File ImageMagick-CVE-2017-8352.patch of Package ImageMagick.11106

Overview Repositories Revisions Requests Users Attributes Meta

File ImageMagick-CVE-2017-8352.patch of Package ImageMagick.11106

Index: ImageMagick-6.8.8-1/coders/xwd.c
===================================================================
--- ImageMagick-6.8.8-1.orig/coders/xwd.c	2017-05-11 14:51:24.355864701 +0200
+++ ImageMagick-6.8.8-1/coders/xwd.c	2017-05-11 15:05:07.593648047 +0200
@@ -334,6 +334,7 @@ static Image *ReadXWDImage(const ImageIn
         count=ReadBlob(image,sz_XWDColor,(unsigned char *) &color);
         if (count == 0)
           {
+            colors=(XColor *) RelinquishMagickMemory(colors);
             ximage=(XImage *) RelinquishMagickMemory(ximage);
             ThrowReaderException(CorruptImageError,"UnexpectedEndOfFile");
           }
@@ -364,6 +365,8 @@ static Image *ReadXWDImage(const ImageIn
   length=(size_t) ximage->bytes_per_line*ximage->height;
   if (CheckOverflowException(length,ximage->bytes_per_line,ximage->height))
     {
+      if (header.ncolors != 0)
+        colors=(XColor *) RelinquishMagickMemory(colors);
       ximage=(XImage *) RelinquishMagickMemory(ximage);
       ThrowReaderException(CorruptImageError,"ImproperImageHeader");
     }
@@ -376,6 +379,8 @@ static Image *ReadXWDImage(const ImageIn
       length*=ximage->depth;
       if (CheckOverflowException(length,extent,ximage->depth))
         {
+          if (header.ncolors != 0)
+            colors=(XColor *) RelinquishMagickMemory(colors);
           ximage=(XImage *) RelinquishMagickMemory(ximage);
           ThrowReaderException(CorruptImageError,"ImproperImageHeader");
         }
@@ -383,12 +388,16 @@ static Image *ReadXWDImage(const ImageIn
   ximage->data=(char *) AcquireQuantumMemory(length,sizeof(*ximage->data));
   if (ximage->data == (char *) NULL)
     {
+      if (header.ncolors != 0)
+        colors=(XColor *) RelinquishMagickMemory(colors);
       ximage=(XImage *) RelinquishMagickMemory(ximage);
       ThrowReaderException(ResourceLimitError,"MemoryAllocationFailed");
      }
   count=ReadBlob(image,length,(unsigned char *) ximage->data);
   if (count == 0)
     {
+      if (header.ncolors != 0)
+        colors=(XColor *) RelinquishMagickMemory(colors);
       ximage->data=DestroyString(ximage->data);
       ximage=(XImage *) RelinquishMagickMemory(ximage);
       ThrowReaderException(CorruptImageError,"UnexpectedEndOfFile");
@@ -515,6 +524,8 @@ static Image *ReadXWDImage(const ImageIn
         */
         if (AcquireImageColormap(image,image->colors) == MagickFalse)
           {
+            if (header.ncolors != 0)
+              colors=(XColor *) RelinquishMagickMemory(colors);
             ximage->data=DestroyString(ximage->data);
             ximage=(XImage *) RelinquishMagickMemory(ximage);
             ThrowReaderException(ResourceLimitError,"MemoryAllocationFailed");

Places

File ImageMagick-CVE-2017-8352.patch of Package ImageMagick.11106

Places