Overview

File ImageMagick-CVE-2017-15281.patch of Package ImageMagick.openSUSE_Leap_42.3_Update

Index: ImageMagick-6.8.8-1/coders/psd.c
===================================================================
--- ImageMagick-6.8.8-1.orig/coders/psd.c	2017-12-12 11:05:16.897064353 +0100
+++ ImageMagick-6.8.8-1/coders/psd.c	2017-12-12 11:05:28.409263092 +0100
@@ -1661,6 +1661,8 @@ static Image *ReadPSDImage(const ImageIn
       (double) psd_info.columns,(double) psd_info.rows,(double)
       psd_info.channels,(double) psd_info.depth,ModeToString((PSDImageType)
       psd_info.mode));
+  if (EOFBlob(image) != MagickFalse)
+    ThrowReaderException(CorruptImageError,"ImproperImageHeader");
   /*
     Initialize image.
   */
@@ -1767,6 +1769,8 @@ static Image *ReadPSDImage(const ImageIn
    /*
      If we are only "pinging" the image, then we're done - so return.
    */
+  if (EOFBlob(image) != MagickFalse)
+    ThrowReaderException(CorruptImageError,"UnexpectedEndOfFile");
   if (image_info->ping != MagickFalse)
     {
       (void) CloseBlob(image);
openSUSE Build Service is sponsored by
Places