Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP2:GA
ImageMagick.29424
ImageMagick-CVE-2016-10048.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File ImageMagick-CVE-2016-10048.patch of Package ImageMagick.29424
--- a/magick/module.c +++ b/magick/module.c @@ -547,6 +547,15 @@ static MagickBooleanType GetMagickModulePath(const char *filename, assert(path != (char *) NULL); assert(exception != (ExceptionInfo *) NULL); (void) CopyMagickString(path,filename,MaxTextExtent); +#if defined(MAGICKCORE_INSTALLED_SUPPORT) + if (strstr(path,"../") != (char *) NULL) + { + errno=EPERM; + (void) ThrowMagickException(exception,GetMagickModule(),PolicyError, + "NotAuthorized","`%s'",path); + return(MagickFalse); + } +#endif module_path=(char *) NULL; switch (module_type) {
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor