Overview

File ImageMagick-CVE-2020-25664.patch of Package ImageMagick.30956

Index: ImageMagick-6.8.8-1/coders/png.c
===================================================================
--- ImageMagick-6.8.8-1.orig/coders/png.c	2020-12-08 14:39:53.538073552 +0100
+++ ImageMagick-6.8.8-1/coders/png.c	2020-12-08 14:41:59.298913125 +0100
@@ -11041,11 +11041,11 @@ static MagickBooleanType WriteOnePNGImag
       (void) LogMagickEvent(CoderEvent,GetMagickModule(),
         "    Allocating %.20g bytes of memory for pixels",(double) rowbytes);
     }
-  pixel_info=AcquireVirtualMemory(rowbytes,sizeof(*ping_pixels));
+  pixel_info=AcquireVirtualMemory(rowbytes+256,sizeof(*ping_pixels));
   if (pixel_info == (MemoryInfo *) NULL)
     png_error(ping,"Allocation of memory for pixels failed");
   ping_pixels=(unsigned char *) GetVirtualMemoryBlob(pixel_info);
-
+  (void) memset(ping_pixels,0,(rowbytes+256)*sizeof(*ping_pixels));
   /*
     Initialize image scanlines.
   */
openSUSE Build Service is sponsored by
Places