Overview

File ImageMagick-CVE-2017-11527.patch of Package ImageMagick.12053

Index: ImageMagick-6.8.8-1/coders/dpx.c
===================================================================
--- ImageMagick-6.8.8-1.orig/coders/dpx.c	2017-12-04 16:01:06.799453150 +0100
+++ ImageMagick-6.8.8-1/coders/dpx.c	2017-12-04 16:01:06.803453217 +0100
@@ -1105,6 +1105,8 @@ static Image *ReadDPXImage(const ImageIn
           StringInfo
             *profile;
 
+           if (dpx.file.user_size > GetBlobSize(image))
+             ThrowReaderException(CorruptImageError,"ImproperImageHeader");
            profile=BlobToStringInfo((const void *) NULL,
              dpx.file.user_size-sizeof(dpx.user.id));
            if (profile == (StringInfo *) NULL)
openSUSE Build Service is sponsored by
Places