Overview

File ImageMagick-CVE-2015-8895.patch of Package ImageMagick.16891

--- a/coders/icon.c
+++ b/coders/icon.c
@@ -354,6 +354,8 @@ static Image *ReadICONImage(const ImageInfo *image_info,
           Icon image encoded as a compressed PNG image.
         */
         length=icon_file.directory[i].size;
+        if (~length < 16)
+          ThrowReaderException(ResourceLimitError,"MemoryAllocationFailed");
         png=(unsigned char *) AcquireQuantumMemory(length+16,sizeof(*png));
         if (png == (unsigned char *) NULL)
           ThrowReaderException(ResourceLimitError,"MemoryAllocationFailed");
openSUSE Build Service is sponsored by
Places