Overview

File GraphicsMagick-CVE-2016-9830.patch of Package GraphicsMagick.6323

Index: GraphicsMagick-1.3.21/coders/png.c
===================================================================
--- GraphicsMagick-1.3.21.orig/coders/png.c	2015-02-28 21:51:58.000000000 +0100
+++ GraphicsMagick-1.3.21/coders/png.c	2016-12-12 16:43:53.072572708 +0100
@@ -2755,6 +2755,10 @@ static Image *ReadOneJNGImage(MngInfo *m
     jng_height,
     jng_width;
 
+  magick_int64_t
+    height_resource,
+    width_resource;
+
   png_byte
     jng_color_type,
     jng_image_sample_depth,
@@ -2823,6 +2827,10 @@ static Image *ReadOneJNGImage(MngInfo *m
   read_JSEP=MagickFalse;
   reading_idat=MagickFalse;
   skip_to_iend=MagickFalse;
+
+  width_resource = GetMagickResourceLimit(WidthResource);
+  height_resource = GetMagickResourceLimit(HeightResource);
+
   for (;;)
     {
       char
@@ -2934,6 +2942,11 @@ static Image *ReadOneJNGImage(MngInfo *m
             }
           if (length)
             MagickFreeMemory(chunk);
+
+
+          SetMagickResourceLimit(WidthResource,jng_width);
+          SetMagickResourceLimit(HeightResource,jng_height);
+
           continue;
         }
 
@@ -3337,6 +3350,10 @@ static Image *ReadOneJNGImage(MngInfo *m
   if (logging)
     (void) LogMagickEvent(CoderEvent,GetMagickModule(),
                           "  exit ReadOneJNGImage()");
+
+  SetMagickResourceLimit(WidthResource,width_resource);
+  SetMagickResourceLimit(HeightResource,height_resource);
+
   return (image);
 }
openSUSE Build Service is sponsored by
Places