From: Cristy <urban-warrior@imagemagick.org>
Date: Sun, 28 Jan 2018 21:39:12 +0000 (-0500)
Subject: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5781
X-Git-Tag: 7.0.7-23~228
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=06dcb7a8b9543cefcbc867d85624bbb0bcf35ca8;p=imagemagick

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5781
---

diff --git a/coders/sixel.c b/coders/sixel.c
index 01dfa8d93..edce7ba4f 100644
--- a/coders/sixel.c
+++ b/coders/sixel.c
@@ -245,8 +245,9 @@ MagickBooleanType sixel_decode(unsigned char              /* in */  *p,
     int imsx, imsy;
     int dmsx, dmsy;
     int y;
-    size_t offset;
+    size_t extent,offset;
 
+    extent=strlen((char *) p);
     posision_x = posision_y = 0;
     max_x = max_y = 0;
     attributed_pan = 2;
@@ -380,6 +381,8 @@ MagickBooleanType sixel_decode(unsigned char              /* in */  *p,
 
             if ((n > 0) && (param[0] > 0)) {
                 repeat_count = param[0];
+                if (repeat_count > extent)
+                  break;
             }
 
         } else if (*p == '#') {