Description: fix denial of service and possible code execution via
 broken full-color images
Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=711317
Origin: upstream, https://github.com/LibRaw/LibRaw/commit/c14ae36d28e80139b2f31b5d9d7623db3b597a3a

Index: libkdcraw-4.8.5/libraw/src/libraw_cxx.cpp
===================================================================
--- libkdcraw-4.8.5.orig/libraw/src/libraw_cxx.cpp	2011-12-20 14:13:31.000000000 -0500
+++ libkdcraw-4.8.5/libraw/src/libraw_cxx.cpp	2013-06-07 10:29:39.459345387 -0400
@@ -792,8 +792,8 @@
                 S.iheight= S.height;
                 IO.shrink = 0;
                 // allocate image as temporary buffer, size 
-                imgdata.rawdata.raw_alloc = calloc(S.iwidth*S.iheight,sizeof(*imgdata.image));
-                imgdata.image = (ushort (*)[4]) imgdata.rawdata.raw_alloc;
+                imgdata.rawdata.raw_alloc = 0;
+                imgdata.image = (ushort (*)[4]) calloc(S.iwidth*S.iheight,sizeof(*imgdata.image));
             }
 
 
@@ -803,8 +803,8 @@
         // recover saved
         if( decoder_info.decoder_flags & LIBRAW_DECODER_LEGACY)
             {
-                imgdata.image = 0; 
-                imgdata.rawdata.color_image = (ushort (*)[4]) imgdata.rawdata.raw_alloc;
+              imgdata.rawdata.raw_alloc = imgdata.rawdata.color_image = imgdata.image;
+              imgdata.image = 0; 
             }
 
         // calculate channel maximum
