Overview

File ImageMagick-CVE-2020-27774,27766,27776.patch of Package ImageMagick

Index: ImageMagick-6.8.8-1/magick/statistic.c
===================================================================
--- ImageMagick-6.8.8-1.orig/magick/statistic.c	2020-12-04 10:05:55.549697174 +0100
+++ ImageMagick-6.8.8-1/magick/statistic.c	2020-12-04 10:05:55.825698932 +0100
@@ -245,6 +245,9 @@ static MagickRealType ApplyEvaluateOpera
   MagickRealType
     result;
 
+  register ssize_t
+    i;
+
   result=0.0;
   switch (op)
   {
@@ -314,7 +317,9 @@ static MagickRealType ApplyEvaluateOpera
     }
     case LeftShiftEvaluateOperator:
     {
-      result=(MagickRealType) ((size_t) pixel << (size_t) (value+0.5));
+      result=(double) pixel;
+      for (i=0; i < (ssize_t) value; i++)
+        result*=2.0;
       break;
     }
     case LogEvaluateOperator:
@@ -374,7 +379,9 @@ static MagickRealType ApplyEvaluateOpera
     }
     case RightShiftEvaluateOperator:
     {
-      result=(MagickRealType) ((size_t) pixel >> (size_t) (value+0.5));
+      result=(MagickRealType) pixel;
+      for (i=0; i < (ssize_t) value; i++)
+        result/=2.0;
       break;
     }
     case SetEvaluateOperator:
openSUSE Build Service is sponsored by
Places