Overview

File ImageMagick-CVE-2016-7529.patch of Package ImageMagick.16891

From a2e1064f288a353bc5fef7f79ccb7683759e775c Mon Sep 17 00:00:00 2001
From: Cristy <urban-warrior@imagemagick.org>
Date: Sat, 30 Jan 2016 09:51:24 -0500
Subject: [PATCH] https://github.com/ImageMagick/ImageMagick/issues/104

---
 coders/xcf.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

Index: ImageMagick-6.8.8-1/coders/xcf.c
===================================================================
--- ImageMagick-6.8.8-1.orig/coders/xcf.c	2013-11-18 14:03:16.000000000 +0100
+++ ImageMagick-6.8.8-1/coders/xcf.c	2016-09-26 16:36:49.609238860 +0200
@@ -333,6 +333,13 @@ static char *ReadBlobStringWithLongSize(
   return(string);
 }
 
+static inline size_t MagickMax(const size_t x,const size_t y)
+{
+  if (x > y)
+    return(x);
+  return(y);
+}
+
 static MagickBooleanType load_tile(Image *image,Image *tile_image,
   XCFDocInfo *inDocInfo,XCFLayerInfo *inLayerInfo,size_t data_length)
 {
@@ -358,7 +365,8 @@ static MagickBooleanType load_tile(Image
     *xcfdata,
     *xcfodata;
 
-  xcfdata=(XCFPixelPacket *) AcquireQuantumMemory(data_length,sizeof(*xcfdata));
+  xcfdata=(XCFPixelPacket *) AcquireQuantumMemory(MagickMax(data_length,
+    tile_image->columns*tile_image->rows),sizeof(*xcfdata));
   if (xcfdata == (XCFPixelPacket *) NULL)
     ThrowBinaryException(ResourceLimitError,"MemoryAllocationFailed",
       image->filename);
openSUSE Build Service is sponsored by
Places