GraphicsMagick/GraphicsMagick-CVE-2017-11102-1.patch

# HG changeset patch
# User Glenn Randers-Pehrson <glennrp+bmo@gmail.com>
# Date 1499262082 14400
# Node ID dea93a690fc125f70fb8688a0ff3035b96b0045e
# Parent  a42ae8447fe7a457790bf699371a1a6f3c6d4e57
Stop crash due to zero-length color_image while reading a JNG

diff -r a42ae8447fe7 -r dea93a690fc1 coders/png.c
--- a/coders/png.c	Tue Jul 04 16:33:37 2017 -0500
+++ b/coders/png.c	Wed Jul 05 09:41:22 2017 -0400
@@ -3314,12 +3314,13 @@
 
           if (logging)
             (void) LogMagickEvent(CoderEvent,GetMagickModule(),
-                                  "    Copying JDAT chunk data"
-                                  " to color_blob.");
-          if (color_image != (Image *)NULL)
+                                  "    Copying %lu bytes of JDAT chunk data"
+                                  " to color_blob.",length);
+          if (length && color_image != (Image *)NULL)
+          {
             (void) WriteBlob(color_image,length,(char *) chunk);
-          if (length)
             MagickFreeMemory(chunk);
+          }
           continue;
         }