Overview

File ImageMagick-CVE-2020-27770.patch of Package ImageMagick.25859

Index: ImageMagick-7.0.7-34/MagickCore/string.c
===================================================================
--- ImageMagick-7.0.7-34.orig/MagickCore/string.c	2018-05-20 17:55:43.000000000 +0200
+++ ImageMagick-7.0.7-34/MagickCore/string.c	2020-12-09 18:01:18.610591678 +0100
@@ -2670,7 +2670,7 @@ MagickExport MagickBooleanType Substitut
   {
     if (search_extent == 0)
       search_extent=strlen(search);
-    if (strncmp(p,search,search_extent) != 0)
+    if ((*p == *search) && (strncmp(p,search,search_extent) != 0))
       continue;
     /*
       We found a match.
@@ -2698,7 +2698,9 @@ MagickExport MagickBooleanType Substitut
       (void) memmove(p+replace_extent,p+search_extent,
         strlen(p+search_extent)+1);
     (void) memcpy(p,replace,replace_extent);
-    p+=replace_extent-1;
+    p+=replace_extent;
+    if (replace_extent != 0)
+      p--;
   }
   return(status);
 }
openSUSE Build Service is sponsored by
Places