Overview

File GraphicsMagick-CVE-2019-11006.patch of Package GraphicsMagick.10463

Index: GraphicsMagick-1.3.29/coders/miff.c
===================================================================
--- GraphicsMagick-1.3.29.orig/coders/miff.c	2018-04-29 20:01:26.000000000 +0200
+++ GraphicsMagick-1.3.29/coders/miff.c	2019-04-16 09:59:57.712527079 +0200
@@ -1704,8 +1704,14 @@ static Image *ReadMIFFImage(const ImageI
               p=pixels;
               for (length=0; length < image->columns; )
                 {
-                  p+=ReadBlob(image,packet_size,p);
-                  length+=*(p-1)+1;
+                  size_t
+                    bytes_read;
+
+                  if ((bytes_read=ReadBlob(image,packet_size,p)) != packet_size)
+                    ThrowMIFFReaderException(CorruptImageError,UnexpectedEndOfFile,
+                                             image);
+                  p+=bytes_read;
+                    length+=*(p-1)+1;
                 }
 
               (void) ImportRLEPixels(image,quantum_type,quantum_size,pixels);
openSUSE Build Service is sponsored by
Places