autotrace/autotrace-0.31.1-CVE-2013-1953.patch

diff -up autotrace-0.31.1/input-bmp.c.orig autotrace-0.31.1/input-bmp.c
--- autotrace-0.31.1/input-bmp.c.orig	2002-10-10 22:44:08.000000000 +0200
+++ autotrace-0.31.1/input-bmp.c	2013-06-28 10:24:58.336056959 +0200
@@ -166,7 +166,7 @@ input_bmp_reader (at_string filename,
                                                         /* 36 */
       Maps = 4;
     }
-  else if (Bitmap_File_Head.biSize <= 64) /* Probably OS/2 2.x */
+  else if (Bitmap_File_Head.biSize >= 40 && Bitmap_File_Head.biSize <= 64) /* Probably OS/2 2.x */
     {
       if (!ReadOK (fd, buffer, Bitmap_File_Head.biSize - 4))
 	{