Overview

File ImageMagick-CVE-2016-7530.patch of Package ImageMagick.6839

Index: ImageMagick-6.8.8-1/magick/quantum.c
===================================================================
--- ImageMagick-6.8.8-1.orig/magick/quantum.c	2016-09-27 10:11:01.618620207 +0200
+++ ImageMagick-6.8.8-1/magick/quantum.c	2016-09-27 10:11:01.706621621 +0200
@@ -311,6 +311,7 @@ MagickExport size_t GetQuantumExtent(con
   const QuantumInfo *quantum_info,const QuantumType quantum_type)
 {
   size_t
+    extent,
     packet_size;
 
   assert(quantum_info != (QuantumInfo *) NULL);
@@ -329,9 +330,10 @@ MagickExport size_t GetQuantumExtent(con
     case CMYKAQuantum: packet_size=5; break;
     default: break;
   }
+  extent=MagickMax(image->columns,image->rows);
   if (quantum_info->pack == MagickFalse)
-    return((size_t) (packet_size*image->columns*((quantum_info->depth+7)/8)));
-  return((size_t) ((packet_size*image->columns*quantum_info->depth+7)/8));
+    return((size_t) (packet_size*extent*((quantum_info->depth+7)/8)));
+  return((size_t) ((packet_size*extent*quantum_info->depth+7)/8));
 }
 
 /*
@@ -687,8 +689,9 @@ MagickExport MagickBooleanType SetQuantu
   if (quantum_info->pixels != (unsigned char **) NULL)
     DestroyQuantumPixels(quantum_info);
   quantum=(quantum_info->pad+6)*(quantum_info->depth+7)/8;
-  extent=image->columns*quantum;
-  if (quantum != (extent/image->columns))
+  extent=MagickMax(image->columns,image->rows)*quantum;
+  if ((MagickMax(image->columns,image->rows) != 0) &&
+      (quantum != (extent/MagickMax(image->columns,image->rows))))
     return(MagickFalse);
   return(AcquireQuantumPixels(quantum_info,extent));
 }
Index: ImageMagick-6.8.8-1/Magick++/tests/appendImages.cpp
===================================================================
--- ImageMagick-6.8.8-1.orig/Magick++/tests/appendImages.cpp	2009-09-05 23:47:34.000000000 +0200
+++ ImageMagick-6.8.8-1/Magick++/tests/appendImages.cpp	2016-09-27 10:11:01.706621621 +0200
@@ -57,7 +57,7 @@ int main( int /*argc*/, char ** argv)
     // Vertical
     appendImages( &appended, imageList.begin(), imageList.end(), true );
     if (( appended.signature() != "d73d25ccd6011936d08b6d0d89183b7a61790544c2195269aff4db2f782ffc08" ) &&
-        ( appended.signature() != "0909f7ffa7c6ea410fb2ebfdbcb19d61b19c4bd271851ce3bd51662519dc2b58" ) &&
+        ( appended.signature() != "f3590c183018757da798613a23505ab9600b35935988eee12f096cb6219f2bc3" ) &&
         ( appended.signature() != "11b97ba6ac1664aa1c2faed4c86195472ae9cce2ed75402d975bb4ffcf1de751" ) &&
         ( appended.signature() != "cae4815eeb3cb689e73b94d897a9957d3414d1d4f513e8b5e52579b05d164bfe" ))
       {
openSUSE Build Service is sponsored by
Places