From 017efe162cacd799fd6517669afbd3859993970f54a8a57a6c020b04fc5b16fc Mon Sep 17 00:00:00 2001
From: Petr Gajdos <pgajdos@suse.com>
Date: Wed, 1 Aug 2018 08:04:03 +0000
Subject: [PATCH] - security update:   * CVE-2018-13785 [bsc#1100687]     +
 libpng16-CVE-2018-13785.patch

OBS-URL: https://build.opensuse.org/package/show/graphics/libpng16?expand=0&rev=109
---
 libpng16-CVE-2018-13785.patch | 13 +++++++++++++
 libpng16.changes              |  7 +++++++
 libpng16.spec                 |  2 ++
 3 files changed, 22 insertions(+)
 create mode 100644 libpng16-CVE-2018-13785.patch

diff --git a/libpng16-CVE-2018-13785.patch b/libpng16-CVE-2018-13785.patch
new file mode 100644
index 0000000..f87c22b
--- /dev/null
+++ b/libpng16-CVE-2018-13785.patch
@@ -0,0 +1,13 @@
+Index: libpng-1.6.34/pngrutil.c
+===================================================================
+--- libpng-1.6.34.orig/pngrutil.c	2017-09-29 10:40:57.000000000 +0200
++++ libpng-1.6.34/pngrutil.c	2018-08-01 09:59:02.399741891 +0200
+@@ -3149,7 +3149,7 @@ png_check_chunk_length(png_const_structr
+    {
+       png_alloc_size_t idat_limit = PNG_UINT_31_MAX;
+       size_t row_factor =
+-         (png_ptr->width * png_ptr->channels * (png_ptr->bit_depth > 8? 2: 1)
++         ((size_t)png_ptr->width * (size_t)png_ptr->channels * (png_ptr->bit_depth > 8? 2: 1)
+           + 1 + (png_ptr->interlaced? 6: 0));
+       if (png_ptr->height > PNG_UINT_32_MAX/row_factor)
+          idat_limit=PNG_UINT_31_MAX;
diff --git a/libpng16.changes b/libpng16.changes
index bd68643..14139c3 100644
--- a/libpng16.changes
+++ b/libpng16.changes
@@ -1,3 +1,10 @@
+-------------------------------------------------------------------
+Wed Aug  1 08:01:23 UTC 2018 - pgajdos@suse.com
+
+- security update:
+  * CVE-2018-13785 [bsc#1100687]
+    + libpng16-CVE-2018-13785.patch
+
 -------------------------------------------------------------------
 Mon Feb  5 15:35:46 UTC 2018 - pgajdos@suse.com
 
diff --git a/libpng16.spec b/libpng16.spec
index 4960508..fd34ecf 100644
--- a/libpng16.spec
+++ b/libpng16.spec
@@ -35,6 +35,7 @@ Source1:        ftp://ftp.simplesystems.org/pub/png/src/libpng16/libpng-%{versio
 Source2:        libpng16.keyring
 Source3:        rpm-macros.libpng-tools
 Source4:        baselibs.conf
+Patch0:         libpng16-CVE-2018-13785.patch
 BuildRequires:  libtool
 BuildRequires:  pkgconfig
 BuildRequires:  zlib-devel
@@ -96,6 +97,7 @@ PNG files.
 
 %prep
 %setup -q -n libpng-%{version}
+%patch0 -p1
 
 %build
 # PNG_SAFE_LIMITS_SUPPORTED: http://www.openwall.com/lists/oss-security/2015/01/10/1