File GraphicsMagick-CVE-2016-7515.patch of Package GraphicsMagick.7727

From 09fb19104d70d0491b686e001bf52cfbec23804a Mon Sep 17 00:00:00 2001
From: dirk <dirk@git.imagemagick.org>
Date: Mon, 5 Oct 2015 22:11:47 +0200
Subject: [PATCH] Fixed check for the number of pixels that will be allocated.

---
 coders/rle.c | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

Index: GraphicsMagick-1.3.21/coders/rle.c
===================================================================
--- GraphicsMagick-1.3.21.orig/coders/rle.c	2016-10-03 10:19:53.348303997 +0200
+++ GraphicsMagick-1.3.21/coders/rle.c	2016-10-03 10:22:37.234954055 +0200
@@ -199,6 +199,7 @@ static Image *ReadRLEImage(const ImageIn
     number_colormaps,
     number_pixels,
     number_planes,
+    number_planes_filled,
     offset,
     rle_pixels_length;
 
@@ -317,7 +318,10 @@ static Image *ReadRLEImage(const ImageIn
     if ((image->columns != 0) &&
         (image->rows != number_pixels/image->columns))
       number_pixels=0;
-    rle_pixels_length=number_pixels*Max(number_planes,4);
+    number_planes_filled=(number_planes % 2 == 0) ? number_planes : number_planes+1;
+    if ((number_pixels*number_planes_filled) != (size_t) (number_pixels*number_planes_filled))
+      ThrowReaderException(ResourceLimitError,MemoryAllocationFailed,image);
+    rle_pixels_length=number_pixels*number_planes_filled;
     rle_pixels=MagickAllocateArray(unsigned char *,number_pixels,
                                    Max(number_planes,4));
     if (rle_pixels == (unsigned char *) NULL)
Places

File GraphicsMagick-CVE-2016-7515.patch of Package GraphicsMagick.7727

Places
