File GraphicsMagick-CVE-2017-16547.patch of Package GraphicsMagick.7727
diff -r 597ff91f38a9 -r 785758bbbfcc magick/render.c
--- a/magick/render.c Fri Oct 27 08:10:34 2017 -0500
+++ b/magick/render.c Sat Oct 28 13:54:22 2017 -0500
@@ -2360,6 +2360,11 @@
continue;
break;
}
+ if (p+5U > q)
+ {
+ status=MagickFail;
+ break;
+ }
(void) strncpy(token,p,q-p-4);
token[q-p-4]='\0';
(void) SetImageAttribute(image,name,token);
@@ -2433,6 +2438,11 @@
continue;
break;
}
+ if (p+5U > q)
+ {
+ status=MagickFail;
+ break;
+ }
(void) strncpy(token,p,q-p-4);
token[q-p-4]='\0';
bounds.x1=graphic_context[n]->affine.sx*segment.x1+
@@ -2564,6 +2574,11 @@
continue;
break;
}
+ if (p+5U > q)
+ {
+ status=MagickFail;
+ break;
+ }
(void) strncpy(token,p,q-p-4);
token[q-p-4]='\0';
FormatString(key,"[%.1024s]",name);
