File ImageMagick-CVE-2026-25968.patch of Package ImageMagick.42997

From 56f02958890b820cf2d0a6ecb04eb6f58ea75628 Mon Sep 17 00:00:00 2001
From: Dirk Lemstra <dirk@lemstra.org>
Date: Tue, 3 Feb 2026 22:40:04 +0100
Subject: [PATCH] Patch to resolve possible out of bounds write in the msl
 decoder (GHSA-3mwp-xqp2-q6ph).

---
 coders/msl.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

Index: ImageMagick-7.1.1-21/coders/msl.c
===================================================================
--- ImageMagick-7.1.1-21.orig/coders/msl.c
+++ ImageMagick-7.1.1-21/coders/msl.c
@@ -6146,10 +6146,11 @@ static void MSLStartElement(void *contex
                   Quantum  opac = OpaqueAlpha;
                   ssize_t len = (ssize_t) strlen( value );
 
-                  if (value[len-1] == '%') {
-                    char  tmp[100];
+                  if ((len > 0) && (value[len-1] == '%')) {
+                    char *tmp = AcquireString(value);
                     (void) CopyMagickString(tmp,value,(size_t) len);
                     opac = StringToLong( tmp );
+                    tmp=DestroyString(tmp);
                     opac = (int)(QuantumRange * ((float)opac/100));
                   } else
                     opac = StringToLong( value );

Places

File ImageMagick-CVE-2026-25968.patch of Package ImageMagick.42997

Places