Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP2:GA
ImageMagick.29424
ImageMagick-CVE-2017-5506.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File ImageMagick-CVE-2017-5506.patch of Package ImageMagick.29424
From 6235f1f7a9f7b0f83b197f6cd0073dbb6602d0fb Mon Sep 17 00:00:00 2001 From: Cristy <urban-warrior@imagemagick.org> Date: Thu, 12 Jan 2017 12:51:14 -0500 Subject: [PATCH] https://github.com/ImageMagick/ImageMagick/issues/354 --- magick/profile.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) Index: ImageMagick-6.8.8-1/magick/profile.c =================================================================== --- ImageMagick-6.8.8-1.orig/magick/profile.c 2017-01-18 21:03:40.077353220 +0100 +++ ImageMagick-6.8.8-1/magick/profile.c 2017-01-18 21:05:18.622951460 +0100 @@ -1577,10 +1577,10 @@ MagickExport MagickBooleanType SyncImage The directory entry contains an offset. */ offset=(ssize_t) ((int) ReadProfileLong(endian,q+8)); - if ((ssize_t) (offset+number_bytes) < offset) - continue; /* prevent overflow */ - if ((size_t) (offset+number_bytes) > length) + if ((offset < 0) || ((size_t) (offset+number_bytes) > length)) continue; + if (~length < number_bytes) + continue; /* prevent overflow */ p=(unsigned char *) (exif+offset); } switch (tag_value)
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor