Overview

File ImageMagick-CVE-2016-6823.patch of Package ImageMagick.openSUSE_13.2_Update

Index: ImageMagick-6.8.9-8/coders/bmp.c
===================================================================
--- ImageMagick-6.8.9-8.orig/coders/bmp.c	2016-10-11 10:56:31.922360522 +0200
+++ ImageMagick-6.8.9-8/coders/bmp.c	2016-10-11 10:56:51.726670472 +0200
@@ -1687,10 +1695,13 @@ static MagickBooleanType WriteBMPImage(c
           bmp_info.file_size+=extra_size;
           bmp_info.offset_bits+=extra_size;
         }
+    if ((image->columns != (signed int) image->columns) ||
+        (image->rows != (signed int) image->rows))
+      ThrowWriterException(ImageError,"WidthOrHeightExceedsLimit");
     bmp_info.width=(ssize_t) image->columns;
     bmp_info.height=(ssize_t) image->rows;
     bmp_info.planes=1;
-    bmp_info.image_size=(unsigned int) (bytes_per_line*image->rows);
+    bmp_info.image_size=(unsigned long) (bytes_per_line*image->rows);
     bmp_info.file_size+=bmp_info.image_size;
     bmp_info.x_pixels=75*39;
     bmp_info.y_pixels=75*39;
openSUSE Build Service is sponsored by
Places