Overview

File ImageMagick-CVE-2018-12600.patch of Package ImageMagick.11106

Index: ImageMagick-6.8.8-1/coders/dib.c
===================================================================
--- ImageMagick-6.8.8-1.orig/coders/dib.c
+++ ImageMagick-6.8.8-1/coders/dib.c
@@ -653,8 +653,8 @@ static Image *ReadDIBImage(const ImageIn
     dib_info.bits_per_pixel<<=1;
   bytes_per_line=4*((image->columns*dib_info.bits_per_pixel+31)/32);
   length=bytes_per_line*image->rows;
-  pixel_info=AcquireVirtualMemory((size_t) image->rows,MagickMax(
-    bytes_per_line,image->columns+256UL)*sizeof(*pixels));
+  pixel_info=AcquireVirtualMemory(image->rows,MagickMax(bytes_per_line,
+    image->columns+256UL)*sizeof(*pixels));
   if (pixel_info == (MemoryInfo *) NULL)
     ThrowReaderException(ResourceLimitError,"MemoryAllocationFailed");
   pixels=(unsigned char *) GetVirtualMemoryBlob(pixel_info);
@@ -1105,8 +1105,8 @@ static MagickBooleanType WriteDIBImage(c
   /*
     Convert MIFF to DIB raster pixels.
   */
-  pixels=(unsigned char *) AcquireQuantumMemory(dib_info.image_size,
-    sizeof(*pixels));
+  pixels=(unsigned char *) AcquireQuantumMemory(image->rows,MagickMax(
+    bytes_per_line,image->columns+256UL)*sizeof(*pixels));
   if (pixels == (unsigned char *) NULL)
     ThrowWriterException(ResourceLimitError,"MemoryAllocationFailed");
   (void) ResetMagickMemory(pixels,0,dib_info.image_size);
openSUSE Build Service is sponsored by
Places