Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
home:netmax:distribution:CentOS_5
ImageMagick
ImageMagick-6.2.8-CVE-2008-1096.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File ImageMagick-6.2.8-CVE-2008-1096.patch of Package ImageMagick
--- ImageMagick-6.2.8.orig/coders/xcf.c 2008-01-29 12:08:30.000000000 +1000 +++ ImageMagick-6.2.8/coders/xcf.c 2008-02-07 15:06:49.000000000 +1000 @@ -310,6 +310,8 @@ static int load_tile (Image* image, Imag sizeof(*xcfdata)); graydata = (unsigned char *)xcfdata; /* used by gray and indexed */ nmemb_read_successfully = ReadBlob(image, data_length, (unsigned char *) xcfdata); + if (nmemb_read_successfully > (ssize_t) (tile_image->columns*tile_image->rows)) + ThrowBinaryException(CorruptImageError,"NotEnoughPixelData",image->filename); q=SetImagePixels(tile_image,0,0,tile_image->columns,tile_image->rows); @@ -556,6 +558,8 @@ static int load_level (Image* image, XCF /* 1.5 is probably more than we need to allow */ + if (offset2-offset > (MagickOffsetType) (TILE_WIDTH * TILE_WIDTH * 4* 1.5)) + ThrowBinaryException(CorruptImageError,"CorruptImage",image->filename); /* seek to the tile offset */ (void) SeekBlob(image, offset, SEEK_SET);
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor