From a10e0c9ba54f00b334188f78dd82e1e54f7c0199 Mon Sep 17 00:00:00 2001
From: Bob Friesenhahn <bfriesen@GraphicsMagick.org>
Date: Mon, 9 Sep 2024 08:01:43 -0500
Subject: [PATCH] ReadJXLImage(): Apply image dimension resource limits.
 Addresses oss-fuzz Issue 69728

Backported to Debian by Carlos Henrique Lima Melara <charles@debian.org>

Changes:
 - Drop changes to changelog and version files.
Origin: upstream, https://foss.heptapod.net/graphicsmagick/graphicsmagick/-/commit/9bbae7314e3c3b19b830591010ed90bb136b9c42
Bug-Debian: https://bugs.debian.org/1099955
Last-Update: 2025-03-31

Gbp-Pq: Name CVE-2025-27795.patch
---
 coders/jxl.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/coders/jxl.c b/coders/jxl.c
index b8a85fd..8a370fe 100644
--- a/coders/jxl.c
+++ b/coders/jxl.c
@@ -531,6 +531,7 @@ static Image *ReadJXLImage(const ImageInfo *image_info,
                                       basic_info.alpha_bits, basic_info.num_color_channels,
                                       basic_info.have_animation == JXL_FALSE ? "False" : "True");
               }
+
             if (basic_info.num_extra_channels)
               {
                 size_t index;
@@ -579,6 +580,9 @@ static Image *ReadJXLImage(const ImageInfo *image_info,
 
             image->orientation=convert_orientation(basic_info.orientation);
 
+            if (CheckImagePixelLimits(image, exception) != MagickPass)
+              ThrowJXLReaderException(ResourceLimitError,ImagePixelLimitExceeded,image);
+
             pixel_format.endianness=JXL_NATIVE_ENDIAN;
             pixel_format.align=0;
             if (basic_info.num_color_channels == 1)
-- 
2.30.2