Commit 2fd447c54 for imagemagick.org

commit 2fd447c5475aa7c1a2093b857d96af220473b11b
Author: dxbjavid <dxbjavid@gmail.com>
Date:   Sat May 23 19:53:33 2026 +0530

    reject farbfeld files with zero columns or rows (#8750)

    The header dimensions are read directly from the blob and then control
    the ping early-return path, which lets a 16-byte file with width=0 or
    height=0 succeed and surface as a 0x0 image to callers. SetImageExtent
    already rejects this on the non-ping path. Same bug class as the recent
    DCM fix in 84fbcef (GHSA-8pj9-6897-74xc).

diff --git a/coders/farbfeld.c b/coders/farbfeld.c
index a343ccac6..3cce83531 100644
--- a/coders/farbfeld.c
+++ b/coders/farbfeld.c
@@ -181,6 +181,8 @@ static Image *ReadFARBFELDImage(const ImageInfo *image_info,
     ThrowReaderException(CorruptImageError,"ImproperImageHeader");
   image->columns=(size_t) ReadBlobLong(image);
   image->rows=(size_t) ReadBlobLong(image);
+  if ((image->columns == 0) || (image->rows == 0))
+    ThrowReaderException(CorruptImageError,"ImproperImageHeader");
   image->alpha_trait=BlendPixelTrait;
   if (image_info->ping != MagickFalse)
     {