Overview

File ImageMagick-CVE-2017-12640.patch of Package ImageMagick.29977

Index: ImageMagick-6.8.8-1/coders/png.c
===================================================================
--- ImageMagick-6.8.8-1.orig/coders/png.c	2018-01-12 14:02:23.044491753 +0100
+++ ImageMagick-6.8.8-1/coders/png.c	2018-01-12 14:02:23.060492019 +0100
@@ -5825,6 +5825,8 @@ static Image *ReadOneMNGImage(MngInfo* m
 
                 for (i=(int) first_object; i <= (int) last_object; i++)
                 {
+                  if ((i < 0) || (i >= MNG_MAX_OBJECTS))
+                    continue;
                   if (mng_info->exists[i] && !mng_info->frozen[i])
                     {
                       MngBox
@@ -5902,6 +5904,8 @@ static Image *ReadOneMNGImage(MngInfo* m
 
               for (i=(ssize_t) first_object; i <= (ssize_t) last_object; i++)
               {
+                if ((i < 0) || (i >= MNG_MAX_OBJECTS))
+                  continue;
                 if (mng_info->exists[i] && !mng_info->frozen[i] &&
                     (p-chunk) < (ssize_t) (length-8))
                   {
openSUSE Build Service is sponsored by
Places