The DGifDecompressLine function in dgif_lib.c in GIFLIB (possibly version
3.0.x), as later shipped in cgif.c in sam2p 0.49.4, has a heap-based buffer
overflow because a certain “Private->RunningCode - 2” array index is not
checked. This will lead to a denial of service or possibly unspecified
other impact.