acf82c594c
modified: ImageMagick.spec (cherry picked from commit 79ac39ec17119d3517db9c86c78c14a83d147494)
23 lines
856 B
Diff
23 lines
856 B
Diff
From 1aea203eb36409ce6903b9e41fe7cb70030e8750 Mon Sep 17 00:00:00 2001
|
|
From: Cristy <urban-warrior@imagemagick.org>
|
|
Date: Sat, 27 Aug 2022 08:38:18 -0400
|
|
Subject: [PATCH] squash heap-buffer-overflow, PoC TIFF from Hardik
|
|
|
|
---
|
|
coders/tiff.c | 2 +-
|
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
|
|
diff --git a/coders/tiff.c b/coders/tiff.c
|
|
index 3165ab925..05549f9e5 100644
|
|
--- a/coders/tiff.c
|
|
+++ b/coders/tiff.c
|
|
@@ -1798,7 +1798,7 @@ static Image *ReadTIFFImage(const ImageInfo *image_info,
|
|
/*
|
|
Convert stripped TIFF image.
|
|
*/
|
|
- extent=4*(samples_per_pixel+1)*TIFFStripSize(tiff);
|
|
+ extent=4*((image->depth+7)/8)*(samples_per_pixel+1)*TIFFStripSize(tiff);
|
|
strip_pixels=(unsigned char *) AcquireQuantumMemory(extent,
|
|
sizeof(*strip_pixels));
|
|
if (strip_pixels == (unsigned char *) NULL)
|