Overview

File ImageMagick-CVE-2023-5341.patch of Package ImageMagick.30956

From aa673b2e4defc7cad5bec16c4fc8324f71e531f1 Mon Sep 17 00:00:00 2001
From: Cristy <urban-warrior@imagemagick.org>
Date: Sun, 24 Sep 2023 07:28:19 -0400
Subject: [PATCH] check for BMP file size, poc provided by Hardik Shah of
 Vehere (Dawn Treaders team)

---
 coders/bmp.c | 3 +++
 1 file changed, 3 insertions(+)

Index: ImageMagick-6.8.8-1/coders/bmp.c
===================================================================
--- ImageMagick-6.8.8-1.orig/coders/bmp.c
+++ ImageMagick-6.8.8-1/coders/bmp.c
@@ -606,6 +606,9 @@ static Image *ReadBMPImage(const ImageIn
         (LocaleNCompare((char *) magick,"CI",2) != 0)))
       ThrowReaderException(CorruptImageError,"ImproperImageHeader");
     bmp_info.file_size=ReadBlobLSBLong(image);
+    if ((bmp_info.file_size != 0) &&
+        ((MagickSizeType) bmp_info.file_size > GetBlobSize(image)))
+      ThrowReaderException(CorruptImageError,"ImproperImageHeader");
     (void) ReadBlobLSBLong(image);
 
     if (image->debug != MagickFalse)
openSUSE Build Service is sponsored by
Places