Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE
GraphicsMagick.8039
GraphicsMagick-CVE-2018-10177.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File GraphicsMagick-CVE-2018-10177.patch of Package GraphicsMagick.8039
--- a/coders/png.c Sat Apr 28 11:32:45 2018 -0500 +++ b/coders/png.c Sat Apr 28 13:30:59 2018 -0500 @@ -4896,10 +4896,29 @@ Record starting point. */ loop_iters=mng_get_long(&chunk[1]); - if (loop_iters == 0) + if (loop_iters <= 0) skipping_loop=loop_level; else { + long + loop_iters_max = 512; + + const char + *definition_value; + + if ((definition_value=AccessDefinition(image_info,"mng","maximum-loops"))) + loop_iters_max=atol(definition_value); + if (loop_iters > loop_iters_max) + loop_iters=loop_iters_max; + + /* + The LOOP chunk allows an iteration count in the range 0..2^31-1 + */ + if (loop_iters >= 2147483647L) + loop_iters=2147483647L; + else if (loop_iters < 0) + loop_iters=1; + mng_info->loop_jump[loop_level]=TellBlob(image); mng_info->loop_count[loop_level]=loop_iters; }
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor