$NetBSD: patch-CVE-2012-4405,v 1.2 2014/04/26 13:51:40 wiz Exp $

from RedHat bug #854227

--- icclib/icc.c.orig	2009-07-28 07:48:19.000000000 +0000
+++ icclib/icc.c
@@ -4996,6 +4996,11 @@
         p->clutPoints = read_UInt8Number(bp+10);
 
         /* Sanity check */
+	if (p->inputChan < 1) {
+		sprintf(icp->err,"icmLut_read: No input channels!");
+		return icp->errc = 1;
+	}
+
         if (p->inputChan > MAX_CHAN) {
                 sprintf(icp->err,"icmLut_read: Can't handle > %d input channels\n",MAX_CHAN);
                 return icp->errc = 1;