Overview

File ImageMagick-CVE-2017-11527.patch of Package ImageMagick.29977

Index: ImageMagick-6.8.8-1/coders/dpx.c
===================================================================
--- ImageMagick-6.8.8-1.orig/coders/dpx.c	2020-06-08 16:20:06.661009921 +0200
+++ ImageMagick-6.8.8-1/coders/dpx.c	2020-06-08 16:20:33.173153928 +0200
@@ -1105,6 +1105,8 @@ static Image *ReadDPXImage(const ImageIn
           StringInfo
             *profile;
 
+           if (dpx.file.user_size > GetBlobSize(image))
+             ThrowReaderException(CorruptImageError,"ImproperImageHeader");
            profile=BlobToStringInfo((const void *) NULL,
              dpx.file.user_size-sizeof(dpx.user.id));
            if (profile == (StringInfo *) NULL)
@@ -1324,6 +1326,7 @@ ModuleExport size_t RegisterDPXImage(voi
   entry->decoder=(DecodeImageHandler *) ReadDPXImage;
   entry->encoder=(EncodeImageHandler *) WriteDPXImage;
   entry->magick=(IsImageFormatHandler *) IsDPX;
+  entry->seekable_stream=MagickTrue;
   entry->adjoin=MagickFalse;
   entry->description=ConstantString("SMPTE 268M-2003 (DPX 2.0)");
   entry->note=ConstantString(DPXNote);
openSUSE Build Service is sponsored by
Places