Overview

File ImageMagick-CVE-2017-12563.patch of Package ImageMagick.15344

Index: ImageMagick-6.8.8-1/coders/psd.c
===================================================================
--- ImageMagick-6.8.8-1.orig/coders/psd.c	2017-12-12 16:46:00.507387355 +0100
+++ ImageMagick-6.8.8-1/coders/psd.c	2017-12-12 16:47:13.204704422 +0100
@@ -1758,6 +1758,8 @@ static Image *ReadPSDImage(const ImageIn
         (void) LogMagickEvent(CoderEvent,GetMagickModule(),
           "  reading image resource blocks - %.20g bytes",(double)
           ((MagickOffsetType) length));
+      if (length > GetBlobSize(image))
+        ThrowReaderException(CorruptImageError,"InsufficientImageDataInFile");
       blocks=(unsigned char *) AcquireQuantumMemory((size_t) length+16,
         sizeof(*blocks));
       if (blocks == (unsigned char *) NULL)
openSUSE Build Service is sponsored by
Places