From: =?utf-8?q?Ond=C5=99ej_Sur=C3=BD?= <ondrej@sury.org>
Date: Fri, 20 May 2016 09:39:38 +0200
Subject: CVE-2015-8874

---
 src/gd.c | 11 +++++++++++
 1 file changed, 11 insertions(+)

--- libgd2.orig/src/gd.c
+++ libgd2/src/gd.c
@@ -1840,6 +1840,17 @@ BGD_DECLARE(void) gdImageFillToBorder (g
 	restoreAlphaBleding = im->alphaBlendingFlag;
 	im->alphaBlendingFlag = 0;
 
+	if (x >= im->sx) {
+		x = im->sx - 1;
+	} else if (x < 0) {
+		x = 0;
+	}
+	if (y >= im->sy) {
+		y = im->sy - 1;
+	} else if (y < 0) {
+		y = 0;
+	}
+	
 	for (i = x; (i >= 0); i--) {
 		if (gdImageGetPixel (im, i, y) == border) {
 			break;