$OpenBSD: patch-src_modules_loaders_loader_pnm_c,v 1.1 2006/11/20 09:21:09 bernd Exp $

Fix for CVE-2006-4806, CVE-2006-4807, CVE-2006-4808, CVE-2006-4809.
Should be fixed in >1.3.0.

--- src/modules/loaders/loader_pnm.c.orig	Tue Sep  5 02:37:07 2006
+++ src/modules/loaders/loader_pnm.c	Mon Nov  6 10:41:32 2006
@@ -107,7 +107,7 @@ load(ImlibImage * im, ImlibProgressFunct
                }
           }
      }
-   if ((w <= 0) || (w > 8192) || (h <= 0) || (h > 8192) || (v < 0) || (v > 255))
+   if ((v < 0) || (v > 255))
      {
         fclose(f);
         return 0;
@@ -115,6 +115,11 @@ load(ImlibImage * im, ImlibProgressFunct
 
    im->w = w;
    im->h = h;
+   if ((w < 1) || (h < 1) || (w > 8192) || (h > 8192))
+     {
+	fclose(f);
+	return 0;
+     }
    if (!im->format)
      {
         if (p == '8')
