CVS update of imagemagick (coders/viff.c debian/changelog)

Daniel Kobras kobras at alioth.debian.org
Sat Apr 28 15:38:06 UTC 2007


    Date: Saturday, April 28, 2007 @ 15:38:06
  Author: kobras
    Path: /cvsroot/pkg-gmagick/imagemagick

Modified: coders/viff.c debian/changelog

Prevent heap corruption in VIFF coder.


------------------+
 coders/viff.c    |    2 ++
 debian/changelog |    5 +++--
 2 files changed, 5 insertions(+), 2 deletions(-)


Index: imagemagick/coders/viff.c
diff -u imagemagick/coders/viff.c:1.1 imagemagick/coders/viff.c:1.2
--- imagemagick/coders/viff.c:1.1	Tue Feb 27 01:07:05 2007
+++ imagemagick/coders/viff.c	Sat Apr 28 15:38:06 2007
@@ -352,6 +352,8 @@
       ThrowReaderException(ResourceLimitError,"MemoryAllocationFailed");
     if (number_pixels == 0)
       ThrowReaderException(CoderError,"ImageColumnOrRowSizeIsNotSupported");
+    if (viff_info.number_data_bands < 1 || viff_info.number_data_bands > 4)
+      ThrowReaderException(CorruptImageError,"ImproperImageHeader");
     if ((viff_info.data_storage_type != VFF_TYP_BIT) &&
         (viff_info.data_storage_type != VFF_TYP_1_BYTE) &&
         (viff_info.data_storage_type != VFF_TYP_2_BYTE) &&
Index: imagemagick/debian/changelog
diff -u imagemagick/debian/changelog:1.11 imagemagick/debian/changelog:1.12
--- imagemagick/debian/changelog:1.11	Sat Apr 28 14:16:13 2007
+++ imagemagick/debian/changelog	Sat Apr 28 15:38:06 2007
@@ -23,11 +23,12 @@
   * coders/pnm.c: Fix segfault in PNM coder.
   * coders/sgi.c: Fix segfault in SGI coder.
   * coders/sun.c: Fix segfault during conversion in SUN coder.
-  * coders/xwd.c: Fix segfault during conversion in XWD coder. 
+  * coders/viff.c: Prevent heap corruption in VIFF coder.
+  * coders/xwd.c: Fix segfault during conversion in XWD coder.
   * coders/xwd.c: Fix multiple integer overflows in XWD coder.
     (CVE-2007-1667, CVE-2007-1797)
 
- -- Daniel Kobras <kobras at debian.org>  Sat, 28 Apr 2007 16:15:00 +0200
+ -- Daniel Kobras <kobras at debian.org>  Sat, 28 Apr 2007 17:37:02 +0200
 
 imagemagick (7:6.2.4.5.dfsg1-0.14) unstable; urgency=high
 



More information about the pkg-gmagick-commit mailing list