]> granicus.if.org Git - imagemagick/commitdiff
projects / imagemagick / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: a5c463d)
https://github.com/ImageMagick/ImageMagick/issues/368
authorCristy <urban-warrior@imagemagick.org>
Mon, 30 Jan 2017 21:41:30 +0000 (16:41 -0500)
committerCristy <urban-warrior@imagemagick.org>
Mon, 30 Jan 2017 21:41:30 +0000 (16:41 -0500)
ChangeLog patch | blob | history
coders/miff.c patch | blob | history

diff --git a/ChangeLog b/ChangeLog
index 73d3963b6d7330055b14840640c58b77824c0c05..e02e905537260dc3f1ea9a27b7ae9f39551420a5 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,7 @@
+2017-01-28  7.0.4-7 Cristy  <quetzlzacatenango@image...>
+  * Sanitize comments that include braces for the MIFF image format (reference
+    https://github.com/ImageMagick/ImageMagick/issues/368).
+
 2017-01-27  7.0.4-7 Glenn Randers-Pehrson <glennrp@image...>
   * coders/png.c: Added support for a proposed new PNG chunk
     (zxIf, read-only) that is currently being discussed on the
diff --git a/coders/miff.c b/coders/miff.c
index 954df7c56f4fc7af5ef5296c6531e6420075a3cc..e33eafbab87438bff922683d7759bd28f84d43ec 100644 (file)
--- a/coders/miff.c
+++ b/coders/miff.c
@@ -2274,7 +2274,8 @@ static MagickBooleanType WriteMIFFImage(const ImageInfo *image_info,
 
           length=strlen(value);
           for (i=0; i < (ssize_t) length; i++)
-            if (isspace((int) ((unsigned char) value[i])) != 0)
+            if ((isspace((int) ((unsigned char) value[i])) != 0) ||
+                (value[i] == '}'))
               break;
           if ((i == (ssize_t) length) && (i != 0))
             (void) WriteBlob(image,length,(const unsigned char *) value);
Unnamed repository; edit this file 'description' to name the repository.