File ImageMagick-CVE-2017-14138.patch of Package ImageMagick.8768

Overview Repositories Revisions Requests Users Attributes Meta

File ImageMagick-CVE-2017-14138.patch of Package ImageMagick.8768

From cfc2bd4c87481d4cf60308cc6ffd3c61288ff004 Mon Sep 17 00:00:00 2001
From: Cristy <urban-warrior@imagemagick.org>
Date: Wed, 2 Aug 2017 06:59:32 -0400
Subject: [PATCH] https://github.com/ImageMagick/ImageMagick/issues/641

---
 coders/webp.c | 112 ++++++++++++++++++++++++++++------------------------------
 1 file changed, 55 insertions(+), 57 deletions(-)

Index: ImageMagick-6.8.8-1/coders/webp.c
===================================================================
--- ImageMagick-6.8.8-1.orig/coders/webp.c	2017-11-07 09:46:53.467022973 +0100
+++ ImageMagick-6.8.8-1/coders/webp.c	2017-11-07 11:23:52.538900455 +0100
@@ -203,6 +203,15 @@ static MagickBooleanType IsWEBPImageLoss
 static Image *ReadWEBPImage(const ImageInfo *image_info,
   ExceptionInfo *exception)
 {
+#define ThrowWEBPException(severity,tag) \
+{ \
+  if (stream != (unsigned char *) NULL) \
+    stream=(unsigned char*) RelinquishMagickMemory(stream); \
+  if (webp_image != (WebPDecBuffer *) NULL) \
+    WebPFreeDecBuffer(webp_image); \
+  ThrowReaderException(severity,tag); \
+}
+
   Image
     *image;
 
@@ -251,16 +260,17 @@ static Image *ReadWEBPImage(const ImageI
       image=DestroyImageList(image);
       return((Image *) NULL);
     }
+  stream=(unsigned char *) NULL;
   if (WebPInitDecoderConfig(&configure) == 0)
-    ThrowReaderException(ResourceLimitError,"UnableToDecodeImageFile");
+    ThrowWEBPException(ResourceLimitError,"UnableToDecodeImageFile");
   webp_image->colorspace=MODE_RGBA;
   length=(size_t) GetBlobSize(image);
   stream=(unsigned char *) AcquireQuantumMemory(length,sizeof(*stream));
   if (stream == (unsigned char *) NULL)
-    ThrowReaderException(ResourceLimitError,"MemoryAllocationFailed");
+    ThrowWEBPException(ResourceLimitError,"MemoryAllocationFailed");
   count=ReadBlob(image,length,stream);
   if (count != (ssize_t) length)
-    ThrowReaderException(CorruptImageError,"InsufficientImageDataInFile");
+    ThrowWEBPException(CorruptImageError,"InsufficientImageDataInFile");
   webp_status=WebPGetFeatures(stream,length,features);
   if (webp_status == VP8_STATUS_OK)
     {
@@ -285,26 +295,26 @@ static Image *ReadWEBPImage(const ImageI
       {
         case VP8_STATUS_OUT_OF_MEMORY:
         {
-          ThrowReaderException(ResourceLimitError,"MemoryAllocationFailed");
+          ThrowWEBPException(ResourceLimitError,"MemoryAllocationFailed");
           break;
         }
         case VP8_STATUS_BITSTREAM_ERROR:
         {
-          ThrowReaderException(CorruptImageError,"CorruptImage");
+          ThrowWEBPException(CorruptImageError,"CorruptImage");
           break;
         }
         case VP8_STATUS_UNSUPPORTED_FEATURE:
         {
-          ThrowReaderException(CoderError,"DataEncodingSchemeIsNotSupported");
+          ThrowWEBPException(CoderError,"DataEncodingSchemeIsNotSupported");
           break;
         }
         case VP8_STATUS_NOT_ENOUGH_DATA:
         {
-          ThrowReaderException(CorruptImageError,"InsufficientImageDataInFile");
+          ThrowWEBPException(CorruptImageError,"InsufficientImageDataInFile");
           break;
         }
         default:
-          ThrowReaderException(CorruptImageError,"CorruptImage");
+          ThrowWEBPException(CorruptImageError,"CorruptImage");
       }
     }
   p=webp_image->u.RGBA.rgba;

Places

File ImageMagick-CVE-2017-14138.patch of Package ImageMagick.8768

Places