Overview

File GraphicsMagick-CVE-2016-7101.patch of Package GraphicsMagick.6323

Index: GraphicsMagick-1.3.20/coders/sgi.c
===================================================================
--- GraphicsMagick-1.3.20.orig/coders/sgi.c	2013-03-10 00:19:31.000000000 +0100
+++ GraphicsMagick-1.3.20/coders/sgi.c	2016-10-11 12:07:09.616857589 +0200
@@ -284,6 +284,8 @@ static Image *ReadSGIImage(const ImageIn
     bytes_per_pixel,
     number_pixels;
 
+  size_t count;
+
   /*
     Open image file.
   */
@@ -317,12 +319,16 @@ static Image *ReadSGIImage(const ImageIn
 
       (void) ReadBlob(image,(unsigned int) sizeof(iris_info.dummy1),
 		      iris_info.dummy1);
-      (void) ReadBlob(image,(unsigned int) sizeof(iris_info.image_name),
-		      iris_info.image_name);
+    count=ReadBlob(image,(unsigned int) sizeof(iris_info.image_name),
+                   iris_info.image_name);
+    if (count != sizeof(iris_info.image_name))
+      ThrowReaderException(CorruptImageError,ImproperImageHeader,image);
       iris_info.image_name[sizeof(iris_info.image_name)-1]=0;
       iris_info.color_map=ReadBlobMSBLong(image);
-      (void) ReadBlob(image,(unsigned int) sizeof(iris_info.dummy2),
-		      iris_info.dummy2);
+    count=ReadBlob(image,(unsigned int) sizeof(iris_info.dummy2),
+                   iris_info.dummy2);
+    if (count != sizeof(iris_info.dummy2))
+      ThrowReaderException(CorruptImageError,ImproperImageHeader,image);
 
       (void) LogMagickEvent(CoderEvent,GetMagickModule(),
 			    "    Header: Storage=%u, BPC=%u, Dimension=%u, XSize=%u, YSize=%u, ZSize=%u, PixMin=%u, PixMax=%u, image_name=\"%.79s\", color_map=%u",
openSUSE Build Service is sponsored by
Places