File ImageMagick-CVE-2017-18008.patch of Package ImageMagick.28259

Overview Repositories Revisions Requests Users Attributes Meta

File ImageMagick-CVE-2017-18008.patch of Package ImageMagick.28259

Index: ImageMagick-6.8.8-1/coders/pwp.c
===================================================================
--- ImageMagick-6.8.8-1.orig/coders/pwp.c	2018-01-26 11:48:11.089784192 +0100
+++ ImageMagick-6.8.8-1/coders/pwp.c	2018-01-26 11:59:26.064635941 +0100
@@ -182,6 +182,7 @@ static Image *ReadPWPImage(const ImageIn
   unique_file=AcquireUniqueFileResource(read_info->filename);
   for ( ; ; )
   {
+    (void) memset(magick,0,sizeof(magick));
     for (c=ReadBlobByte(pwp_image); c != EOF; c=ReadBlobByte(pwp_image))
     {
       for (i=0; i < 17; i++)
@@ -191,10 +192,15 @@ static Image *ReadPWPImage(const ImageIn
         break;
     }
     if (c == EOF)
-      break;
+      {
+        (void) RelinquishUniqueFileResource(read_info->filename);
+        read_info=DestroyImageInfo(read_info);
+        ThrowReaderException(CorruptImageError,"UnexpectedEndOfFile");
+      }
     if (LocaleNCompare((char *) (magick+12),"SFW94A",6) != 0)
       {
         (void) RelinquishUniqueFileResource(read_info->filename);
+        read_info=DestroyImageInfo(read_info);
         ThrowReaderException(CorruptImageError,"ImproperImageHeader");
       }
     /*
@@ -206,9 +212,10 @@ static Image *ReadPWPImage(const ImageIn
     if ((unique_file == -1) || (file == (FILE *) NULL))
       {
         (void) RelinquishUniqueFileResource(read_info->filename);
+        read_info=DestroyImageInfo(read_info);
+        image=DestroyImageList(image);
         ThrowFileException(exception,FileOpenError,"UnableToWriteFile",
           image->filename);
-        image=DestroyImageList(image);
         return((Image *) NULL);
       }
     length=fwrite("SFW94A",1,6,file);
@@ -222,6 +229,12 @@ static Image *ReadPWPImage(const ImageIn
       (void) fputc(c,file);
     }
     (void) fclose(file);
+    if (c == EOF)
+      {
+        (void) RelinquishUniqueFileResource(read_info->filename);
+        read_info=DestroyImageInfo(read_info);
+        ThrowReaderException(CorruptImageError,"UnexpectedEndOfFile");
+      }
     next_image=ReadImage(read_info,exception);
     if (next_image == (Image *) NULL)
       break;
@@ -249,17 +262,21 @@ static Image *ReadPWPImage(const ImageIn
   }
   (void) RelinquishUniqueFileResource(read_info->filename);
   read_info=DestroyImageInfo(read_info);
-  if (EOFBlob(image) != MagickFalse)
+  if (image != (Image *) NULL)
     {
-      char
-        *message;
+      if (EOFBlob(image) != MagickFalse)
+        {
+          char
+            *message;
 
-      message=GetExceptionMessage(errno);
-      (void) ThrowMagickException(exception,GetMagickModule(),CorruptImageError,
-        "UnexpectedEndOfFile","`%s': %s",image->filename,message);
-      message=DestroyString(message);
+          message=GetExceptionMessage(errno);
+          (void) ThrowMagickException(exception,GetMagickModule(),
+            CorruptImageError,"UnexpectedEndOfFile","`%s': %s",image->filename,
+            message);
+          message=DestroyString(message);
+        }
+      (void) CloseBlob(image);
     }
-  (void) CloseBlob(image);
   return(GetFirstImageInList(image));
 }

Places

File ImageMagick-CVE-2017-18008.patch of Package ImageMagick.28259

Places