[ Y ] I have verified that I am using the latest version of ImageMagick
[ Y ] I have searched open and closed issues to ensure it has not already been reported
Description
There are two missing check for number_colors in function ReadBMPImage of coders/bmp.c and ReadDIBImage of codes/dib.c, which may lead to out-of-memory vulnerability.
Prerequisites
Description
There are two missing check for number_colors in function ReadBMPImage of coders/bmp.c and ReadDIBImage of codes/dib.c, which may lead to out-of-memory vulnerability.
The patch for bmp and dib is similar. Below is the proposal patch for bmp.c.
The text was updated successfully, but these errors were encountered: