packages/GraphicsMagick
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
GraphicsMagick/CVE-2018-18544.patch
maminjie 45c8317c00 fix some CVEs 
CVE-2018-18544
CVE-2019-7397
CVE-2019-11005
CVE-2019-11006
CVE-2019-11010
CVE-2019-12921
CVE-2020-10938
CVE-2020-12672
2020-09-19 18:21:55 +08:00

27 lines
835 B
Diff
Raw Blame History

From 960de60924208e2fceff6d118c0bcec38dae627b Mon Sep 17 00:00:00 2001
From: maminjie <maminjie1@huawei.com>
Date: Sat, 19 Sep 2020 16:00:58 +0800
Subject: [PATCH] ProcessMSLScript(): Release msl_image if OpenBlob fails.
(CVE-2018-18544)
refers to http://hg.code.sf.net/p/graphicsmagick/code/rev/31349424878d
---
coders/msl.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/coders/msl.c b/coders/msl.c
index 5add044..9e99629 100644
--- a/coders/msl.c
+++ b/coders/msl.c
@@ -4540,6 +4540,7 @@ ProcessMSLScript(const ImageInfo *image_info,Image **image,
status=OpenBlob(image_info,msl_image,ReadBinaryBlobMode,exception);
if (status == False)
{
+ DestroyImage(msl_image);
ThrowException(exception,FileOpenError,UnableToOpenFile,
msl_image->filename);
return(False);
--
2.23.0
Reference in New Issue View Git Blame Copy Permalink