Overview

File ImageMagick-CVE-2016-6491.patch of Package ImageMagick.9293

From dd84447b63a71fa8c3f47071b09454efc667767b Mon Sep 17 00:00:00 2001
From: Cristy <urban-warrior@imagemagick.org>
Date: Sun, 24 Jul 2016 20:07:03 -0400
Subject: [PATCH] Prevent buffer overflow (bug report from Ibrahim el-sayed)

---
 MagickCore/property.c | 5 +++++
 1 file changed, 5 insertions(+)

Index: ImageMagick-6.8.9-8/magick/property.c
===================================================================
--- ImageMagick-6.8.9-8.orig/magick/property.c	2016-08-04 19:51:48.290212762 +0200
+++ ImageMagick-6.8.9-8/magick/property.c	2016-08-04 19:55:25.737883477 +0200
@@ -630,6 +630,11 @@ static MagickBooleanType Get8BIMProperty
     if ((count & 0x01) == 0)
       (void) ReadPropertyByte(&info,&length);
     count=(ssize_t) ((int) ReadPropertyMSBLong(&info,&length));
+    if ((count < 0) || ((size_t) count > length))
+      {
+        length=0; 
+        continue;
+      }
     if ((*name != '\0') && (*name != '#'))
       if ((resource == (char *) NULL) || (LocaleCompare(name,resource) != 0))
         {
openSUSE Build Service is sponsored by
Places