Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
home:Alexander_Naumov:SLE-12:Update
ImageMagick.7134
ImageMagick-CVE-2017-10928.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File ImageMagick-CVE-2017-10928.patch of Package ImageMagick.7134
Index: ImageMagick-6.8.8-1/magick/token.c =================================================================== --- ImageMagick-6.8.8-1.orig/magick/token.c 2018-04-10 17:53:29.962600445 +0200 +++ ImageMagick-6.8.8-1/magick/token.c 2018-04-10 17:53:32.134639039 +0200 @@ -175,10 +175,14 @@ MagickExport void GetMagickToken(const c register ssize_t i; + + size_t + length; assert(start != (const char *) NULL); assert(token != (char *) NULL); i=0; + length=strlen(start); for (p=start; *p != '\0'; ) { while ((isspace((int) ((unsigned char) *p)) != 0) && (*p != '\0')) @@ -214,6 +218,8 @@ MagickExport void GetMagickToken(const c break; } token[i++]=(*p); + if ((p-start) >= length) + break; } break; } @@ -234,7 +240,11 @@ MagickExport void GetMagickToken(const c if ((p != q) && (*p != ',')) { for ( ; (p < q) && (*p != ','); p++) + { token[i++]=(*p); + if ((p-start) >= length) + break; + } if (*p == '%') token[i++]=(*p++); break; @@ -261,7 +271,11 @@ MagickExport void GetMagickToken(const c token[i++]=(*p); if ((*p == ')') && (*(p-1) != '\\')) break; + if ((p-start) >= length) + break; } + if ((p-start) >= length) + break; } break; } Index: ImageMagick-6.8.8-1/magick/draw.c =================================================================== --- ImageMagick-6.8.8-1.orig/magick/draw.c 2018-04-10 17:53:29.962600445 +0200 +++ ImageMagick-6.8.8-1/magick/draw.c 2018-04-10 17:53:32.134639039 +0200 @@ -1713,9 +1713,13 @@ static void GetNextToken(const char *sta register ssize_t i; + size_t + length; + assert(start != (const char *) NULL); assert(token != (char *) NULL); i=0; + length=strlen(start); p=start; while ((isspace((int) ((unsigned char) *p)) != 0) && (*p != '\0')) p++; @@ -1751,6 +1755,8 @@ static void GetNextToken(const char *sta } if (i < (ssize_t) (extent-1)) token[i++]=(*p); + if ((p-start) >= length) + break; } break; } @@ -1773,8 +1779,12 @@ static void GetNextToken(const char *sta if ((p != q) && (*p != ',')) { for ( ; (p < q) && (*p != ','); p++) + { if (i < (ssize_t) (extent-1)) token[i++]=(*p); + if ((p-start) >= length) + break; + } if (*p == '%') if (i < (ssize_t) (extent-1)) token[i++]=(*p++); @@ -1805,7 +1815,11 @@ static void GetNextToken(const char *sta token[i++]=(*p); if ((*p == ')') && (*(p-1) != '\\')) break; + if ((p-start) >= length) + break; } + if ((p-start) >= length) + break; } break; } Index: ImageMagick-6.8.8-1/coders/svg.c =================================================================== --- ImageMagick-6.8.8-1.orig/coders/svg.c 2018-04-10 13:00:26.542702098 +0200 +++ ImageMagick-6.8.8-1/coders/svg.c 2018-04-10 18:14:55.257182396 +0200 @@ -2920,7 +2920,7 @@ static Image *ReadSVGImage(const ImageIn if ((image->x_resolution != 72.0) && (image->y_resolution != 72.0)) rsvg_handle_set_dpi_x_y(svg_handle,image->x_resolution, image->y_resolution); - while ((n=ReadBlob(image,MaxTextExtent,message)) != 0) + while ((n=ReadBlob(image,MaxTextExtent,message)) != EOF) { error=(GError *) NULL; (void) rsvg_handle_write(svg_handle,message,n,&error); @@ -3120,7 +3120,7 @@ static Image *ReadSVGImage(const ImageIn { svg_info->parser=xmlCreatePushParserCtxt(sax_handler,svg_info,(char *) message,n,image->filename); - while ((n=ReadBlob(image,MaxTextExtent,message)) != 0) + while ((n=ReadBlob(image,MaxTextExtent,message)) != EOF) { status=xmlParseChunk(svg_info->parser,(char *) message,(int) n,0); if (status != 0)
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor