packages/ImageMagick
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix CVE-2023-5341

Browse Source 
(cherry picked from commit 38e2a98947c24f9dc3b0ea66565d67d277d9e08a)
This commit is contained in:
liningjie 2023-10-07 10:41:56 +08:00 committed by openeuler-sync-bot
parent 5daca8fc09
commit 1d4edcf202
2 changed files with 32 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
CVE-2023-5341.patch Normal file
View File

@ -0,0 +1,27 @@
From 97b99a741321c9a89491ebb6dab66d1215413595 Mon Sep 17 00:00:00 2001
From: Cristy <urban-warrior@imagemagick.org>
Date: Sat, 7 Oct 2023 10:22:57 +0800
Subject: [PATCH] check for BMP file size, poc provided by Hardik Shah of
Vehere (Dawn Treaders team)
---
coders/bmp.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/coders/bmp.c b/coders/bmp.c
index 8ff76bb..bb9ce2f 100644
--- a/coders/bmp.c
+++ b/coders/bmp.c
@@ -629,6 +629,9 @@ static Image *ReadBMPImage(const ImageInfo *image_info,ExceptionInfo *exception)
" BMP header size: %u",bmp_info.size);
if (bmp_info.size > 124)
ThrowReaderException(CorruptImageError,"ImproperImageHeader");
+ if ((bmp_info.file_size != 0) &&
+ ((MagickSizeType) bmp_info.file_size > GetBlobSize(image)))
+ ThrowReaderException(CorruptImageError,"ImproperImageHeader");
if (bmp_info.offset_bits < bmp_info.size)
ThrowReaderException(CorruptImageError,"ImproperImageHeader");
bmp_info.offset_bits=MagickMax(14+bmp_info.size,bmp_info.offset_bits);
--
2.27.0

6
ImageMagick.spec
View File

@ -1,7 +1,7 @@
Name: ImageMagick Name: ImageMagick
Epoch: 1 Epoch: 1
Version: 7.1.1.8 Version: 7.1.1.8
Release: 4 Release: 5
Summary: Create, edit, compose, or convert bitmap images Summary: Create, edit, compose, or convert bitmap images
License: ImageMagick and MIT License: ImageMagick and MIT
Url: http://www.imagemagick.org/ Url: http://www.imagemagick.org/
@ -10,6 +10,7 @@ Patch0: CVE-2023-34151.patch
Patch1: CVE-2023-34153.patch Patch1: CVE-2023-34153.patch
Patch2: CVE-2023-34474-and-CVE-2023-34475.patch Patch2: CVE-2023-34474-and-CVE-2023-34475.patch
Patch3: CVE-2023-3428.patch Patch3: CVE-2023-3428.patch
Patch4: CVE-2023-5341.patch
BuildRequires: bzip2-devel freetype-devel libjpeg-devel libpng-devel perl-generators BuildRequires: bzip2-devel freetype-devel libjpeg-devel libpng-devel perl-generators
BuildRequires: libtiff-devel giflib-devel zlib-devel perl-devel >= 5.8.1 jbigkit-devel BuildRequires: libtiff-devel giflib-devel zlib-devel perl-devel >= 5.8.1 jbigkit-devel
@ -164,6 +165,9 @@ rm PerlMagick/demo/Generic.ttf
%{_libdir}/pkgconfig/ImageMagick* %{_libdir}/pkgconfig/ImageMagick*
%changelog %changelog
* Sat Oct 7 2023 liningjie <liningjie@xfusion.com> - 1:7.1.1.8-5
- Fix CVE-2023-5341
* Mon Jul 24 2023 wangkai <13474090681@163.com> - 1:7.1.1.8-4 * Mon Jul 24 2023 wangkai <13474090681@163.com> - 1:7.1.1.8-4
- Fix CVE-2023-3428 - Fix CVE-2023-3428