https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=29626).
* Don't interpret -fx option arguments (reference
https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=29774);
+ * Add additional checks to DCM reader to prevent data-driven faults (bug
+ report from Hanno Böck).
2016-05-21 7.0.1-6 Cristy <quetzlzacatenango@image...>
* Release ImageMagick version 7.0.1-6, GIT revision 18241:d4f277c:20160521.
/*
Photometric interpretation.
*/
+ if (data == (unsigned char *) NULL)
+ break;
for (i=0; i < (ssize_t) MagickMin(length,MagickPathExtent-1); i++)
photometric[i]=(char) data[i];
photometric[i]='\0';
/*
Number of frames.
*/
+ if (data == (unsigned char *) NULL)
+ break;
number_scenes=StringToUnsignedLong((char *) data);
break;
}
if (scale == (Quantum *) NULL)
ThrowReaderException(ResourceLimitError,"MemoryAllocationFailed");
range=GetQuantumRange(depth);
- for (i=0; i < (ssize_t) (GetQuantumRange(depth)+1); i++)
+ for (i=0; i <= (ssize_t) GetQuantumRange(depth); i++)
scale[i]=ScaleAnyToQuantum((size_t) i,range);
}
if (image->compression == RLECompression)
pixel.blue&=mask;
if (scale != (Quantum *) NULL)
{
- pixel.red=scale[pixel.red];
- pixel.green=scale[pixel.green];
- pixel.blue=scale[pixel.blue];
+ if (pixel.red <= GetQuantumRange(depth))
+ pixel.red=scale[pixel.red];
+ if (pixel.green <= GetQuantumRange(depth))
+ pixel.green=scale[pixel.green];
+ if (pixel.blue <= GetQuantumRange(depth))
+ pixel.blue=scale[pixel.blue];
}
}
SetPixelRed(image,(Quantum) pixel.red,q);
projects / imagemagick / commitdiff