https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5416

author Cristy <urban-warrior@imagemagick.org>

Tue, 6 Feb 2018 01:06:01 +0000 (20:06 -0500)

committer Cristy <urban-warrior@imagemagick.org>

Tue, 6 Feb 2018 01:06:01 +0000 (20:06 -0500)
author Cristy <urban-warrior@imagemagick.org>
Tue, 6 Feb 2018 01:06:01 +0000 (20:06 -0500)
committer Cristy <urban-warrior@imagemagick.org>
Tue, 6 Feb 2018 01:06:01 +0000 (20:06 -0500)
diff --git a/coders/jnx.c b/coders/jnx.c

index dea645f799d56555df0e681386a4611136701593..aa003684baffca8fe4e620c7d59cbea4dfd7f140 100644 (file)
--- a/coders/jnx.c
+++ b/coders/jnx.c
@@ -281,6 +281,8 @@ static Image *ReadJNXImage(const ImageInfo *image_info,ExceptionInfo *exception)
        /*
          Read a tile.
        */
+      if (((MagickSizeType) tile_length) > GetBlobSize(image))
+        ThrowReaderException(CorruptImageError,"InsufficientImageDataInFile");
        blob=(unsigned char *) AcquireQuantumMemory((size_t) tile_length+2,
          sizeof(*blob));
        if (blob == (unsigned char *) NULL)
author	Cristy <urban-warrior@imagemagick.org>
	Tue, 6 Feb 2018 01:06:01 +0000 (20:06 -0500)
committer	Cristy <urban-warrior@imagemagick.org>
	Tue, 6 Feb 2018 01:06:01 +0000 (20:06 -0500)