Overview

File ImageMagick-CVE-2017-12692.patch of Package ImageMagick.12053

--- a/coders/viff.c
+++ b/coders/viff.c
@@ -515,6 +515,8 @@ static Image *ReadVIFFImage(const ImageInfo *image_info,
           ThrowReaderException(ResourceLimitError,"MemoryAllocationFailed");
         max_packets=(size_t) (number_pixels*viff_info.number_data_bands);
       }
+    if ((bytes_per_pixel*max_packets) > GetBlobSize(image))
+      ThrowReaderException(CorruptImageError,"ImproperImageHeader");
     pixels=(unsigned char *) AcquireQuantumMemory(MagickMax(number_pixels,
       max_packets),bytes_per_pixel*sizeof(*pixels));
     if (pixels == (unsigned char *) NULL)
@@ -804,12 +806,14 @@ ModuleExport size_t RegisterVIFFImage(void)
   entry->decoder=(DecodeImageHandler *) ReadVIFFImage;
   entry->encoder=(EncodeImageHandler *) WriteVIFFImage;
   entry->magick=(IsImageFormatHandler *) IsVIFF;
+  entry->seekable_stream=MagickTrue;
   entry->description=ConstantString("Khoros Visualization image");
   entry->module=ConstantString("VIFF");
   (void) RegisterMagickInfo(entry);
   entry=SetMagickInfo("XV");
   entry->decoder=(DecodeImageHandler *) ReadVIFFImage;
   entry->encoder=(EncodeImageHandler *) WriteVIFFImage;
+  entry->seekable_stream=MagickTrue;
   entry->description=ConstantString("Khoros Visualization image");
   entry->module=ConstantString("VIFF");
   (void) RegisterMagickInfo(entry);
openSUSE Build Service is sponsored by
Places