packages/GraphicsMagick
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
GraphicsMagick/CVE-2025-27795.patch
starlet-dx 41cef0daf4 Fix CVE-2025-27795 and CVE-2025-32460 
(cherry picked from commit 7076d624188a087c4a0c9724790bc46f9ad97312)
2025-04-29 10:31:08 +08:00

39 lines
1.5 KiB
Diff
Raw Blame History

From: Bob Friesenhahn <bfriesen@GraphicsMagick.org>
Date: Mon, 9 Sep 2024 08:01:43 -0500
Subject: ReadJXLImage(): Apply image dimension resource limits. Addresses
oss-fuzz Issue 69728
Backported to Debian by Carlos Henrique Lima Melara <charles@debian.org>
Changes:
- Drop changes to changelog and version files.
Origin: upstream, https://foss.heptapod.net/graphicsmagick/graphicsmagick/-/commit/9bbae7314e3c3b19b830591010ed90bb136b9c42
Bug-Debian: https://bugs.debian.org/1099955
Last-Update: 2025-03-31
---
coders/jxl.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/coders/jxl.c b/coders/jxl.c
index b8a85fd..8a370fe 100644
--- a/coders/jxl.c
+++ b/coders/jxl.c
@@ -531,6 +531,7 @@ static Image *ReadJXLImage(const ImageInfo *image_info,
basic_info.alpha_bits, basic_info.num_color_channels,
basic_info.have_animation == JXL_FALSE ? "False" : "True");
}
+
if (basic_info.num_extra_channels)
{
size_t index;
@@ -579,6 +580,9 @@ static Image *ReadJXLImage(const ImageInfo *image_info,
image->orientation=convert_orientation(basic_info.orientation);
+ if (CheckImagePixelLimits(image, exception) != MagickPass)
+ ThrowJXLReaderException(ResourceLimitError,ImagePixelLimitExceeded,image);
+
pixel_format.endianness=JXL_NATIVE_ENDIAN;
pixel_format.align=0;
if (basic_info.num_color_channels == 1)
Reference in New Issue View Git Blame Copy Permalink