From d568265a5114366a2a9b433e2ebf3dfca2318d33 Mon Sep 17 00:00:00 2001
From: Cristy <mikayla-grace@urban-warrior.org>
Date: Wed, 6 Feb 2019 19:42:35 -0500
Subject: [PATCH] https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12914

---
 coders/xcf.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/coders/xcf.c b/coders/xcf.c
index ff5c283f5..a4b06bd1c 100644
--- a/coders/xcf.c
+++ b/coders/xcf.c
@@ -744,7 +744,7 @@ static MagickBooleanType load_level(Image *image,XCFDocInfo *inDocInfo,
     if (offset2 == 0)
       offset2=(MagickOffsetType) (offset + TILE_WIDTH * TILE_WIDTH * 4* 1.5);
     /* seek to the tile offset */
-    if (SeekBlob(image, offset, SEEK_SET) != offset)
+    if ((offset > offset2) || (SeekBlob(image, offset, SEEK_SET) != offset))
       ThrowBinaryException(CorruptImageError,"InsufficientImageDataInFile",
         image->filename);
 
-- 
2.40.0