New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
CVE-2017-14173: An infinite loop in ReadTXTImage():449, coders/txt.c #713
Comments
|
Thanks for the problem report. We can reproduce it and will have a patch to fix it in GIT master branch @ https://github.com/ImageMagick/ImageMagick later today. The patch will be available in the beta releases of ImageMagick @ https://www.imagemagick.org/download/beta/ by sometime tomorrow. |
|
@shqking Could you put your orginal message back? We did get your email but it is okay to post the message here. We are planning to add a contribution template that explains when you should contact us by e-maill. |
|
Hi all, We found an infinite loop bug in ReadTXTImage():449, coders/txt.c An integer overflow might occur for the addition operation poc: https://github.com/shqking/imagemagick-poc/blob/master/x_txt_poc.txt Note that this issue is found by Xiaohei and Wangchu from Alibaba Security Team. |
|
This is CVE-2017-14173. |
A mistake...
The text was updated successfully, but these errors were encountered: