Overview

File ImageMagick-CVE-2017-14174.patch of Package ImageMagick.9293

:
Index: ImageMagick-6.8.8-1/coders/psd.c
===================================================================
--- ImageMagick-6.8.8-1.orig/coders/psd.c	2017-12-13 10:20:35.327713311 +0100
+++ ImageMagick-6.8.8-1/coders/psd.c	2017-12-13 10:21:12.660404510 +0100
@@ -1382,18 +1382,12 @@ static MagickStatusType ReadPSDLayers(Im
                   (void) LogMagickEvent(CoderEvent,GetMagickModule(),
                     "      layer blending ranges: length=%.20g",(double)
                     ((MagickOffsetType) length));
-                /*
-                  We read it, but don't use it...
-                */
-                for (j=0; j < (ssize_t) (length); j+=8)
-                {
-                  size_t blend_source=ReadBlobMSBLong(image);
-                  size_t blend_dest=ReadBlobMSBLong(image);
-                  if (image->debug != MagickFalse)
-                    (void) LogMagickEvent(CoderEvent,GetMagickModule(),
-                      "        source(%x), dest(%x)",(unsigned int)
-                      blend_source,(unsigned int) blend_dest);
-                }
+                if (DiscardBlobBytes(image,length) == MagickFalse)
+                  {
+                    layer_info=DestroyLayerInfo(layer_info,number_layers);
+                    ThrowBinaryException(CorruptImageError,
+                      "UnexpectedEndOfFile",image->filename);
+                  }
               }
             /*
               Layer name.
openSUSE Build Service is sponsored by
Places