gui/image/qgifhandler.cpp
@@ -359,6 +359,13 @@ int QGIFFormat::decode(QImage *image, co
                     memset(bits, 0, image->byteCount());
                 }
 
+                // Check if the previous attempt to create the image failed. If it
+                // did then the image is broken and we should give up.
+                if (image->isNull()) {
+                    state = Error;
+                    return -1;
+                }
+
                 disposePrevious(image);
                 disposed = false;
 
