Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP1:GA
ImageMagick.3353
ImageMagick-CVE-2016-5841.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File ImageMagick-CVE-2016-5841.patch of Package ImageMagick.3353
Index: ImageMagick-6.8.9-8/magick/profile.c =================================================================== --- ImageMagick-6.8.9-8.orig/magick/profile.c 2016-06-29 13:33:12.700055735 +0200 +++ ImageMagick-6.8.9-8/magick/profile.c 2016-06-29 13:34:48.001762594 +0200 @@ -2066,6 +2066,8 @@ static MagickBooleanType SyncExifProfile tag_value; q=(unsigned char *) (directory+2+(12*entry)); + if (q > (exif+length-12)) + break; /* corrupt EXIF */ if (GetValueFromSplayTree(exif_resources,q) == q) break; (void) AddValueToSplayTree(exif_resources,q,q); @@ -2074,6 +2076,8 @@ static MagickBooleanType SyncExifProfile if ((format-1) >= EXIF_NUM_FORMATS) break; components=(ssize_t) ((int) ReadProfileLong(endian,q+4)); + if (components < 0) + break; /* corrupt EXIF */ number_bytes=(size_t) components*format_bytes[format]; if ((ssize_t) number_bytes < components) break; /* prevent overflow */
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor