d40d0a3afc
modified: ImageMagick.spec (cherry picked from commit 8e284e27aeb8bdfefa2b83919b3f0974a1cc777f)
23 lines
858 B
Diff
23 lines
858 B
Diff
From 30ccf9a0da1f47161b5935a95be854fe84e6c2a2 Mon Sep 17 00:00:00 2001
|
|
From: Cristy <urban-warrior@imagemagick.org>
|
|
Date: Sat, 27 Aug 2022 08:38:57 -0400
|
|
Subject: [PATCH] squash heap-buffer-overflow, PoC TIFF from Hardik
|
|
|
|
---
|
|
coders/tiff.c | 2 +-
|
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
|
|
diff --git a/coders/tiff.c b/coders/tiff.c
|
|
index 132008efbf..a166bea177 100644
|
|
--- a/coders/tiff.c
|
|
+++ b/coders/tiff.c
|
|
@@ -1892,7 +1892,7 @@ static Image *ReadTIFFImage(const ImageInfo *image_info,
|
|
/*
|
|
Convert stripped TIFF image.
|
|
*/
|
|
- extent=4*(samples_per_pixel+1)*TIFFStripSize(tiff);
|
|
+ extent=4*((image->depth+7)/8)*(samples_per_pixel+1)*TIFFStripSize(tiff);
|
|
strip_pixels=(unsigned char *) AcquireQuantumMemory(extent,
|
|
sizeof(*strip_pixels));
|
|
if (strip_pixels == (unsigned char *) NULL)
|