summaryrefslogtreecommitdiff
path: root/graphics/GraphicsMagick/patches/patch-ab
diff options
context:
space:
mode:
Diffstat (limited to 'graphics/GraphicsMagick/patches/patch-ab')
-rw-r--r--graphics/GraphicsMagick/patches/patch-ab19
1 files changed, 19 insertions, 0 deletions
diff --git a/graphics/GraphicsMagick/patches/patch-ab b/graphics/GraphicsMagick/patches/patch-ab
new file mode 100644
index 00000000000..8ccda944408
--- /dev/null
+++ b/graphics/GraphicsMagick/patches/patch-ab
@@ -0,0 +1,19 @@
+$NetBSD: patch-ab,v 1.1 2009/08/08 04:41:08 obache Exp $
+
+Detect improper rows, columns, or depth.
+Fixes CVE-2008-1097 "Memory corruption in ImageMagick's PCX coder".
+
+http://cvs.graphicsmagick.org/cgi-bin/cvsweb.cgi/GraphicsMagick/coders/pcx.c.diff?r1=1.135;r2=1.136
+
+--- coders/pcx.c.orig 2008-11-07 17:36:01.000000000 +0000
++++ coders/pcx.c
+@@ -302,6 +302,9 @@ static Image *ReadPCXImage(const ImageIn
+ */
+ image->columns=(pcx_info.right-pcx_info.left)+1;
+ image->rows=(pcx_info.bottom-pcx_info.top)+1;
++ if ((image->columns == 0) || (image->rows == 0) ||
++ (pcx_info.bits_per_pixel == 0))
++ ThrowReaderException(CorruptImageError,ImproperImageHeader,image);
+ image->depth=pcx_info.bits_per_pixel <= 8 ? 8 : QuantumDepth;
+ image->units=PixelsPerInchResolution;
+ image->x_resolution=pcx_info.horizontal_resolution;
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-13 16:34:27 +0000