From 08438a5098f3bb1de23a29334af55eba663f75bd Mon Sep 17 00:00:00 2001
From: "Eric S. Raymond" <esr@thyrsus.com>
Date: Sat, 9 Feb 2019 10:52:21 -0500
Subject: [PATCH] Address SF bug #113: Heap Buffer Overflow-2 in function
 DGifDecompressLine()...

This was CVE-2018-11490
---
 lib/dgif_lib.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

Index: giflib-5.1.4/lib/dgif_lib.c
===================================================================
--- giflib-5.1.4.orig/lib/dgif_lib.c
+++ giflib-5.1.4/lib/dgif_lib.c
@@ -901,7 +901,7 @@ DGifDecompressLine(GifFileType *GifFile,
                 while (StackPtr != 0 && i < LineLen)
                     Line[i++] = Stack[--StackPtr];
             }
-            if (LastCode != NO_SUCH_CODE && Prefix[Private->RunningCode - 2] == NO_SUCH_CODE) {
+            if (LastCode != NO_SUCH_CODE && Private->RunningCode - 2 < LZ_MAX_CODE && Prefix[Private->RunningCode - 2] == NO_SUCH_CODE) {
                 Prefix[Private->RunningCode - 2] = LastCode;
 
                 if (CrntCode == Private->RunningCode - 2) {