Blame SOURCES/autotrace-0.31.1-CVE-2013-1953.patch

b7cf7d
diff -up autotrace-0.31.1/input-bmp.c.orig autotrace-0.31.1/input-bmp.c
b7cf7d
--- autotrace-0.31.1/input-bmp.c.orig	2002-10-10 22:44:08.000000000 +0200
b7cf7d
+++ autotrace-0.31.1/input-bmp.c	2013-06-28 10:24:58.336056959 +0200
b7cf7d
@@ -166,7 +166,7 @@ input_bmp_reader (at_string filename,
b7cf7d
                                                         /* 36 */
b7cf7d
       Maps = 4;
b7cf7d
     }
b7cf7d
-  else if (Bitmap_File_Head.biSize <= 64) /* Probably OS/2 2.x */
b7cf7d
+  else if (Bitmap_File_Head.biSize >= 40 && Bitmap_File_Head.biSize <= 64) /* Probably OS/2 2.x */
b7cf7d
     {
b7cf7d
       if (!ReadOK (fd, buffer, Bitmap_File_Head.biSize - 4))
b7cf7d
 	{