Petr Gajdos
d6669a0ed7
- added patches fix CVE-2023-3428 [bsc#1212847], heap-buffer-overflow in coders/tiff.c + ImageMagick-CVE-2023-3428.patch OBS-URL: https://build.opensuse.org/package/show/graphics/ImageMagick?expand=0&rev=661
15 lines
703 B
Diff
15 lines
703 B
Diff
diff --git a/coders/tiff.c b/coders/tiff.c
|
|
index 9e0d0b1201..df4274cacd 100644
|
|
--- a/coders/tiff.c
|
|
+++ b/coders/tiff.c
|
|
@@ -2010,7 +2010,7 @@ static Image *ReadTIFFImage(const ImageInfo *image_info,
|
|
number_pixels=(MagickSizeType) columns*rows;
|
|
if (HeapOverflowSanityCheck(rows,sizeof(*tile_pixels)) != MagickFalse)
|
|
ThrowTIFFException(ResourceLimitError,"MemoryAllocationFailed");
|
|
- extent=4*(samples_per_pixel+1)*MagickMax(rows*TIFFTileRowSize(tiff),
|
|
+ extent=4*(samples_per_pixel+1)*MagickMax((rows+1)*TIFFTileRowSize(tiff),
|
|
TIFFTileSize(tiff));
|
|
tile_pixels=(unsigned char *) AcquireQuantumMemory(extent,
|
|
sizeof(*tile_pixels));
|
|
|