Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12:Update
ImageMagick.3353
ImageMagick-CVE-2014-9810.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File ImageMagick-CVE-2014-9810.patch of Package ImageMagick.3353
--- a/coders/dpx.c +++ b/coders/dpx.c @@ -67,6 +67,11 @@ #include "magick/string-private.h" /* + Define declaration. +*/ +#define MaxNumberImageElements 8 + +/* Typedef declaration. */ typedef enum @@ -230,7 +235,7 @@ typedef struct _DPXImageInfo lines_per_element; DPXImageElement - image_element[8]; + image_element[MaxNumberImageElements]; unsigned char reserve[52]; @@ -780,6 +785,8 @@ static Image *ReadDPXImage(const ImageInfo *image_info,ExceptionInfo *exception) Read DPX image header. */ dpx.image.orientation=ReadBlobShort(image); + if (dpx.image.orientation > 7) + ThrowReaderException(CorruptImageError,"ImproperImageHeader"); offset+=2; if (dpx.image.orientation != (unsigned short) ~0) (void) FormatImageProperty(image,"dpx:image.orientation","%d", @@ -797,7 +804,7 @@ static Image *ReadDPXImage(const ImageInfo *image_info,ExceptionInfo *exception) case 7: image->orientation=RightBottomOrientation; break; } dpx.image.number_elements=ReadBlobShort(image); - if (dpx.image.number_elements > 8) + if (dpx.image.number_elements > MaxNumberImageElements) ThrowReaderException(CorruptImageError,"ImproperImageHeader"); offset+=2; dpx.image.pixels_per_line=ReadBlobLong(image);
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
