Overview

File GraphicsMagick-CVE-2017-18230.patch of Package GraphicsMagick.openSUSE_Leap_42.3_Update

--- a/coders/cineon.c	Sat Sep 30 09:12:22 2017 -0500
+++ b/coders/cineon.c	Sat Sep 30 09:24:26 2017 -0500
@@ -774,6 +774,8 @@
           scandata_bytes=4;
           scale_to_short=64;
           scandata=MagickAllocateMemory(unsigned char *,scandata_bytes);
+          if (scandata == (unsigned char *) NULL)
+            ThrowReaderException(ResourceLimitError,MemoryAllocationFailed,image);
           scanline=scandata;
           MagickBitStreamInitializeRead(&bit_stream,scanline);
           for (y=0; y < (long) image->rows; y++)
@@ -816,9 +818,11 @@
         }
       case 3:
         {
-          scandata_bytes=image->columns*4;
+          scandata_bytes=MagickArraySize(image->columns,4);
           scale_to_short=64;
           scandata=MagickAllocateMemory(unsigned char *,scandata_bytes);
+          if (scandata == (unsigned char *) NULL)
+            ThrowReaderException(ResourceLimitError,MemoryAllocationFailed,image);
           for (y=0; y < (long) image->rows; y++)
             {
               magick_uint32_t red;
openSUSE Build Service is sponsored by
Places