You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
So a crafted parameter may trigger undefined behavior in the form of division by zero. Maybe there need a PerceptibleReciprocal() to do division in line 3363.
The text was updated successfully, but these errors were encountered:
CVE-2021-20309 has been assigned for it. We could find description on Red Hat Bugzilla.
However, the cve mitre database still shows that it is RESERVED.
Prerequisites
Description
When the
wave_length
parameter was set to zero, a division by zero error would happen in line 3363.ImageMagick/MagickCore/visual-effects.c
Line 3363 in af1e00d
Notice that
wave_length
is the parameter of theWaveImage
function without any check:ImageMagick/MagickCore/visual-effects.c
Lines 3293 to 3295 in af1e00d
So a crafted parameter may trigger undefined behavior in the form of division by zero. Maybe there need a PerceptibleReciprocal() to do division in line 3363.
The text was updated successfully, but these errors were encountered: