Added extra checks (https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5801).

author Dirk Lemstra <dirk@git.imagemagick.org>

Mon, 19 Mar 2018 22:06:43 +0000 (23:06 +0100)

committer Dirk Lemstra <dirk@git.imagemagick.org>

Mon, 19 Mar 2018 22:06:43 +0000 (23:06 +0100)
author Dirk Lemstra <dirk@git.imagemagick.org>
Mon, 19 Mar 2018 22:06:43 +0000 (23:06 +0100)
committer Dirk Lemstra <dirk@git.imagemagick.org>
Mon, 19 Mar 2018 22:06:43 +0000 (23:06 +0100)
diff --git a/coders/rla.c b/coders/rla.c

index 645e856f8bc5ed593a2c6d2fe1a97a0acc2776b8..a34007239cb7915306072142d543eabd745e107e 100644 (file)
--- a/coders/rla.c
+++ b/coders/rla.c
@@ -216,7 +216,11 @@ static Image *ReadRLAImage(const ImageInfo *image_info,ExceptionInfo *exception)
    rla_info.frame=(short) ReadBlobMSBShort(image);
    rla_info.storage_type=(short) ReadBlobMSBShort(image);
    rla_info.number_channels=(short) ReadBlobMSBShort(image);
+  if (rla_info.number_channels < 0)
+    ThrowReaderException(CorruptImageError,"ImproperImageHeader");
    rla_info.number_matte_channels=(short) ReadBlobMSBShort(image);
+  if (rla_info.number_matte_channels < 0)
+    ThrowReaderException(CorruptImageError,"ImproperImageHeader");
    if (rla_info.number_channels == 0)
      rla_info.number_channels=3;
    rla_info.number_channels+=rla_info.number_matte_channels;
author	Dirk Lemstra <dirk@git.imagemagick.org>
	Mon, 19 Mar 2018 22:06:43 +0000 (23:06 +0100)
committer	Dirk Lemstra <dirk@git.imagemagick.org>
	Mon, 19 Mar 2018 22:06:43 +0000 (23:06 +0100)