Blame SOURCES/autotrace-0.31.1-CVE-2013-1953.patch

440f6d
diff -up autotrace-0.31.1/input-bmp.c.orig autotrace-0.31.1/input-bmp.c
440f6d
--- autotrace-0.31.1/input-bmp.c.orig	2002-10-10 22:44:08.000000000 +0200
440f6d
+++ autotrace-0.31.1/input-bmp.c	2013-06-28 10:24:58.336056959 +0200
440f6d
@@ -166,7 +166,7 @@ input_bmp_reader (at_string filename,
440f6d
                                                         /* 36 */
440f6d
       Maps = 4;
440f6d
     }
440f6d
-  else if (Bitmap_File_Head.biSize <= 64) /* Probably OS/2 2.x */
440f6d
+  else if (Bitmap_File_Head.biSize >= 40 && Bitmap_File_Head.biSize <= 64) /* Probably OS/2 2.x */
440f6d
     {
440f6d
       if (!ReadOK (fd, buffer, Bitmap_File_Head.biSize - 4))
440f6d
 	{