Package: imagemagick
Severity: important
Tags: security patch
imagemagick can be tricked into an endless loop through xwd images with crafted
images. Attached patch, as found in Ubuntu's fix and originally taken from
upstream's SVN, fixes this issue.
Cheers,
Moritz
-- System Information:
Debian Release: 3.0
Architecture: i386
Kernel: Linux anton 2.4.29-univention.1 #1 SMP Thu Jan 27 17:08:46 CET 2005 i686
Locale: [EMAIL PROTECTED], [EMAIL PROTECTED]
-- debconf-show failed
--- imagemagick-6.0.6.2.orig/coders/xwd.c
+++ imagemagick-6.0.6.2/coders/xwd.c
@@ -345,21 +345,21 @@
*/
red_mask=ximage->red_mask;
red_shift=0;
- while ((red_mask & 0x01) == 0)
+ while ((red_mask != 0) && (red_mask & 0x01) == 0)
{
red_mask>>=1;
red_shift++;
}
green_mask=ximage->green_mask;
green_shift=0;
- while ((green_mask & 0x01) == 0)
+ while ((green_mask != 0) && (green_mask & 0x01) == 0)
{
green_mask>>=1;
green_shift++;
}
blue_mask=ximage->blue_mask;
blue_shift=0;
- while ((blue_mask & 0x01) == 0)
+ while ((blue_mask != 0) && (blue_mask & 0x01) == 0)
{
blue_mask>>=1;
blue_shift++;
