Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE
GraphicsMagick.8039
GraphicsMagick-CVE-2016-10048.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File GraphicsMagick-CVE-2016-10048.patch of Package GraphicsMagick.8039
Index: GraphicsMagick-1.2.5/magick/module.c =================================================================== --- GraphicsMagick-1.2.5.orig/magick/module.c 2017-01-19 10:50:19.863223896 +0100 +++ GraphicsMagick-1.2.5/magick/module.c 2017-01-19 11:45:42.573013646 +0100 @@ -523,6 +523,17 @@ static MagickPassFail FindMagickModule(c assert(path != (char *) NULL); assert(exception != (ExceptionInfo *) NULL); (void) strlcpy(path,filename,MaxTextExtent); + if (strstr(path,"../") != (char *) NULL) + { + char + message[MaxTextExtent]; + + errno=EPERM; + FormatString(message,"\"%.1024s\"",path); + ThrowException(exception,ModuleError,UnableToLoadModule,message); + return(MagickFalse); + } + if (InitializeModuleSearchPath(module_type,exception) == MagickFail) return (status);
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor