From e599524407b8a8897d7a8cd01cf59a10d2226d85 Mon Sep 17 00:00:00 2001
From: Cristy <urban-warrior@imagemagick.org>
Date: Fri, 30 Nov 2018 19:15:39 -0500
Subject: [PATCH] https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=11614

---
 coders/cube.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/coders/cube.c b/coders/cube.c
index 26eefa90a..12ace853a 100644
--- a/coders/cube.c
+++ b/coders/cube.c
@@ -161,7 +161,7 @@ static Image *ReadCUBEImage(const ImageInfo *image_info,
     if (LocaleCompare(token,"LUT_1D_SIZE") == 0)
       {
         red_columns=(ssize_t) StringToLong(value);
-        if (red_columns > 65535)
+        if ((red_columns < 0) || (red_columns > 65535))
           {
             cube_buffer=DestroyString(cube_buffer);
             ThrowReaderException(CorruptImageError,"ImproperImageHeader");
@@ -172,7 +172,7 @@ static Image *ReadCUBEImage(const ImageInfo *image_info,
     if (LocaleCompare(token,"LUT_3D_SIZE") == 0)
       {
         red_columns=(ssize_t) StringToLong(value);
-        if (red_columns > 256)
+        if ((red_columns < 0) || (red_columns > 256))
           {
             cube_buffer=DestroyString(cube_buffer);
             ThrowReaderException(CorruptImageError,"ImproperImageHeader");
-- 
2.40.0