File ImageMagick-CVE-2020-25664.patch of Package ImageMagick.25859
Index: ImageMagick-7.0.7-34/coders/png.c
===================================================================
--- ImageMagick-7.0.7-34.orig/coders/png.c 2020-12-08 17:30:38.835975421 +0100
+++ ImageMagick-7.0.7-34/coders/png.c 2020-12-08 17:41:06.920228237 +0100
@@ -11361,10 +11361,11 @@ static MagickBooleanType WriteOnePNGImag
(void) LogMagickEvent(CoderEvent,GetMagickModule(),
" Allocating %.20g bytes of memory for pixels",(double) rowbytes);
}
- pixel_info=AcquireVirtualMemory(rowbytes,sizeof(*ping_pixels));
+ pixel_info=AcquireVirtualMemory(rowbytes+256,sizeof(*ping_pixels));
if (pixel_info == (MemoryInfo *) NULL)
png_error(ping,"Allocation of memory for pixels failed");
ping_pixels=(unsigned char *) GetVirtualMemoryBlob(pixel_info);
+ (void) memset(ping_pixels,0,(rowbytes+256)*sizeof(*ping_pixels));
/*
Initialize image scanlines.
*/