1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
|
From: Dirk Lemstra <dirk@lemstra.org>
Date: Thu, 14 Aug 2025 21:21:59 +0200
Subject: CVE-2025-55212
Added checks for invalid with or height to ThumbnailImage (https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-fh55-q5pj-pxgw)
origin: https://github.com/ImageMagick/ImageMagick/commit/43d92bf855155e8e716ecbb50ed94c2ed41ff9f6.patch
bug: https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-fh55-q5pj-pxgw
---
MagickCore/resize.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/MagickCore/resize.c b/MagickCore/resize.c
index 381b3a6..4ee2b16 100644
--- a/MagickCore/resize.c
+++ b/MagickCore/resize.c
@@ -4590,6 +4590,8 @@ MagickExport Image *ThumbnailImage(const Image *image,const size_t columns,
assert(exception->signature == MagickCoreSignature);
if (IsEventLogging() != MagickFalse)
(void) LogMagickEvent(TraceEvent,GetMagickModule(),"%s",image->filename);
+ if ((columns == 0) || (rows == 0))
+ ThrowImageException(ImageError,"NegativeOrZeroImageSize");
thumbnail_image=CloneImage(image,0,0,MagickTrue,exception);
if (thumbnail_image == (Image *) NULL)
return(thumbnail_image);
|
