File _service:obs_scm:CVE-2013-7354-1.patch of Package libpng12

From 4a9e849234328b4869cfd66037db9c768c88d887 Mon Sep 17 00:00:00 2001
From: yaokai13 <yaokai13@huawei.com>
Date: Sun, 28 Jun 2020 11:49:20 +0800
Subject: [PATCH] 3

---
 pngset.c | 16 +++++++++++++---
 1 file changed, 13 insertions(+), 3 deletions(-)

diff --git a/pngset.c b/pngset.c
index 45641af..f3e0989 100644
--- a/pngset.c
+++ b/pngset.c
@@ -938,9 +938,19 @@ png_set_sPLT(png_structp png_ptr,
    if (png_ptr == NULL || info_ptr == NULL)
       return;
 
-   np = (png_sPLT_tp)png_malloc_warn(png_ptr,
-       (info_ptr->splt_palettes_num + nentries) *
-        (png_uint_32)png_sizeof(png_sPLT_t));
+   if (nentries < 0 ||
+       nentries > INT_MAX-info_ptr->splt_palettes_num ||
+       (unsigned int)/*SAFE*/(nentries +/*SAFE*/
+       info_ptr->splt_palettes_num) >=
+       PNG_SIZE_MAX/png_sizeof(png_sPLT_t))
+      np=NULL;
+
+   else
+
+      np = (png_sPLT_tp)png_malloc_warn(png_ptr,
+          (info_ptr->splt_palettes_num + nentries) *
+	  (png_uint_32)png_sizeof(png_sPLT_t));
+
    if (np == NULL)
    {
       png_warning(png_ptr, "No memory for sPLT palettes.");
-- 
2.23.0