From 8d43799660bd304a03afe4bb144fc68d4f3cc091 Mon Sep 17 00:00:00 2001
From: wk333 <13474090681@163.com>
Date: Mon, 24 Jul 2023 10:29:35 +0800
Subject: [PATCH] Fix CVE-2023-3428

(cherry picked from commit 9203fef42e5063f4973c3923c8aebda7ce133682)
---
 CVE-2023-3428.patch | 25 +++++++++++++++++++++++++
 ImageMagick.spec    |  6 +++++-
 2 files changed, 30 insertions(+), 1 deletion(-)
 create mode 100644 CVE-2023-3428.patch

diff --git a/CVE-2023-3428.patch b/CVE-2023-3428.patch
new file mode 100644
index 0000000..4b406fb
--- /dev/null
+++ b/CVE-2023-3428.patch
@@ -0,0 +1,25 @@
+From a531d28e31309676ce8168c3b6dbbb5374b78790 Mon Sep 17 00:00:00 2001
+From: Cristy <urban-warrior@imagemagick.org>
+Date: Mon, 26 Jun 2023 19:38:12 -0400
+Subject: [PATCH] heap-buffer-overflow in ImageMagick <= 7.1.1-12, contributed
+ by Hardik shah of Vehere (Dawn Treaders team)
+
+Origin: https://github.com/ImageMagick/ImageMagick/commit/a531d28e31309676ce8168c3b6dbbb5374b78790
+
+---
+ coders/tiff.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/coders/tiff.c b/coders/tiff.c
+index 9e0d0b1201..df4274cacd 100644
+--- a/coders/tiff.c
++++ b/coders/tiff.c
+@@ -2010,7 +2010,7 @@ static Image *ReadTIFFImage(const ImageInfo *image_info,
+         number_pixels=(MagickSizeType) columns*rows;
+         if (HeapOverflowSanityCheck(rows,sizeof(*tile_pixels)) != MagickFalse)
+           ThrowTIFFException(ResourceLimitError,"MemoryAllocationFailed");
+-        extent=4*(samples_per_pixel+1)*MagickMax(rows*TIFFTileRowSize(tiff),
++        extent=4*(samples_per_pixel+1)*MagickMax((rows+1)*TIFFTileRowSize(tiff),
+           TIFFTileSize(tiff));
+         tile_pixels=(unsigned char *) AcquireQuantumMemory(extent,
+           sizeof(*tile_pixels));
diff --git a/ImageMagick.spec b/ImageMagick.spec
index da92e23..9e6140d 100644
--- a/ImageMagick.spec
+++ b/ImageMagick.spec
@@ -1,7 +1,7 @@
 Name:           ImageMagick
 Epoch:          1
 Version:        7.1.1.8
-Release:        3
+Release:        4
 Summary:        Create, edit, compose, or convert bitmap images
 License:        ImageMagick and MIT
 Url:            http://www.imagemagick.org/
@@ -9,6 +9,7 @@ Source0:        https://github.com/ImageMagick/ImageMagick/archive/refs/tags/7.1
 Patch0:         CVE-2023-34151.patch
 Patch1:         CVE-2023-34153.patch
 Patch2:         CVE-2023-34474-and-CVE-2023-34475.patch
+Patch3:         CVE-2023-3428.patch
 
 BuildRequires:  bzip2-devel freetype-devel libjpeg-devel libpng-devel perl-generators
 BuildRequires:  libtiff-devel giflib-devel zlib-devel perl-devel >= 5.8.1 jbigkit-devel
@@ -163,6 +164,9 @@ rm PerlMagick/demo/Generic.ttf
 %{_libdir}/pkgconfig/ImageMagick*
 
 %changelog
+* Mon Jul 24 2023 wangkai <13474090681@163.com> - 1:7.1.1.8-4
+- Fix CVE-2023-3428
+
 * Thu Jun 29 2023 wangkai <13474090681@163.com> - 1:7.1.1.8-3
 - Fix CVE-2023-34474 and CVE-2023-34475
 
-- 
Gitee