File ImageMagick-CVE-2017-11533.patch of Package ImageMagick.6676

Overview Repositories Revisions Requests Users Attributes Meta

File ImageMagick-CVE-2017-11533.patch of Package ImageMagick.6676

Index: ImageMagick-6.8.8-1/coders/uil.c
===================================================================
--- ImageMagick-6.8.8-1.orig/coders/uil.c	2013-12-01 15:47:50.000000000 +0100
+++ ImageMagick-6.8.8-1/coders/uil.c	2018-02-21 10:42:47.466282770 +0100
@@ -215,8 +215,7 @@ static MagickBooleanType WriteUILImage(c
   status=OpenBlob(image_info,image,WriteBinaryBlobMode,&image->exception);
   if (status == MagickFalse)
     return(status);
-  if (IssRGBCompatibleColorspace(image->colorspace) == MagickFalse)
-    (void) TransformImageColorspace(image,sRGBColorspace);
+  (void) TransformImageColorspace(image,sRGBColorspace);
   exception=(&image->exception);
   transparent=MagickFalse;
   i=0;
@@ -270,6 +269,7 @@ static MagickBooleanType WriteUILImage(c
           register PixelPacket
             *q;
 
+          i=0;
           colors++;
           for (y=0; y < (ssize_t) image->rows; y++)
           {
@@ -281,7 +281,7 @@ static MagickBooleanType WriteUILImage(c
             {
               if (matte_image[i] != 0)
                 SetPixelIndex(indexes+x,image->colors);
-              p++;
+              i++;
             }
           }
         }
@@ -335,7 +335,7 @@ static MagickBooleanType WriteUILImage(c
     else
       (void) FormatLocaleString(buffer,MaxTextExtent,
         "    color('%s',%s) = '%s'",name,
-        GetPixelLuma(image,image->colormap+i) < (QuantumRange/2) ?
+        GetPixelLuma(image,image->colormap+i) < (QuantumRange/2.0) ?
         "background" : "foreground",symbol);
     (void) WriteBlobString(image,buffer);
     (void) FormatLocaleString(buffer,MaxTextExtent,"%s",
Index: ImageMagick-6.8.8-1/magick/colormap.c
===================================================================
--- ImageMagick-6.8.8-1.orig/magick/colormap.c	2018-02-21 11:33:12.704397208 +0100
+++ ImageMagick-6.8.8-1/magick/colormap.c	2018-02-21 11:34:39.937885446 +0100
@@ -123,9 +123,6 @@ MagickExport MagickBooleanType AcquireIm
   register ssize_t
     i;
 
-  size_t
-    length;
-
   /*
     Allocate image colormap.
   */
@@ -133,17 +130,20 @@ MagickExport MagickBooleanType AcquireIm
   assert(image->signature == MagickSignature);
   if (image->debug != MagickFalse)
     (void) LogMagickEvent(TraceEvent,GetMagickModule(),"%s",image->filename);
-  image->colors=colors;
-  length=(size_t) colors;
+  image->colors=MagickMax(colors,1);
   if (image->colormap == (PixelPacket *) NULL)
-    image->colormap=(PixelPacket *) AcquireQuantumMemory(length,
+    image->colormap=(PixelPacket *) AcquireQuantumMemory(image->colors+1,
       sizeof(*image->colormap));
   else
-    image->colormap=(PixelPacket *) ResizeQuantumMemory(image->colormap,length,
-      sizeof(*image->colormap));
+    image->colormap=(PixelPacket *) ResizeQuantumMemory(image->colormap,
+      image->colors+1,sizeof(*image->colormap));
   if (image->colormap == (PixelPacket *) NULL)
-    ThrowBinaryException(ResourceLimitError,"MemoryAllocationFailed",
-      image->filename);
+    {
+      image->colors=0;
+      image->storage_class=DirectClass;
+      ThrowBinaryException(ResourceLimitError,"MemoryAllocationFailed",
+        image->filename);
+    }
   for (i=0; i < (ssize_t) image->colors; i++)
   {
     size_t

Places

File ImageMagick-CVE-2017-11533.patch of Package ImageMagick.6676

Places