From 44650c28f16d6f6e298ef448bfe32d5c305c37fc Mon Sep 17 00:00:00 2001
From: Frank Warmerdam <warmerdam@pobox.com>
Date: Wed, 14 Aug 2013 05:18:53 +0000
Subject: [PATCH] make more resistent to corrupt/hostile input files (#2450,
 CVE-2013-4231)

---
 ChangeLog        | 3 +++
 tools/gif2tiff.c | 4 +++-
 2 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/ChangeLog b/ChangeLog
index 449555d2..6fbd83fe 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,8 @@
 2013-08-13  Frank Warmerdam  <warmerdam@pobox.com>
 
+	* tools/gif2tiff.c: Be more careful about corrupt or
+	hostile input files (#2450, CVE-2013-4231)
+
 	* tools/tiff2pdf.c: terminate after failure of allocating 
 	ycbcr buffer (bug #2449, CVE-2013-4232)
 
diff --git a/tools/gif2tiff.c b/tools/gif2tiff.c
index 17f7a19e..4093411d 100644
--- a/tools/gif2tiff.c
+++ b/tools/gif2tiff.c
@@ -1,4 +1,4 @@
-/* $Id: gif2tiff.c,v 1.12 2010-12-15 00:22:44 faxguy Exp $ */
+/* $Id: gif2tiff.c,v 1.13 2013-08-14 05:18:53 fwarmerdam Exp $ */
 
 /*
  * Copyright (c) 1990-1997 Sam Leffler
@@ -333,6 +333,8 @@ readraster(void)
     int status = 1;
 
     datasize = getc(infile);
+    if (datasize > 12)
+	return 0;
     clear = 1 << datasize;
     eoi = clear + 1;
     avail = clear + 2;