Overview

File ImageMagick-CVE-2023-5341.patch of Package ImageMagick.18189

From aa673b2e4defc7cad5bec16c4fc8324f71e531f1 Mon Sep 17 00:00:00 2001
From: Cristy <urban-warrior@imagemagick.org>
Date: Sun, 24 Sep 2023 07:28:19 -0400
Subject: [PATCH] check for BMP file size, poc provided by Hardik Shah of
 Vehere (Dawn Treaders team)

---
 coders/bmp.c | 3 +++
 1 file changed, 3 insertions(+)

Index: ImageMagick-7.0.7-34/coders/bmp.c
===================================================================
--- ImageMagick-7.0.7-34.orig/coders/bmp.c
+++ ImageMagick-7.0.7-34/coders/bmp.c
@@ -613,6 +613,9 @@ static Image *ReadBMPImage(const ImageIn
         (LocaleNCompare((char *) magick,"CI",2) != 0)))
       ThrowReaderException(CorruptImageError,"ImproperImageHeader");
     bmp_info.file_size=ReadBlobLSBLong(image);
+    if ((bmp_info.file_size != 0) &&
+        ((MagickSizeType) bmp_info.file_size > GetBlobSize(image)))
+      ThrowReaderException(CorruptImageError,"ImproperImageHeader");
     (void) ReadBlobLSBLong(image);
     bmp_info.offset_bits=ReadBlobLSBLong(image);
     bmp_info.size=ReadBlobLSBLong(image);
openSUSE Build Service is sponsored by
Places