File ImageMagick-CVE-2014-8716.patch of Package ImageMagick.4412
Index: magick/property.c
===================================================================
--- magick/property.c.orig 2014-09-20 20:03:42.000000000 +0200
+++ magick/property.c 2014-11-13 12:53:26.515985542 +0100
@@ -1321,6 +1321,8 @@
The directory entry contains an offset.
*/
offset=(ssize_t) ((int) ReadPropertyLong(endian,q+8));
+ if ((offset < 0) || (size_t) offset >= length)
+ continue;
if ((ssize_t) (offset+number_bytes) < offset)
continue; /* prevent overflow */
if ((size_t) (offset+number_bytes) > length)