Sophie: imagemagick-6.6.6.10-5.3.mga1 src

imagemagick-6.6.6.10-5.3.mga1.src.rpm

Info
Deps
Files
Scripts
ChangeLog
Location
Others versions
Analyse

diff -uNr ImageMagick-6.6.6-10.orig/magick/profile.c ImageMagick-6.6.6-10/magick/profile.c
--- ImageMagick-6.6.6-10.orig/magick/profile.c	2012-04-30 22:35:01.204453008 -0400
+++ ImageMagick-6.6.6-10/magick/profile.c	2012-04-30 22:37:40.022370682 -0400
@@ -1914,10 +1914,8 @@
     number_entries=ReadProfileShort(endian,directory);
     for ( ; entry < number_entries; entry++)
     {
-      int
-        components;
-
       ssize_t
+	components,
         format,
         tag_value;
 
@@ -1936,8 +1934,10 @@
       format=(ssize_t) ReadProfileShort(endian,q+2);
       if ((format-1) >= EXIF_NUM_FORMATS)
         break;
-      components=(int) ReadProfileLong(endian,q+4);
+      components=(ssize_t) ((int) ReadProfileLong(endian,q+4));
       number_bytes=(size_t) components*format_bytes[format];
+      if (number_bytes < components)
+        break;  /* prevent overflow */
       if (number_bytes <= 4)
         p=q+8;
       else