Skip to content
Snippets Groups Projects

Backport v2024 <- v2025pre: Update from debian/bookworm

Merged Dylan Aïssi requested to merge apertis/v2025pre into apertis/v2024-updates
24 files
+ 889
2
Compare changes
  • Side-by-side
  • Inline
Files
24
From: Cristy <urban-warrior@imagemagick.org>
Date: Tue, 23 Apr 2024 18:19:24 -0400
Subject: CVE-2023-34151: properly cast double to size_t
bug: https://github.com/ImageMagick/ImageMagick/issues/6341
bug-debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070340
forgot to cast double to unsigned int
origin: https://github.com/ImageMagick/ImageMagick6/commit/be15ac962dea19536be1009d157639030fc42be9.patch
---
coders/mvg.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/coders/mvg.c b/coders/mvg.c
index 2d503e1..d8e793e 100644
--- a/coders/mvg.c
+++ b/coders/mvg.c
@@ -191,8 +191,8 @@ static Image *ReadMVGImage(const ImageInfo *image_info,ExceptionInfo *exception)
96.0;
draw_info->affine.sy=image->y_resolution == 0.0 ? 1.0 : image->y_resolution/
96.0;
- image->columns=(size_t) (draw_info->affine.sx*image->columns);
- image->rows=(size_t) (draw_info->affine.sy*image->rows);
+ image->columns=CastDoubleToUnsigned(draw_info->affine.sx*image->columns);
+ image->rows=CastDoubleToUnsigned(draw_info->affine.sy*image->rows);
status=SetImageExtent(image,image->columns,image->rows);
if (status == MagickFalse)
{
Loading