Overview

File ImageMagick-CVE-2016-7519.patch of Package ImageMagick.7150

Index: ImageMagick-6.8.9-8/coders/rle.c
===================================================================
--- ImageMagick-6.8.9-8.orig/coders/rle.c	2016-10-05 15:01:23.832318090 +0200
+++ ImageMagick-6.8.9-8/coders/rle.c	2016-10-05 15:03:28.198259029 +0200
@@ -307,7 +307,10 @@ static Image *ReadRLEImage(const ImageIn
     if ((number_pixels*number_planes_filled) != (size_t) (number_pixels*number_planes_filled))
       ThrowReaderException(ResourceLimitError,"MemoryAllocationFailed");
     pixel_info_length=image->columns*image->rows*number_planes_filled;
-    pixel_info=AcquireVirtualMemory(pixel_info_length,sizeof(*pixels));
+    if (image->rows > (image->rows*number_planes_filled*sizeof(*pixels)))
+      ThrowReaderException(CorruptImageError,"ImproperImageHeader");
+    pixel_info=AcquireVirtualMemory(image->columns,image->rows*
+      number_planes_filled*sizeof(*pixels));
     if (pixel_info == (MemoryInfo *) NULL)
       ThrowReaderException(ResourceLimitError,"MemoryAllocationFailed");
     pixels=(unsigned char *) GetVirtualMemoryBlob(pixel_info);
openSUSE Build Service is sponsored by
Places