Overview

File ImageMagick-CVE-2017-14682.patch of Package ImageMagick.9182

Index: ImageMagick-6.8.8-1/magick/token.c
===================================================================
--- ImageMagick-6.8.8-1.orig/magick/token.c	2013-12-01 15:47:50.000000000 +0100
+++ ImageMagick-6.8.8-1/magick/token.c	2017-11-30 19:02:50.624487184 +0100
@@ -269,7 +269,7 @@ MagickExport void GetMagickToken(const c
     break;
   }
   token[i]='\0';
-  if (LocaleNCompare(token,"url(",4) == 0)
+  if ((LocaleNCompare(token,"url(",4) == 0) && (strlen(token) > 4))
     {
       ssize_t
         offset;
openSUSE Build Service is sponsored by
Places