File GraphicsMagick-CVE-2014-9817.patch of Package GraphicsMagick.7893

Index: GraphicsMagick-1.3.25/coders/pdb.c
===================================================================
--- GraphicsMagick-1.3.25.orig/coders/pdb.c	2016-11-28 14:32:28.537677059 +0100
+++ GraphicsMagick-1.3.25/coders/pdb.c	2016-11-28 14:35:13.216392950 +0100
@@ -460,7 +460,7 @@ static Image *ReadPDBImage(const ImageIn
   if (CheckImagePixelLimits(image, exception) != MagickPass)
     ThrowPDBReaderException(ResourceLimitError,ImagePixelLimitExceeded,image);
 
-  packets=MagickArraySize(MagickArraySize(bits_per_pixel,image->columns)/8+4,
+  packets=MagickArraySize((MagickArraySize(bits_per_pixel,image->columns)+7)/8,
                           image->rows);
   pixels=MagickAllocateMemory(unsigned char *,packets + (packets != 0 ? 256 : 0));
   if (pixels == (unsigned char *) NULL)
@@ -880,8 +880,8 @@ static unsigned int WritePDBImage(const
   if ((pdb_image.width < image->columns) ||
       (pdb_image.height != image->rows))
     ThrowPDBWriterException(CoderError,ImageColumnOrRowSizeIsNotSupported, image);
-  packets=MagickArraySize(MagickArraySize(MagickArraySize(bits_per_pixel,
-                                                          pdb_image.width)/8,
+  packets=MagickArraySize(MagickArraySize((MagickArraySize(bits_per_pixel,
+                                                          pdb_image.width)+7)/8,
                                           pdb_image.height),2);
   p=MagickAllocateMemory(unsigned char *,packets);
   if (p == (unsigned char *) NULL)