1 files changed, 0 insertions, 38 deletions

diff --git a/meta-oe/recipes-support/gd/gd/CVE-2016-10168.patch b/meta-oe/recipes-support/gd/gd/CVE-2016-10168.patch
deleted file mode 100644
index aef1060c45..0000000000
--- a/meta-oe/recipes-support/gd/gd/CVE-2016-10168.patch
+++ /dev/null
@@ -1,38 +0,0 @@
-From 2d37bdc03a6e2b820fe380016f22592a7733e0be Mon Sep 17 00:00:00 2001
-From: Catalin Enache <catalin.enache@windriver.com>
-Date: Fri, 7 Apr 2017 12:32:49 +0300
-Subject: [PATCH] Fix #354: Signed Integer Overflow gd_io.c
-
-GD2 stores the number of horizontal and vertical chunks as words (i.e. 2
-byte unsigned). These values are multiplied and assigned to an int when
-reading the image, what can cause integer overflows. We have to avoid
-that, and also make sure that either chunk count is actually greater
-than zero. If illegal chunk counts are detected, we bail out from
-reading the image.
-
-Upstream-Status: Backport
-CVE: CVE-2016-10168
-
-Signed-off-by: Catalin Enache <catalin.enache@windriver.com>
----
- src/gd_gd2.c | 4 ++++
- 1 file changed, 4 insertions(+)
-
-diff --git a/src/gd_gd2.c b/src/gd_gd2.c
-index bae65ea..9006bd2 100644
---- a/src/gd_gd2.c
-+++ b/src/gd_gd2.c
-@@ -151,6 +151,10 @@ _gd2GetHeader (gdIOCtxPtr in, int *sx, int *sy,
- 	GD2_DBG (printf ("%d Chunks vertically\n", *ncy));
- 
- 	if (gd2_compressed (*fmt)) {
-+		if (*ncx <= 0 || *ncy <= 0 || *ncx > INT_MAX / *ncy) {
-+			GD2_DBG(printf ("Illegal chunk counts: %d * %d\n", *ncx, *ncy));
-+			goto fail1;
-+		}
- 		nc = (*ncx) * (*ncy);
- 
- 		GD2_DBG (printf ("Reading %d chunk index entries\n", nc));
--- 
-2.10.2
-