packages/ImageMagick
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
ImageMagick/CVE-2023-3428.patch
wk333 6df0c43b52 Fix CVE-2023-3428 
(cherry picked from commit 67954f75f88ee3ff9894a01371edfa92a7c23000)
2023-07-24 15:00:30 +08:00

26 lines
1.1 KiB
Diff
Raw Blame History

From 0d00400727170b0540a355a1bc52787bc7bcdea5 Mon Sep 17 00:00:00 2001
From: Cristy <urban-warrior@imagemagick.org>
Date: Mon, 26 Jun 2023 19:39:43 -0400
Subject: [PATCH] heap-buffer-overflow in ImageMagick <= 7.1.1-12, contributed
by Hardik shah of Vehere (Dawn Treaders team)
Origin: https://github.com/ImageMagick/ImageMagick6/commit/0d00400727170b0540a355a1bc52787bc7bcdea5
---
coders/tiff.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/coders/tiff.c b/coders/tiff.c
index d6a818644..9b0d16d59 100644
--- a/coders/tiff.c
+++ b/coders/tiff.c
@@ -1917,7 +1917,7 @@ static Image *ReadTIFFImage(const ImageInfo *image_info,
number_pixels=(MagickSizeType) columns*rows;
if (HeapOverflowSanityCheck(rows,sizeof(*tile_pixels)) != MagickFalse)
ThrowTIFFException(ResourceLimitError,"MemoryAllocationFailed");
- extent=4*(samples_per_pixel+1)*MagickMax(rows*TIFFTileRowSize(tiff),
+ extent=4*(samples_per_pixel+1)*MagickMax((rows+1)*TIFFTileRowSize(tiff),
TIFFTileSize(tiff));
tile_pixels=(unsigned char *) AcquireQuantumMemory(extent,
sizeof(*tile_pixels));
Reference in New Issue View Git Blame Copy Permalink