$OpenBSD: patch-src_modules_loaders_loader_argb_c,v 1.1 2006/11/20 09:21:09 bernd Exp $

Fix for CVE-2006-4806, CVE-2006-4807, CVE-2006-4808, CVE-2006-4809.
Should be fixed in >1.3.0.

--- src/modules/loaders/loader_argb.c.orig	Tue Sep  5 02:37:07 2006
+++ src/modules/loaders/loader_argb.c	Mon Nov  6 10:41:32 2006
@@ -47,6 +47,11 @@ load(ImlibImage * im, ImlibProgressFunct
            fclose(f);
            return 0;
         }
+      if ((w < 1) || (h < 1) || (w > 8192) || (h > 8192))
+	{
+           fclose(f);
+           return 0;
+	}
       im->w = w;
       im->h = h;
       if (!im->format)
