Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP1:GA
ImageMagick.28259
ImageMagick-CVE-2014-9845.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File ImageMagick-CVE-2014-9845.patch of Package ImageMagick.28259
--- a/coders/dib.c +++ b/coders/dib.c @@ -159,6 +159,10 @@ static MagickBooleanType DecodeImage(Image *image, #define BI_RLE8 1 #define BI_RLE4 2 #define BI_BITFIELDS 3 +#undef BI_JPEG +#define BI_JPEG 4 +#undef BI_PNG +#define BI_PNG 5 #endif int @@ -542,9 +546,42 @@ static Image *ReadDIBImage(const ImageInfo *image_info,ExceptionInfo *exception) dib_info.green_mask=ReadBlobLSBLong(image); dib_info.blue_mask=ReadBlobLSBLong(image); } - image->matte=dib_info.bits_per_pixel == 32 ? MagickTrue : MagickFalse; + if (dib_info.width <= 0) + ThrowReaderException(CorruptImageError,"NegativeOrZeroImageSize"); + if (dib_info.height == 0) + ThrowReaderException(CorruptImageError,"NegativeOrZeroImageSize"); + if (dib_info.planes != 1) + ThrowReaderException(CorruptImageError,"StaticPlanesValueNotEqualToOne"); + if ((dib_info.bits_per_pixel != 1) && (dib_info.bits_per_pixel != 4) && + (dib_info.bits_per_pixel != 8) && (dib_info.bits_per_pixel != 16) && + (dib_info.bits_per_pixel != 24) && (dib_info.bits_per_pixel != 32)) + ThrowReaderException(CorruptImageError,"UnrecognizedBitsPerPixel"); + if (dib_info.bits_per_pixel < 16 && + dib_info.number_colors > (1U << dib_info.bits_per_pixel)) + ThrowReaderException(CorruptImageError,"UnrecognizedNumberOfColors"); + if ((dib_info.compression == 1) && (dib_info.bits_per_pixel != 8)) + ThrowReaderException(CorruptImageError,"UnrecognizedBitsPerPixel"); + if ((dib_info.compression == 2) && (dib_info.bits_per_pixel != 4)) + ThrowReaderException(CorruptImageError,"UnrecognizedBitsPerPixel"); + if ((dib_info.compression == 3) && (dib_info.bits_per_pixel < 16)) + ThrowReaderException(CorruptImageError,"UnrecognizedBitsPerPixel"); + switch (dib_info.compression) + { + case BI_RGB: + case BI_RLE8: + case BI_RLE4: + case BI_BITFIELDS: + break; + case BI_JPEG: + ThrowReaderException(CoderError,"JPEGCompressNotSupported"); + case BI_PNG: + ThrowReaderException(CoderError,"PNGCompressNotSupported"); + default: + ThrowReaderException(CorruptImageError,"UnrecognizedImageCompression"); + } image->columns=(size_t) MagickAbsoluteValue(dib_info.width); image->rows=(size_t) MagickAbsoluteValue(dib_info.height); + image->matte=dib_info.bits_per_pixel == 32 ? MagickTrue : MagickFalse; image->depth=8; if ((dib_info.number_colors != 0) || (dib_info.bits_per_pixel < 16)) {
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
