File ImageMagick-CVE-2017-13142.patch of Package ImageMagick.openSUSE_Leap_42.3_Update

Overview Repositories Revisions Requests Users Attributes Meta

File ImageMagick-CVE-2017-13142.patch of Package ImageMagick.openSUSE_Leap_42.3_Update

Index: ImageMagick-6.8.8-1/coders/png.c
===================================================================
--- ImageMagick-6.8.8-1.orig/coders/png.c	2018-01-12 14:12:37.998600763 +0100
+++ ImageMagick-6.8.8-1/coders/png.c	2018-01-12 14:12:38.010600955 +0100
@@ -4008,6 +4008,12 @@ static Image *ReadPNGImage(const ImageIn
     ThrowReaderException(CorruptImageError,"ImproperImageHeader");
 
   /*
+     Verify that file size large enough to contain a PNG datastream.
+  */
+  if (GetBlobSize(image) < 61)
+    ThrowReaderException(CorruptImageError,"InsufficientImageDataInFile");
+
+  /*
     Allocate a MngInfo structure.
   */
   mng_info=(MngInfo *) AcquireMagickMemory(sizeof(MngInfo));
@@ -4972,6 +4978,12 @@ static Image *ReadJNGImage(const ImageIn
   if (count < 8 || memcmp(magic_number,"\213JNG\r\n\032\n",8) != 0)
     ThrowReaderException(CorruptImageError,"ImproperImageHeader");
 
+  /*
+     Verify that file size large enough to contain a JNG datastream.
+  */
+  if (GetBlobSize(image) < 147)
+    ThrowReaderException(CorruptImageError,"InsufficientImageDataInFile");
+
   /* Allocate a MngInfo structure.  */
 
   mng_info=(MngInfo *) AcquireMagickMemory(sizeof(*mng_info));
@@ -7529,7 +7541,7 @@ ModuleExport size_t RegisterPNGImage(voi
 #endif
 
   entry=SetMagickInfo("MNG");
-  entry->seekable_stream=MagickTrue;  /* To do: eliminate this. */
+  entry->seekable_stream=MagickTrue;
 
 #if defined(MAGICKCORE_PNG_DELEGATE)
   entry->decoder=(DecodeImageHandler *) ReadMNGImage;
@@ -7554,6 +7566,7 @@ ModuleExport size_t RegisterPNGImage(voi
 #endif
 
   entry->magick=(IsImageFormatHandler *) IsPNG;
+  entry->seekable_stream=MagickTrue;
   entry->adjoin=MagickFalse;
   entry->description=ConstantString("Portable Network Graphics");
   entry->mime_type=ConstantString("image/png");
@@ -7573,6 +7586,7 @@ ModuleExport size_t RegisterPNGImage(voi
 #endif
 
   entry->magick=(IsImageFormatHandler *) IsPNG;
+  entry->seekable_stream=MagickTrue;
   entry->adjoin=MagickFalse;
   entry->description=ConstantString(
             "8-bit indexed with optional binary transparency");
@@ -7603,6 +7617,7 @@ ModuleExport size_t RegisterPNGImage(voi
 #endif
 
   entry->magick=(IsImageFormatHandler *) IsPNG;
+  entry->seekable_stream=MagickTrue;
   entry->adjoin=MagickFalse;
   entry->description=ConstantString("opaque or binary transparent 24-bit RGB");
   entry->mime_type=ConstantString("image/png");
@@ -7617,6 +7632,7 @@ ModuleExport size_t RegisterPNGImage(voi
 #endif
 
   entry->magick=(IsImageFormatHandler *) IsPNG;
+  entry->seekable_stream=MagickTrue;
   entry->adjoin=MagickFalse;
   entry->description=ConstantString("opaque or transparent 32-bit RGBA");
   entry->mime_type=ConstantString("image/png");
@@ -7631,6 +7647,7 @@ ModuleExport size_t RegisterPNGImage(voi
 #endif
 
   entry->magick=(IsImageFormatHandler *) IsPNG;
+  entry->seekable_stream=MagickTrue;
   entry->adjoin=MagickFalse;
   entry->description=ConstantString("opaque or binary transparent 48-bit RGB");
   entry->mime_type=ConstantString("image/png");
@@ -7645,6 +7662,7 @@ ModuleExport size_t RegisterPNGImage(voi
 #endif
 
   entry->magick=(IsImageFormatHandler *) IsPNG;
+  entry->seekable_stream=MagickTrue;
   entry->adjoin=MagickFalse;
   entry->description=ConstantString("opaque or transparent 64-bit RGBA");
   entry->mime_type=ConstantString("image/png");
@@ -7659,6 +7677,7 @@ ModuleExport size_t RegisterPNGImage(voi
 #endif
 
   entry->magick=(IsImageFormatHandler *) IsPNG;
+  entry->seekable_stream=MagickTrue;
   entry->adjoin=MagickFalse;
   entry->description=ConstantString(
      "PNG inheriting bit-depth and color-type from original");
@@ -7676,6 +7695,7 @@ ModuleExport size_t RegisterPNGImage(voi
 #endif
 
   entry->magick=(IsImageFormatHandler *) IsJNG;
+  entry->seekable_stream=MagickTrue;
   entry->adjoin=MagickFalse;
   entry->description=ConstantString("JPEG Network Graphics");
   entry->mime_type=ConstantString("image/x-jng");

Places

File ImageMagick-CVE-2017-13142.patch of Package ImageMagick.openSUSE_Leap_42.3_Update

Places