packages/ImageMagick
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
ImageMagick/CVE-2020-25664.patch
zhanghua1831 631ff3e8ef fix CVE-2020-25664 CVE-2020-27754
2021-02-10 15:33:27 +08:00

28 lines
1.1 KiB
Diff
Raw Blame History

From 27d3ddedb73f63fa984ff5b4d66e07eef654070f Mon Sep 17 00:00:00 2001
From: Cristy <urban-warrior@imagemagick.org>
Date: Fri, 4 Oct 2019 19:08:29 -0400
Subject: [PATCH] https://github.com/ImageMagick/ImageMagick/issues/1716
---
coders/png.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/coders/png.c b/coders/png.c
index 410741059..ee6fba297 100644
--- a/coders/png.c
+++ b/coders/png.c
@@ -11177,11 +11177,11 @@ static MagickBooleanType WriteOnePNGImage(MngInfo *mng_info,
(void) LogMagickEvent(CoderEvent,GetMagickModule(),
" Allocating %.20g bytes of memory for pixels",(double) rowbytes);
}
- pixel_info=AcquireVirtualMemory(rowbytes,sizeof(*ping_pixels));
+ pixel_info=AcquireVirtualMemory(rowbytes+256,sizeof(*ping_pixels));
if (pixel_info == (MemoryInfo *) NULL)
png_error(ping,"Allocation of memory for pixels failed");
ping_pixels=(unsigned char *) GetVirtualMemoryBlob(pixel_info);
- (void) memset(ping_pixels,0,rowbytes*sizeof(*ping_pixels));
+ (void) memset(ping_pixels,0,(rowbytes+256)*sizeof(*ping_pixels));
/*
Initialize image scanlines.
*/
Reference in New Issue View Git Blame Copy Permalink