File ImageMagick-CVE-2015-8901.patch of Package ImageMagick
8f261c94f7f7075c3cf90724802958 Mon Sep 17 00:00:00 2001
From: cristy <urban-warrior@git.imagemagick.org>
Date: Sun, 25 Jan 2015 17:32:32 +0000
Subject: [PATCH]
---
coders/miff.c | 22 ++++++++++++++++++++--
coders/pdb.c | 10 +++++++++-
coders/vicar.c | 2 ++
3 files changed, 31 insertions(+), 3 deletions(-)
Index: ImageMagick-6.8.9-8/coders/miff.c
===================================================================
--- ImageMagick-6.8.9-8.orig/coders/miff.c 2014-05-18 19:21:02.000000000 +0200
+++ ImageMagick-6.8.9-8/coders/miff.c 2016-06-07 14:39:50.598436174 +0200
@@ -1405,6 +1405,9 @@ static Image *ReadMIFFImage(const ImageI
bzip_info.avail_out=(unsigned int) (packet_size*image->columns);
do
{
+ int
+ code;
+
if (bzip_info.avail_in == 0)
{
bzip_info.next_in=(char *) compress_pixels;
@@ -1414,7 +1417,13 @@ static Image *ReadMIFFImage(const ImageI
bzip_info.avail_in=(unsigned int) ReadBlob(image,length,
(unsigned char *) bzip_info.next_in);
}
- if (BZ2_bzDecompress(&bzip_info) == BZ_STREAM_END)
+ code=BZ2_bzDecompress(&bzip_info);
+ if (code < 0)
+ {
+ status=MagickFalse;
+ break;
+ }
+ if (code == BZ_STREAM_END)
break;
} while (bzip_info.avail_out != 0);
(void) ImportQuantumPixels(image,(CacheView *) NULL,quantum_info,
@@ -1461,6 +1470,9 @@ static Image *ReadMIFFImage(const ImageI
zip_info.avail_out=(uInt) (packet_size*image->columns);
do
{
+ int
+ code;
+
if (zip_info.avail_in == 0)
{
zip_info.next_in=compress_pixels;
@@ -1470,7 +1482,13 @@ static Image *ReadMIFFImage(const ImageI
zip_info.avail_in=(unsigned int) ReadBlob(image,length,
zip_info.next_in);
}
- if (inflate(&zip_info,Z_SYNC_FLUSH) == Z_STREAM_END)
+ code=inflate(&zip_info,Z_SYNC_FLUSH);
+ if (code < 0)
+ {
+ status=MagickFalse;
+ break;
+ }
+ if (code == Z_STREAM_END)
break;
} while (zip_info.avail_out != 0);
(void) ImportQuantumPixels(image,(CacheView *) NULL,quantum_info,