From f37718c9ed1ce8f2c2f35cf9a6e2266d61bd2982 Mon Sep 17 00:00:00 2001
From: Dirk Lemstra <dirk@git.imagemagick.org>
Date: Sun, 1 Apr 2018 15:04:34 +0200
Subject: [PATCH] Fixed boundary check
 (https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=7263)

---
 coders/webp.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/coders/webp.c b/coders/webp.c
index 58693d9f4..273fa98dd 100644
--- a/coders/webp.c
+++ b/coders/webp.c
@@ -189,7 +189,7 @@ static MagickBooleanType IsWEBPImageLossless(const unsigned char *stream,
     Read extended header.
   */
   offset=RIFF_HEADER_SIZE+TAG_SIZE+CHUNK_SIZE_BYTES+VP8X_CHUNK_SIZE;
-  while (offset <= (ssize_t) (length-TAG_SIZE))
+  while (offset+TAG_SIZE <= (ssize_t) (length-TAG_SIZE))
   {
     uint32_t
       chunk_size,
-- 
2.40.0