Overview

File ImageMagick-CVE-2017-11446.patch of Package ImageMagick.openSUSE_Leap_42.3_Update

From 96182884778bfc43d6a9a0abd90cedb5d8cf8977 Mon Sep 17 00:00:00 2001
From: Cristy <urban-warrior@imagemagick.org>
Date: Tue, 4 Jul 2017 14:17:30 -0400
Subject: [PATCH] https://github.com/ImageMagick/ImageMagick/issues/537

---
 coders/pes.c | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

Index: ImageMagick-6.8.8-1/coders/pes.c
===================================================================
--- ImageMagick-6.8.8-1.orig/coders/pes.c	2013-12-01 15:47:50.000000000 +0100
+++ ImageMagick-6.8.8-1/coders/pes.c	2017-10-25 14:02:45.750337981 +0200
@@ -532,7 +532,7 @@ static Image *ReadPESImage(const ImageIn
   j=0;
   delta_x=0;
   delta_y=0;
-  while (EOFBlob(image) != EOF)
+  while (EOFBlob(image) == MagickFalse)
   {
     x=(int) ReadBlobByte(image);
     y=(int) ReadBlobByte(image);
@@ -618,6 +618,11 @@ static Image *ReadPESImage(const ImageIn
   j++;
   blocks[j].offset=(ssize_t) i;
   number_blocks=(size_t) j;
+  image->columns=bounds.x2-bounds.x1;
+  image->rows=bounds.y2-bounds.y1;
+  status=SetImageExtent(image,image->columns,image->rows);
+  if (status == MagickFalse)
+    return(DestroyImageList(image));
   /*
     Write stitches as SVG file.
   */
@@ -631,8 +636,8 @@ static Image *ReadPESImage(const ImageIn
   (void) FormatLocaleFile(file,"<svg xmlns=\"http://www.w3.org/2000/svg\" "
     "xlink=\"http://www.w3.org/1999/xlink\" "
     "ev=\"http://www.w3.org/2001/xml-events\" version=\"1.1\" "
-    "baseProfile=\"full\" width=\"%g\" height=\"%g\">\n",bounds.x2-bounds.x1,
-    bounds.y2-bounds.y1);
+    "baseProfile=\"full\" width=\"%g\" height=\"%g\">\n",(double)
+    image->columns,(double) image->rows);
   for (i=0; i < (ssize_t) number_blocks; i++)
   {
     offset=blocks[i].offset;
openSUSE Build Service is sponsored by
Places