Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP4:GA
ImageMagick
ImageMagick-CVE-2017-16353.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File ImageMagick-CVE-2017-16353.patch of Package ImageMagick
Index: ImageMagick-6.8.8-1/magick/identify.c =================================================================== --- ImageMagick-6.8.8-1.orig/magick/identify.c 2018-03-05 20:18:45.777937438 +0100 +++ ImageMagick-6.8.8-1/magick/identify.c 2018-03-05 20:20:14.363445938 +0100 @@ -450,6 +450,14 @@ static ssize_t PrintChannelStatistics(FI return(n); } +static inline MagickSizeType MagickMin(const MagickSizeType x, + const MagickSizeType y) +{ + if (x < y) + return(x); + return(y); +} + MagickExport MagickBooleanType IdentifyImage(Image *image,FILE *file, const MagickBooleanType verbose) { @@ -1231,7 +1239,7 @@ MagickExport MagickBooleanType IdentifyI profile_length; profile_length=GetStringInfoLength(profile); - for (i=0; i < (ssize_t) profile_length; i+=(ssize_t) length) + for (i=0; i < (ssize_t) profile_length-5; i+=(ssize_t) length) { length=1; sentinel=GetStringInfoDatum(profile)[i++]; @@ -1299,6 +1307,7 @@ MagickExport MagickBooleanType IdentifyI (double) dataset,(double) record); length=(size_t) (GetStringInfoDatum(profile)[i++] << 8); length|=GetStringInfoDatum(profile)[i++]; + length=MagickMin(length,profile_length-i); attribute=(char *) NULL; if (~length >= (MaxTextExtent-1)) attribute=(char *) AcquireQuantumMemory(length+
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor