~ruther/guix-local

ref: 6dbad376a23d6031e135fadead4410d9a2d1fa68 guix-local/gnu/packages/patches/graphicsmagick-CVE-2017-12935.patch -rw-r--r-- 1.3 KiB
6dbad376 — Efraim Flashner gnu: openntpd: Update to 6.2p3. 8 years ago 
                                                                                
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28

This patch comes from http://hg.code.sf.net/p/graphicsmagick/code/rev/cd699a44f188.

diff -ur a/coders/png.c b/coders/png.c
--- a/coders/png.c	2017-07-04 17:32:08.000000000 -0400
+++ b/coders/png.c	2017-08-19 11:16:20.933969362 -0400
@@ -4101,11 +4101,17 @@
                   mng_info->image=image;
                 }
 
-              if ((mng_info->mng_width > 65535L) || (mng_info->mng_height
-                                                     > 65535L))
-                (void) ThrowException(&image->exception,ImageError,
-                                      WidthOrHeightExceedsLimit,
-                                      image->filename);
+              if ((mng_info->mng_width > 65535L) ||
+                  (mng_info->mng_height > 65535L))
+                {
+                  (void) LogMagickEvent(CoderEvent,GetMagickModule(),
+                      "  MNG width or height is too large: %lu, %lu",
+                      mng_info->mng_width,mng_info->mng_height);
+                  MagickFreeMemory(chunk);
+                  ThrowReaderException(CorruptImageError,
+                     ImproperImageHeader,image);
+                }
+
               FormatString(page_geometry,"%lux%lu+0+0",mng_info->mng_width,
                            mng_info->mng_height);
               mng_info->frame.left=0;