Dev news

Commit 37ce68eb6 for imagemagick.org

commit 37ce68eb68801fabef535f4ea0c590393ef7f7cf
Author: Cristy <urban-warrior@imagemagick.org>
Date:   Sat Jun 13 10:29:45 2026 -0400

    https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-4gjm-g5ff-2g6r

diff --git a/coders/sun.c b/coders/sun.c
index dd518ed1f..8e75a07bf 100644
--- a/coders/sun.c
+++ b/coders/sun.c
@@ -313,6 +313,8 @@ static Image *ReadSUNImage(const ImageInfo *image_info,ExceptionInfo *exception)
     sun_info.type=ReadBlobMSBLong(image);
     sun_info.maptype=ReadBlobMSBLong(image);
     sun_info.maplength=ReadBlobMSBLong(image);
+    if (EOFBlob(image) != MagickFalse)
+      ThrowReaderException(CorruptImageError,"InsufficientImageDataInFile");
     if (sun_info.maplength > GetBlobSize(image))
       ThrowReaderException(CorruptImageError,"InsufficientImageDataInFile");
     if (HeapOverflowSanityCheckGetSize(sun_info.width,sun_info.height,&extent) != MagickFalse)
@@ -435,7 +437,7 @@ static Image *ReadSUNImage(const ImageInfo *image_info,ExceptionInfo *exception)
       ThrowReaderException(CorruptImageError,"ImproperImageHeader");
     if (HeapOverflowSanityCheckGetSize(sun_info.width,sun_info.depth,&bytes_per_line) != MagickFalse)
       ThrowReaderException(CorruptImageError,"ImproperImageHeader");
-    if ((sun_info.type != RT_ENCODED) && (sun_info.length > GetBlobSize(image)))
+    if (sun_info.length > GetBlobSize(image))
       ThrowReaderException(CorruptImageError,"InsufficientImageDataInFile");
     sun_data=(unsigned char *) AcquireQuantumMemory(sun_info.length,
       sizeof(*sun_data));
@@ -469,7 +471,7 @@ static Image *ReadSUNImage(const ImageInfo *image_info,ExceptionInfo *exception)
         sun_data=(unsigned char *) RelinquishMagickMemory(sun_data);
         ThrowReaderException(ResourceLimitError,"ImproperImageHeader");
       }
-    if (image->rows > (MAGICK_SIZE_MAX - pixels_length))
+    if (image->rows > (MAGICK_SIZE_MAX-pixels_length))
       {
         sun_data=(unsigned char *) RelinquishMagickMemory(sun_data);
         ThrowReaderException(ResourceLimitError,"ImproperImageHeader");
@@ -494,12 +496,6 @@ static Image *ReadSUNImage(const ImageInfo *image_info,ExceptionInfo *exception)
       }
     else
       {
-        if (EOFBlob(image) != MagickFalse)
-          {
-            ThrowFileException(exception,CorruptImageError,"UnexpectedEndOfFile",
-              image->filename);
-            break;
-          }
         if (sun_info.length > (pixels_length+image->rows))
           {
             sun_data=(unsigned char *) RelinquishMagickMemory(sun_data);
@@ -561,7 +557,8 @@ static Image *ReadSUNImage(const ImageInfo *image_info,ExceptionInfo *exception)
               break;
             for (x=0; x < (ssize_t) image->columns; x++)
             {
-              SetPixelIndex(image,(Quantum) ConstrainColormapIndex(image,*p,exception),q);
+              SetPixelIndex(image,(Quantum)
+                ConstrainColormapIndex(image,*p,exception),q);
               p++;
               q+=(ptrdiff_t) GetPixelChannels(image);
             }
@@ -636,6 +633,12 @@ static Image *ReadSUNImage(const ImageInfo *image_info,ExceptionInfo *exception)
     if (image->storage_class == PseudoClass)
       (void) SyncImage(image,exception);
     sun_pixels=(unsigned char *) RelinquishMagickMemory(sun_pixels);
+    if (EOFBlob(image) != MagickFalse)
+      {
+        ThrowFileException(exception,CorruptImageError,"UnexpectedEndOfFile",
+          image->filename);
+        break;
+      }
     /*
       Proceed to next image.
     */