File ImageMagick-CVE-2016-7537.patch of Package ImageMagick
Index: ImageMagick-6.8.9-8/coders/pdb.c
===================================================================
--- ImageMagick-6.8.9-8.orig/coders/pdb.c 2016-10-10 10:22:35.650510649 +0200
+++ ImageMagick-6.8.9-8/coders/pdb.c 2016-10-10 10:23:10.747056455 +0200
@@ -411,7 +411,7 @@ static Image *ReadPDBImage(const ImageIn
return(GetFirstImageInList(image));
}
packets=(bits_per_pixel*image->columns+7)/8;
- pixels=(unsigned char *) AcquireQuantumMemory(packets+256UL,image->rows*
+ pixels=(unsigned char *) AcquireQuantumMemory(packets+257UL,image->rows*
sizeof(*pixels));
if (pixels == (unsigned char *) NULL)
ThrowReaderException(ResourceLimitError,"MemoryAllocationFailed");
@@ -814,7 +814,7 @@ static MagickBooleanType WritePDBImage(c
sizeof(*runlength));
if (runlength == (unsigned char *) NULL)
ThrowWriterException(ResourceLimitError,"MemoryAllocationFailed");
- buffer=(unsigned char *) AcquireQuantumMemory(256UL,sizeof(*buffer));
+ buffer=(unsigned char *) AcquireQuantumMemory(257UL,sizeof(*buffer));
if (buffer == (unsigned char *) NULL)
ThrowWriterException(ResourceLimitError,"MemoryAllocationFailed");
packet_size=(size_t) (image->depth > 8 ? 2: 1);