Overview

File GraphicsMagick-CVE-2017-11140.patch of Package GraphicsMagick.7782

--- a/coders/jpeg.c	Thu Jul 06 18:54:30 2017 -0500
+++ b/coders/jpeg.c	Sat Jul 08 09:20:58 2017 -0500
@@ -1350,6 +1374,16 @@
       register PixelPacket
 	*q;
 
+      /*
+        Read scanlines. Stop at first serious error.
+       */
+      if ((jpeg_read_scanlines(&jpeg_info,scanline,1) != 1) ||
+          (image->exception.severity >= ErrorException))
+	{
+	  status=MagickFail;
+	  break;
+	}
+
       q=SetImagePixels(image,0,y,image->columns,1);
       if (q == (PixelPacket *) NULL)
 	{
@@ -1358,12 +1392,6 @@
 	}
       indexes=AccessMutableIndexes(image);
 
-      if (jpeg_read_scanlines(&jpeg_info,scanline,1) != 1)
-	{
-	  status=MagickFail;
-	  break;
-	}
-
       p=jpeg_pixels;
 
       if (jpeg_info.output_components == 1)
openSUSE Build Service is sponsored by
Places