]> granicus.if.org Git - imagemagick/commitdiff
projects / imagemagick / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: c0e2b95)
Fix for overflow in corrupt image.
authordirk <dirk@git.imagemagick.org>
Thu, 18 Sep 2014 10:57:30 +0000 (10:57 +0000)
committerdirk <dirk@git.imagemagick.org>
Thu, 18 Sep 2014 10:57:30 +0000 (10:57 +0000)
coders/jpeg.c patch | blob | history

diff --git a/coders/jpeg.c b/coders/jpeg.c
index 5967254b629c81d856468b13306e03374f1d7a4f..3611db26427a8e485686746af0dfcfa5b0987709 100644 (file)
--- a/coders/jpeg.c
+++ b/coders/jpeg.c
@@ -414,9 +414,9 @@ static boolean ReadComment(j_decompress_ptr jpeg_info)
   image=error_manager->image;
   length=(size_t) ((size_t) GetCharacter(jpeg_info) << 8);
   length+=GetCharacter(jpeg_info);
-  length-=2;
-  if (length <= 0)
+  if (length <= 2)
     return(TRUE);
+  length-=2;
   comment=BlobToStringInfo((const void *) NULL,length);
   if (comment == (StringInfo *) NULL)
     {
Unnamed repository; edit this file 'description' to name the repository.