commit 36c9013994bb24ed9f9648dce5a03c07c449420d
author Henrik Smiding <henrik.smiding@intel.com> Fri Feb 20 13:01:11 2015 +0100
committer The Android Automerger <android-build@google.com> Wed Mar 25 18:49:24 2015 -0700
tree ca69bceb1cce4ffc4cf8d3cccbef615507d28edb
parent 8594e1a8521b2cbdd941719b929b15ba943b1d4a

Fix buffer overflow security vulnerability (CVE-2014-9495)

Fixes the heap-based buffer overflow in the png_combine_row
function, when running on 64-bit systems. Might allow context-
dependent attackers to execute arbitrary code via a
"very wide interlaced" PNG image.

This is a cherry-pick of commit dc294204b641373bc6eb603075a8b98f51a75dd8
from upstream branch libpng16

bug: 19474828

Signed-off-by: Henrik Smiding <henrik.smiding@intel.com>

(cherry picked from commit 3ae1ad1c8460c90ae2d2028edde0c4d92316e71d)

Change-Id: Ia8dae5e5d0b8b8840c8871de99f35e03f6fbcc39