CVE-2019-20219

ngiflib 0.4 has a heap-based buffer over-read in GifIndexToTrueColor in ngiflib.c.