blob: ee78a0ecda14a38ac539bfd0681a72c45d3293ed (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
|
# HG changeset patch
# User Bob Friesenhahn <bfriesen@GraphicsMagick.org>
# Date 1501555785 18000
# Node ID 95d00d55e978dec3e1bb4c288dbc210b5cc8bea1
# Parent 921a31d31ea85405b54771941e195782e50e589d
SUN: Fix heap read overflow while indexing colormap in bilevel decoder
diff -r 921a31d31ea8 -r 95d00d55e978 coders/sun.c
--- a/coders/sun.c Mon Jul 31 09:35:26 2017 -0400
+++ b/coders/sun.c Mon Jul 31 21:49:45 2017 -0500
@@ -1,5 +1,5 @@
/*
-% Copyright (C) 2003-2015 GraphicsMagick Group
+% Copyright (C) 2003-2017 GraphicsMagick Group
% Copyright (C) 2002 ImageMagick Studio
% Copyright 1991-1999 E. I. du Pont de Nemours and Company
%
@@ -577,6 +577,7 @@
for (bit=7; bit >= 0; bit--)
{
index=((*p) & (0x01 << bit) ? 0x01 : 0x00);
+ VerifyColormapIndex(image,index);
indexes[x+7-bit]=index;
q[x+7-bit]=image->colormap[index];
}
@@ -587,6 +588,7 @@
for (bit=7; bit >= (long) (8-(image->columns % 8)); bit--)
{
index=((*p) & (0x01 << bit) ? 0x01 : 0x00);
+ VerifyColormapIndex(image,index);
indexes[x+7-bit]=index;
q[x+7-bit]=image->colormap[index];
}
|
