From 524d0dd4969e3c361fd7066f7982034931058585 Mon Sep 17 00:00:00 2001
From: nukeykt <alexeytf2@icloud.com>
Date: Tue, 12 Nov 2019 13:40:19 +0900
Subject: [PATCH] Fix buffer overflow in getclosestcol_lim

---
 source/build/src/colmatch.cpp | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/source/build/src/colmatch.cpp b/source/build/src/colmatch.cpp
index 4ccdaf895..d6c40feeb 100644
--- a/source/build/src/colmatch.cpp
+++ b/source/build/src/colmatch.cpp
@@ -92,7 +92,7 @@ int32_t getclosestcol_lim(int32_t const r, int32_t const g, int32_t const b, int
 
     int mindist = -1;
 
-    int const k = (numclosestcolresults > COLRESULTSIZ) ? (COLRESULTSIZ-4) : (numclosestcolresults-4);
+    int const k = (numclosestcolresults > COLRESULTSIZ) ? COLRESULTSIZ : numclosestcolresults;
 
     if (!numclosestcolresults) goto skip;
 
@@ -101,7 +101,7 @@ int32_t getclosestcol_lim(int32_t const r, int32_t const g, int32_t const b, int
 
     int i;
 
-    for (i = 0; i < k+4; i+=4)
+    for (i = 0; i <= k-4; i+=4)
     {
         if (col == (getclosestcol_results[i]   & 0x00ffffff)) { mindist = i; break; }
         if (col == (getclosestcol_results[i+1] & 0x00ffffff)) { mindist = i+1; break; }