Overview

File GraphicsMagick-CVE-2017-14224.patch of Package GraphicsMagick.7782

Index: GraphicsMagick-1.3.25/coders/pcx.c
===================================================================
--- GraphicsMagick-1.3.25.orig/coders/pcx.c	2018-02-06 11:36:37.713942086 +0100
+++ GraphicsMagick-1.3.25/coders/pcx.c	2018-02-06 11:40:13.709502352 +0100
@@ -1014,6 +1014,9 @@ static unsigned int WritePCXImage(const
   if (status == False)
     ThrowPCXWriterException(FileOpenError,UnableToOpenFile,image);
 
+  if ((image->columns > 65535UL) || (image->rows > 65535UL))
+    ThrowWriterException(ImageError,WidthOrHeightExceedsLimit,image);
+
   write_dcx=MagickFalse;
   if (LocaleCompare(image_info->magick,"DCX") == 0)
     {
@@ -1092,8 +1095,11 @@ static unsigned int WritePCXImage(const
         if (image->matte)
           pcx_info.planes++;
       }
-    pcx_info.bytes_per_line=(unsigned short)
+    length=(unsigned short)
       (((unsigned long) image->columns*pcx_info.bits_per_pixel+7)/8);
+    if (length > 65535UL)
+      ThrowWriterException(ImageError,WidthOrHeightExceedsLimit,image);
+    pcx_info.bytes_per_line=(unsigned short) length;
     pcx_info.palette_info=1;
     pcx_info.colormap_signature=0x0c;
     /*
openSUSE Build Service is sponsored by
Places