Commit 23fde7318 for imagemagick.org

commit 23fde73188ea32c15b607571775d4f92bdb75e60
Author: Dirk Lemstra <dirk@lemstra.org>
Date:   Fri Feb 6 22:21:19 2026 +0100

    Added extra check to prevent out of bounds heap write on 32-bit systems (GHSA-6j5f-24fw-pqp4)

diff --git a/coders/sun.c b/coders/sun.c
index 41c9194ab..0a28256e9 100644
--- a/coders/sun.c
+++ b/coders/sun.c
@@ -469,6 +469,11 @@ static Image *ReadSUNImage(const ImageInfo *image_info,ExceptionInfo *exception)
         sun_data=(unsigned char *) RelinquishMagickMemory(sun_data);
         ThrowReaderException(ResourceLimitError,"ImproperImageHeader");
       }
+    if (image->rows > (MAGICK_SIZE_MAX - pixels_length))
+      {
+        sun_data=(unsigned char *) RelinquishMagickMemory(sun_data);
+        ThrowReaderException(ResourceLimitError,"ImproperImageHeader");
+      }
     sun_pixels=(unsigned char *) AcquireQuantumMemory(pixels_length+image->rows,
       sizeof(*sun_pixels));
     if (sun_pixels == (unsigned char *) NULL)