diff --git a/media-libs/sdl-image/files/sdl-image-1.2.6-DOS.patch b/media-libs/sdl-image/files/sdl-image-1.2.6-DOS.patch
new file mode 100644
--- /dev/null
+++ b/media-libs/sdl-image/files/sdl-image-1.2.6-DOS.patch
@@ -0,0 +1,41 @@
+--- trunk/SDL_image/IMG_gif.c	2007/02/13 10:09:17	2970
++++ trunk/SDL_image/IMG_gif.c	2007/12/28 16:43:56	3462
+@@ -418,6 +418,10 @@
+     static int stack[(1 << (MAX_LWZ_BITS)) * 2], *sp;
+     register int i;
+ 
++    /* Fixed buffer overflow found by Michael Skladnikiewicz */
++    if (input_code_size > MAX_LWZ_BITS)
++        return -1;
++
+     if (flag) {
+ 	set_code_size = input_code_size;
+ 	code_size = set_code_size + 1;
+--- trunk/SDL_image/IMG_lbm.c	2007/07/20 04:37:11	3341
++++ trunk/SDL_image/IMG_lbm.c	2008/01/03 20:05:34	3521
+@@ -28,6 +28,7 @@
+    EHB and HAM (specific Amiga graphic chip modes) support added by Marc Le Douarain
+    (http://www.multimania.com/mavati) in December 2003.
+    Stencil and colorkey fixes by David Raulo (david.raulo AT free DOT fr) in February 2004.
++   Buffer overflow fix in RLE decompression by David Raulo in January 2008.
+ */
+ 
+ #include <stdio.h>
+@@ -328,7 +329,7 @@
+ 						count ^= 0xFF;
+ 						count += 2; /* now it */
+ 
+-						if ( !SDL_RWread( src, &color, 1, 1 ) )
++						if ( ( count > remainingbytes ) || !SDL_RWread( src, &color, 1, 1 ) )
+ 						{
+ 						   error="error reading BODY chunk";
+ 							goto done;
+@@ -339,7 +340,7 @@
+ 					{
+ 						++count;
+ 
+-						if ( !SDL_RWread( src, ptr, count, 1 ) )
++						if ( ( count > remainingbytes ) || !SDL_RWread( src, ptr, count, 1 ) )
+ 						{
+ 						   error="error reading BODY chunk";
+ 							goto done;