From c789a34b3c62b84128171fbd7308359530f57776 Mon Sep 17 00:00:00 2001
From: Dirk Lemstra <dirk@git.imagemagick.org>
Date: Sun, 28 Jan 2018 14:05:40 +0100
Subject: [PATCH] Fixed bounds checking when setting the filename.

---
 Magick++/lib/Image.cpp   | 11 +++++++++--
 Magick++/lib/Options.cpp | 10 +++++++---
 2 files changed, 16 insertions(+), 5 deletions(-)

diff --git a/Magick++/lib/Image.cpp b/Magick++/lib/Image.cpp
index 1aadf87c4..362993168 100644
--- a/Magick++/lib/Image.cpp
+++ b/Magick++/lib/Image.cpp
@@ -757,10 +757,17 @@ Magick::Blob Magick::Image::exifProfile(void) const
 
 void Magick::Image::fileName(const std::string &fileName_)
 {
+  ssize_t
+    max_length;
+
   modifyImage();
 
-  fileName_.copy(image()->filename,sizeof(image()->filename)-1);
-  image()->filename[fileName_.length()]=0; // Null terminate
+  max_length=sizeof(image()->filename)-1;
+  fileName_.copy(image()->filename,max_length);
+  if (fileName_.length() > max_length)
+    image()->filename[max_length]=0;
+  else
+    image()->filename[fileName_.length()]=0;
 
   options()->fileName(fileName_);
 }
diff --git a/Magick++/lib/Options.cpp b/Magick++/lib/Options.cpp
index bacf348a2..a6d9027dc 100644
--- a/Magick++/lib/Options.cpp
+++ b/Magick++/lib/Options.cpp
@@ -223,9 +223,13 @@ FILE *Magick::Options::file(void) const
 
 void Magick::Options::fileName(const std::string &fileName_)
 {
-  fileName_.copy(_imageInfo->filename,MagickPathExtent-1);
-  if (fileName_.length() > MagickPathExtent-1)
-    _imageInfo->filename[MagickPathExtent-1]=0;
+  ssize_t
+    max_length;
+
+  max_length=sizeof(_imageInfo->filename)-1;
+  fileName_.copy(_imageInfo->filename,max_length);
+  if (fileName_.length() > max_length)
+    _imageInfo->filename[max_length]=0;
   else
     _imageInfo->filename[fileName_.length()]=0;
 }
-- 
2.50.0