]> granicus.if.org Git - imagemagick/commitdiff
projects / imagemagick / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: efd28c1)
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5819
authorCristy <urban-warrior@imagemagick.org>
Mon, 5 Feb 2018 01:26:55 +0000 (20:26 -0500)
committerCristy <urban-warrior@imagemagick.org>
Mon, 5 Feb 2018 01:26:55 +0000 (20:26 -0500)
coders/viff.c patch | blob | history

diff --git a/coders/viff.c b/coders/viff.c
index b7f54e415219e29ece93e786bef20cf12e03c4e4..7f3c96886c8e1ccac02295a07a0041c99ac1fb6e 100644 (file)
--- a/coders/viff.c
+++ b/coders/viff.c
@@ -412,6 +412,8 @@ static Image *ReadVIFFImage(const ImageInfo *image_info,
           default: bytes_per_pixel=1; break;
         }
         image->colors=viff_info.map_columns;
+        if (image->colors > GetBlobSize(image))
+          ThrowReaderException(CorruptImageError,"InsufficientImageDataInFile");
         if (AcquireImageColormap(image,image->colors,exception) == MagickFalse)
           ThrowReaderException(ResourceLimitError,"MemoryAllocationFailed");
         if (viff_info.map_rows >
Unnamed repository; edit this file 'description' to name the repository.