Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12:Update
ImageMagick.3353
ImageMagick-CVE-2016-5842.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File ImageMagick-CVE-2016-5842.patch of Package ImageMagick.3353
Index: ImageMagick-6.8.9-8/magick/property.c =================================================================== --- ImageMagick-6.8.9-8.orig/magick/property.c 2016-06-29 13:36:33.319647400 +0200 +++ ImageMagick-6.8.9-8/magick/property.c 2016-06-29 13:37:02.392167443 +0200 @@ -1299,6 +1299,8 @@ static MagickBooleanType GetEXIFProperty components; q=(unsigned char *) (directory+(12*entry)+2); + if (q > (exif+length-12)) + break; /* corrupt EXIF */ if (GetValueFromSplayTree(exif_resources,q) == q) break; (void) AddValueToSplayTree(exif_resources,q,q); @@ -1307,6 +1309,8 @@ static MagickBooleanType GetEXIFProperty if (format >= (sizeof(tag_bytes)/sizeof(*tag_bytes))) break; components=(ssize_t) ((int) ReadPropertyLong(endian,q+4)); + if (components < 0) + break; /* corrupt EXIF */ number_bytes=(size_t) components*tag_bytes[format]; if (number_bytes < components) break; /* prevent overflow */
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
