rpms
/
GraphicsMagick
20
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'e17fc1dda9'
${ noResults }
GraphicsMagick/GraphicsMagick-CVE-2016-868...

25 lines
817 B
Raw Normal View History Unescape

CVE-2016-7800 (#1381148) CVE-2016-7996, CVE-2016-7997 (#1383223) CVE-2016-8682, CVE-2016-8683, CVE-2016-8684 (#1385583)
8 years ago
# HG changeset patch
# User Bob Friesenhahn <bfriesen@GraphicsMagick.org>
# Date 1473538865 18000
# Node ID 0a0dfa81906d1317895de9374ef5132710c3831c
# Parent 3161d55d0c2f73df109a6d184074f39aca78ae8f
SCT: Fix stack-buffer read overflow while reading file header.
diff -r 3161d55d0c2f -r 0a0dfa81906d coders/sct.c
--- a/coders/sct.c Sat Sep 10 13:17:49 2016 -0500
+++ b/coders/sct.c Sat Sep 10 15:21:05 2016 -0500
@@ -188,9 +188,11 @@
break;
if (ReadBlob(image,14,(char *) buffer) != 14)
break;
+ buffer[14]='\0';
image->rows=MagickAtoL(buffer) & 0x7FFFFFFF;
if (ReadBlob(image,14,(char *) buffer) != 14)
break;
+ buffer[14]='\0';
image->columns=MagickAtoL(buffer) & 0x7FFFFFFF;
if (ReadBlob(image,196,(char *) buffer) != 196)
break;