Overview

File ImageMagick-CVE-2020-27774,27766,27776.patch of Package ImageMagick.25859

Index: ImageMagick-7.0.7-34/MagickCore/statistic.c
===================================================================
--- ImageMagick-7.0.7-34.orig/MagickCore/statistic.c	2020-12-04 09:50:41.411868460 +0100
+++ ImageMagick-7.0.7-34/MagickCore/statistic.c	2020-12-04 09:58:21.542802355 +0100
@@ -241,6 +241,9 @@ static double ApplyEvaluateOperator(Rand
   double
     result;
 
+  register ssize_t
+    i;
+
   result=0.0;
   switch (op)
   {
@@ -309,7 +312,9 @@ static double ApplyEvaluateOperator(Rand
     }
     case LeftShiftEvaluateOperator:
     {
-      result=(double) ((size_t) pixel << (size_t) (value+0.5));
+      result=(double) pixel;
+      for (i=0; i < (ssize_t) value; i++)
+        result*=2.0;
       break;
     }
     case LogEvaluateOperator:
@@ -369,7 +374,9 @@ static double ApplyEvaluateOperator(Rand
     }
     case RightShiftEvaluateOperator:
     {
-      result=(double) ((size_t) pixel >> (size_t) (value+0.5));
+      result=(double) pixel;
+      for (i=0; i < (ssize_t) value; i++)
+        result/=2.0;
       break;
     }
     case RootMeanSquareEvaluateOperator:
openSUSE Build Service is sponsored by
Places