Overview

File GraphicsMagick-CVE-2017-13139.patch of Package GraphicsMagick.7727

diff -r 0acf0bf94c1d -r 653a3d55168b coders/png.c
--- a/coders/png.c	Sun Jul 09 08:27:57 2017 -0500
+++ b/coders/png.c	Mon Jul 10 07:58:27 2017 -0400
@@ -2715,7 +2715,7 @@
   /*
     Store the object if necessary.
   */
-  if (object_id && !mng_info->frozen[object_id])
+  if (object_id && object_id <= MNG_MAX_OBJECTS && !mng_info->frozen[object_id])
     {
       if (mng_info->ob[object_id] == (MngBuffer *) NULL)
         {
@@ -4568,6 +4568,8 @@
 
                   for (i=(int) first_object; i <= (int) last_object; i++)
                     {
+                      if (i > MNG_MAX_OBJECTS)
+                        continue;
                       if (mng_info->exists[i] && !mng_info->frozen[i])
                         {
                           MngBox
@@ -4642,6 +4644,8 @@
 
                   for (i=(long) first_object; i <= (long) last_object; i++)
                     {
+                      if (i > MNG_MAX_OBJECTS)
+                        continue;
                       if (mng_info->exists[i] && !mng_info->frozen[i] &&
                           (p-chunk) < (ssize_t) (length-8))
                         {
openSUSE Build Service is sponsored by
Places