Overview

File ImageMagick-CVE-2017-16546.patch of Package ImageMagick.8768

From e04cf3e9524f50ca336253513d977224e083b816 Mon Sep 17 00:00:00 2001
From: Cristy <urban-warrior@imagemagick.org>
Date: Sat, 4 Nov 2017 10:56:39 -0400
Subject: [PATCH] https://github.com/ImageMagick/ImageMagick/issues/851

---
 coders/wpg.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/coders/wpg.c b/coders/wpg.c
index 774643fd31..fc15a52c8e 100644
--- a/coders/wpg.c
+++ b/coders/wpg.c
@@ -1063,6 +1063,8 @@ static Image *ReadWPGImage(const ImageInfo *image_info,
               if ((WPG_Palette.NumOfEntries-WPG_Palette.StartIndex) >
                   (Rec2.RecordLength-2-2) / 3)
                 ThrowReaderException(CorruptImageError,"InvalidColormapIndex");
+              if (WPG_Palette.StartIndex > WPG_Palette.NumOfEntries)
+                ThrowReaderException(CorruptImageError,"InvalidColormapIndex");
               image->colors=WPG_Palette.NumOfEntries;
               if (!AcquireImageColormap(image,image->colors))
                 goto NoMemory;
openSUSE Build Service is sponsored by
Places