Overview

File ImageMagick-CVE-2014-9830.patch of Package ImageMagick.openSUSE_Leap_42.3_Update

Index: ImageMagick-6.8.9-8/coders/sun.c
===================================================================
--- ImageMagick-6.8.9-8.orig/coders/sun.c	2016-06-14 12:02:59.875355194 +0200
+++ ImageMagick-6.8.9-8/coders/sun.c	2016-06-14 12:11:35.043784323 +0200
@@ -256,6 +256,7 @@ static Image *ReadSUNImage(const ImageIn
     *p;
 
   size_t
+    extent,
     length;
 
   ssize_t
@@ -310,6 +311,9 @@ static Image *ReadSUNImage(const ImageIn
     sun_info.maplength=ReadBlobMSBLong(image);
     image->columns=sun_info.width;
     image->rows=sun_info.height;
+    extent=sun_info.height*sun_info.width;
+    if ((sun_info.height != 0) && (sun_info.width != extent/sun_info.height))
+      ThrowReaderException(CorruptImageError,"ImproperImageHeader");
     if ((sun_info.depth == 0) || (sun_info.depth > 32))
       ThrowReaderException(CorruptImageError,"ImproperImageHeader");
     image->depth=sun_info.depth <= 8 ? sun_info.depth :
openSUSE Build Service is sponsored by
Places