From: Dirk Lemstra <dirk@git.imagemagick.org>
Date: Sat, 3 Feb 2018 09:59:52 +0000 (+0100)
Subject: Added missing decrement of length
X-Git-Tag: 7.0.7-23~178
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=5bc30bca36d7deb3bb1b239d163e92a1c3a98b0a;p=imagemagick

Added missing decrement of length
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5334
Credit OSS Fuzz
---

diff --git a/MagickCore/profile.c b/MagickCore/profile.c
index 4ad7245fc..7133225d4 100644
--- a/MagickCore/profile.c
+++ b/MagickCore/profile.c
@@ -1856,6 +1856,7 @@ static MagickBooleanType Sync8BimProfile(Image *image,StringInfo *profile)
     if ((count > (ssize_t) length) || (count < 0))
       return(MagickFalse);
     p+=count;
+    length-=count;
     if ((*p & 0x01) == 0)
       (void) ReadProfileByte(&p,&length);
     count=(ssize_t) ReadProfileMSBLong(&p,&length);