15 lines
636 B
Diff
15 lines
636 B
Diff
--- ImageMagick-6.2.8/coders/sgi.c.cve-2006-4144 2006-02-07 22:52:54.000000000 -0500
|
|
+++ ImageMagick-6.2.8/coders/sgi.c 2006-08-23 02:05:52.000000000 -0400
|
|
@@ -410,7 +410,11 @@
|
|
for (i=0; i < (long) (iris_info.rows*iris_info.depth); i++)
|
|
offsets[i]=(ssize_t) ReadBlobMSBLong(image);
|
|
for (i=0; i < (long) (iris_info.rows*iris_info.depth); i++)
|
|
+ {
|
|
runlength[i]=ReadBlobMSBLong(image);
|
|
+ if (runlength[i] >= (4*(size_t) iris_info.columns+10))
|
|
+ ThrowReaderException(CorruptImageError,"ImproperImageHeader");
|
|
+ }
|
|
/*
|
|
Check data order.
|
|
*/
|