File ImageMagick-CVE-2017-13139.patch of Package ImageMagick
Index: ImageMagick-6.8.8-1/coders/png.c
===================================================================
--- ImageMagick-6.8.8-1.orig/coders/png.c 2017-10-23 13:57:37.777361711 +0200
+++ ImageMagick-6.8.8-1/coders/png.c 2017-10-23 13:57:37.797362058 +0200
@@ -5701,6 +5701,8 @@ static Image *ReadOneMNGImage(MngInfo* m
for (i=(int) first_object; i <= (int) last_object; i++)
{
+ if ((i < 0) || (i >= MNG_MAX_OBJECTS))
+ continue;
if (mng_info->exists[i] && !mng_info->frozen[i])
{
MngBox
@@ -5772,6 +5774,8 @@ static Image *ReadOneMNGImage(MngInfo* m
last_object=(p[2] << 8) | p[3];
for (i=(ssize_t) first_object; i <= (ssize_t) last_object; i++)
{
+ if ((i < 0) || (i >= MNG_MAX_OBJECTS))
+ continue;
if (mng_info->exists[i] && !mng_info->frozen[i])
{
MngPair