Overview

File ImageMagick-CVE-2018-7443.patch of Package ImageMagick.8768

Index: ImageMagick-6.8.8-1/coders/tiff.c
===================================================================
--- ImageMagick-6.8.8-1.orig/coders/tiff.c	2018-03-05 19:26:29.236384094 +0100
+++ ImageMagick-6.8.8-1/coders/tiff.c	2018-03-05 19:26:45.396659733 +0100
@@ -1347,6 +1347,8 @@ RestoreMSCWarning
       method=ReadTileMethod;
     quantum_info->endian=LSBEndian;
     quantum_type=RGBQuantum;
+    if (((MagickSizeType) TIFFScanlineSize(tiff)) > GetBlobSize(image))
+      ThrowTIFFException(CorruptImageError,"InsufficientImageDataInFile");
     pixels=(unsigned char *) AcquireMagickMemory(MagickMax(
       TIFFScanlineSize(tiff),(size_t) (image->columns*samples_per_pixel*
       pow(2.0,ceil(log(bits_per_sample)/log(2.0)))*sizeof(uint32))));
openSUSE Build Service is sponsored by
Places