Overview

File ImageMagick-CVE-2016-7799.patch of Package ImageMagick.30956

Index: ImageMagick-6.8.9-8/magick/profile.c
===================================================================
--- ImageMagick-6.8.9-8.orig/magick/profile.c	2016-10-11 14:55:16.015280438 +0200
+++ ImageMagick-6.8.9-8/magick/profile.c	2016-10-11 14:55:16.055281063 +0200
@@ -2074,7 +2074,7 @@ static MagickBooleanType SyncExifProfile
       (void) AddValueToSplayTree(exif_resources,q,q);
       tag_value=(ssize_t) ReadProfileShort(endian,q);
       format=(ssize_t) ReadProfileShort(endian,q+2);
-      if ((format-1) >= EXIF_NUM_FORMATS)
+      if ((format < 0) || ((format-1) >= EXIF_NUM_FORMATS))
         break;
       components=(ssize_t) ((int) ReadProfileLong(endian,q+4));
       if (components < 0)
openSUSE Build Service is sponsored by
Places