File ImageMagick-CVE-2016-8677.patch of Package ImageMagick.3923

Overview Repositories Revisions Requests Users Attributes Meta

File ImageMagick-CVE-2016-8677.patch of Package ImageMagick.3923

From 524349d2b3fed7fa0e53de2c908458474eb24418 Mon Sep 17 00:00:00 2001
From: Cristy <urban-warrior@imagemagick.org>
Date: Thu, 15 Sep 2016 20:26:36 -0400
Subject: [PATCH] https://github.com/ImageMagick/ImageMagick/issues/268

---
 coders/tiff.c | 131 +++++++++++++++++++++++++++++-----------------------------
 1 file changed, 65 insertions(+), 66 deletions(-)

Index: ImageMagick-6.8.8-1/coders/tiff.c
===================================================================
--- ImageMagick-6.8.8-1.orig/coders/tiff.c	2016-10-20 09:57:55.078518714 +0200
+++ ImageMagick-6.8.8-1/coders/tiff.c	2016-10-20 10:03:49.107802177 +0200
@@ -1180,66 +1180,7 @@ RestoreMSCWarning
       case COMPRESSION_ADOBE_DEFLATE: image->compression=ZipCompression; break;
       default: image->compression=RLECompression; break;
     }
-    /*
-      Allocate memory for the image and pixel buffer.
-    */
-    quantum_info=AcquireQuantumInfo(image_info,image);
-    if (quantum_info == (QuantumInfo *) NULL)
-      {
-        TIFFClose(tiff);
-        ThrowReaderException(ResourceLimitError,"MemoryAllocationFailed");
-      }
-    if (sample_format == SAMPLEFORMAT_UINT)
-      status=SetQuantumFormat(image,quantum_info,UnsignedQuantumFormat);
-    if (sample_format == SAMPLEFORMAT_INT)
-      status=SetQuantumFormat(image,quantum_info,SignedQuantumFormat);
-    if (sample_format == SAMPLEFORMAT_IEEEFP)
-      status=SetQuantumFormat(image,quantum_info,FloatingPointQuantumFormat);
-    if (status == MagickFalse)
-      {
-        TIFFClose(tiff);
-        quantum_info=DestroyQuantumInfo(quantum_info);
-        ThrowReaderException(ResourceLimitError,"MemoryAllocationFailed");
-      }
-    status=MagickTrue;
-    switch (photometric)
-    {
-      case PHOTOMETRIC_MINISBLACK:
-      {
-        quantum_info->min_is_white=MagickFalse;
-        break;
-      }
-      case PHOTOMETRIC_MINISWHITE:
-      {
-        quantum_info->min_is_white=MagickTrue;
-        break;
-      }
-      default:
-        break;
-    }
-    associated_alpha=MagickFalse;
-    extra_samples=0;
-    (void) TIFFGetFieldDefaulted(tiff,TIFFTAG_EXTRASAMPLES,&extra_samples,
-      &sample_info);
-    if (extra_samples == 0)
-      {
-        if ((samples_per_pixel == 4) && (photometric == PHOTOMETRIC_RGB))
-          image->matte=MagickTrue;
-      }
-    else
-      for (i=0; i < extra_samples; i++)
-      {
-        image->matte=MagickTrue;
-        if (sample_info[i] == EXTRASAMPLE_ASSOCALPHA)
-          SetQuantumAlphaType(quantum_info,DisassociatedQuantumAlpha);
-      }
-    option=GetImageOption(image_info,"tiff:alpha");
-    if (option != (const char *) NULL)
-      associated_alpha=LocaleCompare(option,"associated") == 0 ? MagickTrue :
-        MagickFalse;
-    if (image->matte != MagickFalse)
-      (void) SetImageProperty(image,"tiff:alpha",
-        associated_alpha != MagickFalse ? "associated" : "unassociated");
+    quantum_info=(QuantumInfo *) NULL;
     if ((photometric == PHOTOMETRIC_PALETTE) &&
         (pow(2.0,1.0*bits_per_sample) <= MaxColormapSize))
       {
@@ -1267,6 +1208,66 @@ RestoreMSCWarning
             break;
         goto next_tiff_frame;
       }
+     /*
+       Allocate memory for the image and pixel buffer.
+     */
+     quantum_info=AcquireQuantumInfo(image_info,image);
+     if (quantum_info == (QuantumInfo *) NULL)
+       {
+         TIFFClose(tiff);
+         ThrowReaderException(ResourceLimitError,"MemoryAllocationFailed");
+       }
+     if (sample_format == SAMPLEFORMAT_UINT)
+       status=SetQuantumFormat(image,quantum_info,UnsignedQuantumFormat);
+     if (sample_format == SAMPLEFORMAT_INT)
+       status=SetQuantumFormat(image,quantum_info,SignedQuantumFormat);
+     if (sample_format == SAMPLEFORMAT_IEEEFP)
+       status=SetQuantumFormat(image,quantum_info,FloatingPointQuantumFormat);
+     if (status == MagickFalse)
+       {
+         TIFFClose(tiff);
+         quantum_info=DestroyQuantumInfo(quantum_info);
+         ThrowReaderException(ResourceLimitError,"MemoryAllocationFailed");
+       }
+     status=MagickTrue;
+     switch (photometric)
+     {
+       case PHOTOMETRIC_MINISBLACK:
+       {
+         quantum_info->min_is_white=MagickFalse;
+         break;
+       }
+       case PHOTOMETRIC_MINISWHITE:
+       {
+         quantum_info->min_is_white=MagickTrue;
+         break;
+       }
+       default:
+         break;
+     }
+     associated_alpha=MagickFalse;
+     extra_samples=0;
+     (void) TIFFGetFieldDefaulted(tiff,TIFFTAG_EXTRASAMPLES,&extra_samples,
+       &sample_info);
+     if (extra_samples == 0)
+       {
+         if ((samples_per_pixel == 4) && (photometric == PHOTOMETRIC_RGB))
+           image->matte=MagickTrue;
+       }
+     else
+       for (i=0; i < extra_samples; i++)
+       {
+         image->matte=MagickTrue;
+         if (sample_info[i] == EXTRASAMPLE_ASSOCALPHA)
+           SetQuantumAlphaType(quantum_info,DisassociatedQuantumAlpha);
+       }
+     option=GetImageOption(image_info,"tiff:alpha");
+     if (option != (const char *) NULL)
+       associated_alpha=LocaleCompare(option,"associated") == 0 ? MagickTrue :
+         MagickFalse;
+     if (image->matte != MagickFalse)
+       (void) SetImageProperty(image,"tiff:alpha",
+         associated_alpha != MagickFalse ? "associated" : "unassociated");
     method=ReadGenericMethod;
     if (TIFFGetField(tiff,TIFFTAG_ROWSPERSTRIP,&rows_per_strip) != 0)
       {
@@ -1763,7 +1764,8 @@ RestoreMSCWarning
     }
     SetQuantumImageType(image,quantum_type);
   next_tiff_frame:
-    quantum_info=DestroyQuantumInfo(quantum_info);
+    if (quantum_info != (QuantumInfo *) NULL)
+      quantum_info=DestroyQuantumInfo(quantum_info);
     if (photometric == PHOTOMETRIC_CIELAB)
       DecodeLabImage(image,exception);
     if ((photometric == PHOTOMETRIC_LOGL) ||

Places

File ImageMagick-CVE-2016-8677.patch of Package ImageMagick.3923

Places