Overview

File ImageMagick-CVE-2018-12600.patch of Package ImageMagick.16417

diff --git a/coders/dib.c b/coders/dib.c
index b08fee6ff..dbeddb7fe 100644
--- a/coders/dib.c
+++ b/coders/dib.c
@@ -668,8 +668,8 @@ static Image *ReadDIBImage(const ImageInfo *image_info,ExceptionInfo *exception)
     dib_info.bits_per_pixel<<=1;
   bytes_per_line=4*((image->columns*dib_info.bits_per_pixel+31)/32);
   length=bytes_per_line*image->rows;
-  pixel_info=AcquireVirtualMemory((size_t) image->rows,MagickMax(
-    bytes_per_line,image->columns+256UL)*sizeof(*pixels));
+  pixel_info=AcquireVirtualMemory(image->rows,MagickMax(bytes_per_line,
+    image->columns+256UL)*sizeof(*pixels));
   if (pixel_info == (MemoryInfo *) NULL)
     ThrowReaderException(ResourceLimitError,"MemoryAllocationFailed");
   pixels=(unsigned char *) GetVirtualMemoryBlob(pixel_info);
@@ -1181,8 +1181,8 @@ static MagickBooleanType WriteDIBImage(const ImageInfo *image_info,Image *image)
   /*
     Convert MIFF to DIB raster pixels.
   */
-  pixels=(unsigned char *) AcquireQuantumMemory(dib_info.image_size,
-    sizeof(*pixels));
+  pixels=(unsigned char *) AcquireQuantumMemory(image->rows,MagickMax(
+    bytes_per_line,image->columns+256UL)*sizeof(*pixels));
   if (pixels == (unsigned char *) NULL)
     ThrowWriterException(ResourceLimitError,"MemoryAllocationFailed");
   (void) memset(pixels,0,dib_info.image_size);
openSUSE Build Service is sponsored by
Places