From 43d92bf855155e8e716ecbb50ed94c2ed41ff9f6 Mon Sep 17 00:00:00 2001 From: Dirk Lemstra Date: Thu, 14 Aug 2025 21:21:59 +0200 Subject: [PATCH] Added checks for invalid with or height to ThumbnailImage (https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-fh55-q5pj-pxgw) --- MagickCore/resize.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/MagickCore/resize.c b/MagickCore/resize.c index d1744ea365..0a0c60aabe 100644 --- a/MagickCore/resize.c +++ b/MagickCore/resize.c @@ -4613,6 +4613,8 @@ MagickExport Image *ThumbnailImage(const Image *image,const size_t columns, assert(exception->signature == MagickCoreSignature); if (IsEventLogging() != MagickFalse) (void) LogMagickEvent(TraceEvent,GetMagickModule(),"%s",image->filename); + if ((columns == 0) || (rows == 0)) + ThrowImageException(ImageError,"NegativeOrZeroImageSize"); thumbnail_image=CloneImage(image,0,0,MagickTrue,exception); if (thumbnail_image == (Image *) NULL) return(thumbnail_image);