File ImageMagick-CVE-2017-12693.patch of Package ImageMagick
--- a/coders/bmp.c
+++ b/coders/bmp.c
@@ -952,6 +952,8 @@ static Image *ReadBMPImage(const ImageInfo *image_info,ExceptionInfo *exception)
bmp_info.bits_per_pixel<<=1;
bytes_per_line=4*((image->columns*bmp_info.bits_per_pixel+31)/32);
length=(size_t) bytes_per_line*image->rows;
+ if (length > GetBlobSize(image))
+ ThrowReaderException(CorruptImageError,"InsufficientImageDataInFile");
pixel_info=AcquireVirtualMemory((size_t) image->rows,
MagickMax(bytes_per_line,image->columns+256UL)*sizeof(*pixels));
if (pixel_info == (MemoryInfo *) NULL)