- Be paranoid and dont allow multiplication with zero

19 years ago · a04472df2e
1 changed files with 2 additions and 4 deletions
--- a/ext/gd/libgd/gd_security.c
+++ b/ext/gd/libgd/gd_security.c
@ -19,12 +19,10 @@

 int overflow2(int a, int b)
 {
-	if(a < 0 || b < 0) {
-		php_gd_error("gd warning: one parameter to a memory allocation multiplication is negative, failing operation gracefully\n");
+	if(a <= 0 || b <= 0) {
+		php_gd_error("gd warning: one parameter to a memory allocation multiplication is negative or zero, failing operation gracefully\n");
 		return 1;
 	}
-	if(b == 0)
-		return 0;
 	if(a > INT_MAX / b) {
 		php_gd_error("gd warning: product of memory allocation multiplication would exceed INT_MAX, failing operation gracefully\n");
 		return 1;