From: Cristy <urban-warrior@imagemagick.org>
Date: Tue, 27 Mar 2018 23:44:25 +0000 (-0400)
Subject: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=7158
X-Git-Tag: 7.0.7-29~288
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=57b2c00cbf5d68cb30cf71b37ccc051d2b87c1a5;p=imagemagick

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=7158
---

diff --git a/coders/heic.c b/coders/heic.c
index f8f337b93..510a05ed1 100644
--- a/coders/heic.c
+++ b/coders/heic.c
@@ -301,7 +301,8 @@ static MagickBooleanType ParseFullBox(Image *image, DataBuffer *db,
   }
 
   for (i = 0; i < MAX_ATOMS_IN_BOX && DBGetSize(db) > 0; i++) {
-    (void) ParseAtom(image, db, ctx, exception);
+    if (ParseAtom(image, db, ctx, exception) == MagickFalse)
+      return MagickFalse;
   }
 
   return MagickTrue;
@@ -314,7 +315,8 @@ static MagickBooleanType ParseBox(Image *image, DataBuffer *db,
     i;
 
   for (i = 0; i < MAX_ATOMS_IN_BOX && DBGetSize(db) > 0; i++) {
-    (void) ParseAtom(image, db, ctx, exception);
+    if (ParseAtom(image, db, ctx, exception) == MagickFalse)
+      break;
   }
 
   return MagickTrue;
@@ -493,7 +495,7 @@ static MagickBooleanType ParseInfeAtom(Image *image, DataBuffer *db,
   /*
      item indicies starts from 1
   */
-  if (id >= (ssize_t) ctx->idsCount) {
+  if (id > (ssize_t) ctx->idsCount) {
     ThrowAndReturn("item id is incorrect");
   }