SFW: Fix Fix heap buffer overflow in SFWScan().
--- a/ChangeLog Mon Nov 06 08:13:49 2017 -0600
+++ b/ChangeLog Mon Nov 06 19:36:06 2017 -0600
@@ -1,3 +1,9 @@
+2017-11-06 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
+
+ * coders/sfw.c (SFWScan): Fix heap buffer overflow
+ (CVE-2017-13134). Notified of problem via email (including a
+ patch) from Petr Gajdos on Mon, 6 Nov 2017.
+
2017-11-05 Fojtik Jaroslav <JaFojtik@seznam.cz>
* coders/wpg.c Wrong MaxMap check condition - fixed.
--- a/VisualMagick/installer/inc/version.isx Mon Nov 06 08:13:49 2017 -0600
+++ b/VisualMagick/installer/inc/version.isx Mon Nov 06 19:36:06 2017 -0600
@@ -10,5 +10,5 @@
#define public MagickPackageName "GraphicsMagick"
#define public MagickPackageVersion "1.4"
-#define public MagickPackageVersionAddendum ".020171105"
-#define public MagickPackageReleaseDate "snapshot-20171105"
+#define public MagickPackageVersionAddendum ".020171106"
+#define public MagickPackageReleaseDate "snapshot-20171106"
--- a/coders/sfw.c Mon Nov 06 08:13:49 2017 -0600
+++ b/coders/sfw.c Mon Nov 06 19:36:06 2017 -0600
@@ -120,18 +120,16 @@
register size_t
i;
- if (p+length < q)
+ while ((p+length) < q)
{
- while( p < q )
- {
- for (i=0; i < length; i++)
- if (p[i] != target[i])
- break;
- if (i == length)
- return((unsigned char *) p);
- p++;
- }
+ for (i=0; i < length; i++)
+ if (p[i] != target[i])
+ break;
+ if (i == length)
+ return((unsigned char *) p);
+ p++;
}
+
return((unsigned char *) NULL);
}
--- a/magick/version.h Mon Nov 06 08:13:49 2017 -0600
+++ b/magick/version.h Mon Nov 06 19:36:06 2017 -0600
@@ -38,8 +38,8 @@
#define MagickLibVersion 0x191600
#define MagickLibVersionText "1.4"
#define MagickLibVersionNumber 19,16,0
-#define MagickChangeDate "20171105"
-#define MagickReleaseDate "snapshot-20171105"
+#define MagickChangeDate "20171106"
+#define MagickReleaseDate "snapshot-20171106"
/*
The MagickLibInterfaceNewest and MagickLibInterfaceOldest defines
--- a/www/Changelog.html Mon Nov 06 08:13:49 2017 -0600
+++ b/www/Changelog.html Mon Nov 06 19:36:06 2017 -0600
@@ -35,6 +35,14 @@
<div class="document">
+<p>2017-11-06 Bob Friesenhahn <<a class="reference external" href="mailto:bfriesen%40simple.dallas.tx.us">bfriesen<span>@</span>simple<span>.</span>dallas<span>.</span>tx<span>.</span>us</a>></p>
+<blockquote>
+<ul class="simple">
+<li>coders/sfw.c (SFWScan): Fix heap buffer overflow
+(CVE-2017-13134). Notified of problem via email (including a
+patch) from Petr Gajdos on Mon, 6 Nov 2017.</li>
+</ul>
+</blockquote>
<p>2017-11-05 Fojtik Jaroslav <<a class="reference external" href="mailto:JaFojtik%40seznam.cz">JaFojtik<span>@</span>seznam<span>.</span>cz</a>></p>
<blockquote>
<ul class="simple">