Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Leap:42.3:Staging:A
ImageMagick
ImageMagick-CVE-2016-6491.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File ImageMagick-CVE-2016-6491.patch of Package ImageMagick
From dd84447b63a71fa8c3f47071b09454efc667767b Mon Sep 17 00:00:00 2001 From: Cristy <urban-warrior@imagemagick.org> Date: Sun, 24 Jul 2016 20:07:03 -0400 Subject: [PATCH] Prevent buffer overflow (bug report from Ibrahim el-sayed) --- MagickCore/property.c | 5 +++++ 1 file changed, 5 insertions(+) Index: ImageMagick-6.8.9-8/magick/property.c =================================================================== --- ImageMagick-6.8.9-8.orig/magick/property.c 2016-08-04 19:51:48.290212762 +0200 +++ ImageMagick-6.8.9-8/magick/property.c 2016-08-04 19:55:25.737883477 +0200 @@ -630,6 +630,11 @@ static MagickBooleanType Get8BIMProperty if ((count & 0x01) == 0) (void) ReadPropertyByte(&info,&length); count=(ssize_t) ((int) ReadPropertyMSBLong(&info,&length)); + if ((count < 0) || ((size_t) count > length)) + { + length=0; + continue; + } if ((*name != '\0') && (*name != '#')) if ((resource == (char *) NULL) || (LocaleCompare(name,resource) != 0)) {
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor