Re: imagemagick CVE-2016-4562, CVE-2016-4563, CVE-2016-4564
Brian May <bam@debian.org> writes:
> DrawDashPolygon had the following change:
>
> - for (i=1; (i < number_vertices) && (length >= 0.0); i++)
> + for (i=1; (i < (ssize_t) number_vertices) && (length >= 0.0); i++)
Actually just noticed this change is a NOP. Both i and number_vertices
are of type size_t.
> Alternatively, DrawDashPolygon uses DrawStrokePolygon a lot, which in
> turn uses TraceStrokePolygon, which gets on to the next CVE:
> Am inclined to:
>
> 1. Patch TraceStrokePolygon.
> 2. Mark CVE-2016-4563 as fixed in wheezy (but this does not mean it is
> fixed in Jessie or above - probably need to check the Jessie version first).
> 3. Mark CVE-2016-4562 as not vulnerable.
I will leave CVE-2016-4562 as vulerable. It is possible that the fixes
to TraceStrokePolygon fixed this as well as CVE-2016-4563, but we can't
tell that for certain.
> 4. Leave CVE-2016-4564 as vulnerable.
--
Brian May <bam@debian.org>
Reply to: