Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP1:GA
ImageMagick.29154
ImageMagick-CVE-2017-17504.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File ImageMagick-CVE-2017-17504.patch of Package ImageMagick.29154
--- a/coders/png.c +++ b/coders/png.c @@ -1707,6 +1707,7 @@ Magick_png_read_raw_profile(png_struct *ping,Image *image, sp; png_uint_32 + extent, length, nibbles; @@ -1722,22 +1723,35 @@ Magick_png_read_raw_profile(png_struct *ping,Image *image, 13,14,15}; sp=text[ii].text+1; + extent=text[ii].text_length; /* look for newline */ - while (*sp != '\n') - sp++; + while ((*sp != '\n') && extent--) + sp++; /* look for length */ - while (*sp == '\0' || *sp == ' ' || *sp == '\n') + while (((*sp == '\0' || *sp == ' ' || *sp == '\n')) && extent--) sp++; + if (extent == 0) + { + png_warning(ping,"invalid profile length"); + return(MagickFalse); + } + length=(png_uint_32) StringToLong(sp); (void) LogMagickEvent(CoderEvent,GetMagickModule(), " length: %lu",(unsigned long) length); - while (*sp != ' ' && *sp != '\n') + while ((*sp != ' ' && *sp != '\n') && extent--) sp++; + if (extent == 0) + { + png_warning(ping,"invalid profile length"); + return(MagickFalse); + } + /* allocate space */ if (length == 0) {
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
