Overview

File ImageMagick-CVE-2017-5508.patch of Package ImageMagick.9293

Index: ImageMagick-6.8.8-1/coders/tiff.c
===================================================================
--- ImageMagick-6.8.8-1.orig/coders/tiff.c	2017-01-19 21:46:12.406713893 +0100
+++ ImageMagick-6.8.8-1/coders/tiff.c	2017-01-19 21:49:16.793704205 +0100
@@ -1314,7 +1314,9 @@ RestoreMSCWarning
       method=ReadTileMethod;
     quantum_info->endian=LSBEndian;
     quantum_type=RGBQuantum;
-    pixels=(unsigned char *) AcquireMagickMemory(TIFFScanlineSize(tiff)+sizeof(uint32));
+    pixels=(unsigned char *) AcquireMagickMemory(MagickMax(
+      TIFFScanlineSize(tiff),(size_t) (image->columns*samples_per_pixel*
+      pow(2.0,ceil(log(bits_per_sample)/log(2.0))))));
     if (pixels == (unsigned char *) NULL)
     {
       TIFFClose(tiff);
openSUSE Build Service is sponsored by
Places