# HG changeset patch
# User John Beck <John.Beck@Oracle.COM>
# Date 1469798260 25200
# Node ID 87c70791856554d96e073efa08b896a3853c5c10
# Parent  8f23248b161cfe8e08a8cea6f0436d1eb4d2a949
24374851 problem in UTILITY/IMAGEMAGICK

diff -r 8f23248b161c -r 87c707918565 components/imagemagick/patches/CVE-2016-6491.patch
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/imagemagick/patches/CVE-2016-6491.patch	Fri Jul 29 06:17:40 2016 -0700
@@ -0,0 +1,19 @@
+This patch comes from upstream:
+https://github.com/ImageMagick/ImageMagick/commit/dd84447b63a71fa8c3f47071b09454efc667767b
+It can be removed once we upgrade to a release that has the fix, presumably
+version 6.9.5-4 or later.
+
+--- ImageMagick-6.9.5/magick/property.c.orig	2016-06-26 17:40:19.000000000 -0700
++++ ImageMagick-6.9.5/magick/property.c	2016-07-29 05:56:23.858967297 -0700
+@@ -638,6 +638,11 @@
+     if ((count & 0x01) == 0)
+       (void) ReadPropertyByte(&info,&length);
+     count=(ssize_t) ReadPropertyMSBLong(&info,&length);
++    if ((count < 0) || ((size_t) count > length))
++      {
++        length=0; 
++        continue;
++      }
+     if ((*name != '\0') && (*name != '#'))
+       if ((resource == (char *) NULL) || (LocaleCompare(name,resource) != 0))
+         {