--- a/ChangeLog Mon Jul 31 09:35:26 2017 -0400
+++ b/ChangeLog Mon Jul 31 21:49:45 2017 -0500
@@ -1,3 +1,9 @@
+2017-07-31 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
+
+ * coders/sun.c: Fix heap read overflow while indexing into
+ colormap. Problem was reported via email on 17 Jul 2017 by
+ Agostino Sarubbo.
+
2017-07-31 Glenn Randers-Pehrson <glennrp@simple.dallas.tx.us>
* coders/png.c (ReadMNGImage): Stop a leak when rejecting a
--- a/VisualMagick/installer/inc/version.isx Mon Jul 31 09:35:26 2017 -0400
+++ b/VisualMagick/installer/inc/version.isx Mon Jul 31 21:49:45 2017 -0500
@@ -10,5 +10,5 @@
#define public MagickPackageName "GraphicsMagick"
#define public MagickPackageVersion "1.4"
-#define public MagickPackageVersionAddendum ".020170726"
-#define public MagickPackageReleaseDate "snapshot-20170726"
+#define public MagickPackageVersionAddendum ".020170731"
+#define public MagickPackageReleaseDate "snapshot-20170731"
--- a/coders/sun.c Mon Jul 31 09:35:26 2017 -0400
+++ b/coders/sun.c Mon Jul 31 21:49:45 2017 -0500
@@ -1,5 +1,5 @@
/*
-% Copyright (C) 2003-2015 GraphicsMagick Group
+% Copyright (C) 2003-2017 GraphicsMagick Group
% Copyright (C) 2002 ImageMagick Studio
% Copyright 1991-1999 E. I. du Pont de Nemours and Company
%
@@ -577,6 +577,7 @@
for (bit=7; bit >= 0; bit--)
{
index=((*p) & (0x01 << bit) ? 0x01 : 0x00);
+ VerifyColormapIndex(image,index);
indexes[x+7-bit]=index;
q[x+7-bit]=image->colormap[index];
}
@@ -587,6 +588,7 @@
for (bit=7; bit >= (long) (8-(image->columns % 8)); bit--)
{
index=((*p) & (0x01 << bit) ? 0x01 : 0x00);
+ VerifyColormapIndex(image,index);
indexes[x+7-bit]=index;
q[x+7-bit]=image->colormap[index];
}
--- a/magick/version.h Mon Jul 31 09:35:26 2017 -0400
+++ b/magick/version.h Mon Jul 31 21:49:45 2017 -0500
@@ -38,8 +38,8 @@
#define MagickLibVersion 0x191600
#define MagickLibVersionText "1.4"
#define MagickLibVersionNumber 19,16,0
-#define MagickChangeDate "20170726"
-#define MagickReleaseDate "snapshot-20170726"
+#define MagickChangeDate "20170731"
+#define MagickReleaseDate "snapshot-20170731"
/*
The MagickLibInterfaceNewest and MagickLibInterfaceOldest defines
--- a/www/Changelog.html Mon Jul 31 09:35:26 2017 -0400
+++ b/www/Changelog.html Mon Jul 31 21:49:45 2017 -0500
@@ -35,6 +35,21 @@
<div class="document">
+<p>2017-07-31 Bob Friesenhahn <<a class="reference external" href="mailto:bfriesen%40simple.dallas.tx.us">bfriesen<span>@</span>simple<span>.</span>dallas<span>.</span>tx<span>.</span>us</a>></p>
+<blockquote>
+<ul class="simple">
+<li>coders/sun.c: Fix heap read overflow while indexing into
+colormap. Problem was reported via email on 17 Jul 2017 by
+Agostino Sarubbo.</li>
+</ul>
+</blockquote>
+<p>2017-07-31 Glenn Randers-Pehrson <<a class="reference external" href="mailto:glennrp%40simple.dallas.tx.us">glennrp<span>@</span>simple<span>.</span>dallas<span>.</span>tx<span>.</span>us</a>></p>
+<blockquote>
+<ul class="simple">
+<li>coders/png.c (ReadMNGImage): Stop a leak when rejecting a
+MNG image with dimensions that are too large.</li>
+</ul>
+</blockquote>
<p>2017-07-26 Bob Friesenhahn <<a class="reference external" href="mailto:bfriesen%40simple.dallas.tx.us">bfriesen<span>@</span>simple<span>.</span>dallas<span>.</span>tx<span>.</span>us</a>></p>
<blockquote>
<ul class="simple">