From af11b3462640407a4ca596eeb57fac936976f865 Mon Sep 17 00:00:00 2001
From: Francesco Colista <fcolista@alpinelinux.org>
Date: Mon, 21 Oct 2019 20:28:57 +0000
Subject: main/sdl2_image: security fix for CVE-2019-13616.

Fixes #10879
---
 main/sdl2_image/CVE-2019-13616.patch | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)
 create mode 100644 main/sdl2_image/CVE-2019-13616.patch

diff --git a/main/sdl2_image/CVE-2019-13616.patch b/main/sdl2_image/CVE-2019-13616.patch
new file mode 100644
index 00000000000..cb0fe87a389
--- /dev/null
+++ b/main/sdl2_image/CVE-2019-13616.patch
@@ -0,0 +1,24 @@
+
+# HG changeset patch
+# User Sam Lantinga <slouken@libsdl.org>
+# Date 1564509612 25200
+# Node ID ba45f00879ba0b957780e1fd28304c41503c1737
+# Parent  f1baffa48926c4c76f482f21a240667e9159d1d5
+Fixed bug 4538 - validate image size when loading BMP files
+
+diff -r f1baffa48926 -r ba45f00879ba IMG_bmp.c
+--- a/IMG_bmp.c	Tue Jul 30 10:16:02 2019 -0700
++++ b/IMG_bmp.c	Tue Jul 30 11:00:12 2019 -0700
+@@ -351,6 +351,11 @@
+             SDL_RWseek(src, (biSize - headerSize), RW_SEEK_CUR);
+         }
+     }
++    if (biWidth <= 0 || biHeight == 0) {
++        IMG_SetError("BMP file with bad dimensions (%dx%d)", biWidth, biHeight);
++        was_error = SDL_TRUE;
++        goto done;
++    }
+     if (biHeight < 0) {
+         topDown = SDL_TRUE;
+         biHeight = -biHeight;
+
-- 
cgit v1.2.3