From 45a6a0dc07d57107f7b8de1cdc2c8c45072eeec4 Mon Sep 17 00:00:00 2001
From: Remi Collet <remi@remirepo.net>
Date: Wed, 23 Jun 2021 17:21:41 +0200
Subject: fix memory corruption using fix from  
 https://github.com/ImageMagick/ImageMagick/pull/3858

---
 3858.patch        | 31 +++++++++++++++++++++++++++++++
 ImageMagick7.spec |  9 ++++++++-
 2 files changed, 39 insertions(+), 1 deletion(-)
 create mode 100644 3858.patch

diff --git a/3858.patch b/3858.patch
new file mode 100644
index 0000000..228c6d8
--- /dev/null
+++ b/3858.patch
@@ -0,0 +1,31 @@
+From f9ca2521de918c342618ee4dc0a01b70c92c024e Mon Sep 17 00:00:00 2001
+From: Remi Collet <remi@remirepo.net>
+Date: Wed, 23 Jun 2021 16:42:15 +0200
+Subject: [PATCH] fix memory corruption in ConcatenateStringInfo
+
+---
+ MagickCore/string.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/MagickCore/string.c b/MagickCore/string.c
+index dccef76a27..691d55034d 100644
+--- a/MagickCore/string.c
++++ b/MagickCore/string.c
+@@ -530,7 +530,6 @@ MagickExport void ConcatenateStringInfo(StringInfo *string_info,
+   length+=source->length;
+   if (~length < MagickPathExtent)
+     ThrowFatalException(ResourceLimitFatalError,"MemoryAllocationFailed");
+-  string_info->length=length;
+   if (string_info->datum == (unsigned char *) NULL)
+     string_info->datum=(unsigned char *) AcquireQuantumMemory(length+
+       MagickPathExtent,sizeof(*string_info->datum));
+@@ -540,7 +539,8 @@ MagickExport void ConcatenateStringInfo(StringInfo *string_info,
+       sizeof(*string_info->datum));
+   if (string_info->datum == (unsigned char *) NULL)
+     ThrowFatalException(ResourceLimitFatalError,"MemoryAllocationFailed");
+-  (void) memcpy(string_info->datum+length,source->datum,source->length);
++  (void) memcpy(string_info->datum+string_info->length,source->datum,source->length);
++  string_info->length=length;
+ }
+ 
+ /*
diff --git a/ImageMagick7.spec b/ImageMagick7.spec
index bbcac2d..38e122c 100644
--- a/ImageMagick7.spec
+++ b/ImageMagick7.spec
@@ -43,7 +43,7 @@ Name:           %{libname}
 Name:           %{libname}7
 %endif
 Version:        %{VER}.%{Patchlevel}
-Release:        1%{?dist}
+Release:        2%{?dist}
 Summary:        An X application for displaying and manipulating images
 License:        ImageMagick
 Url:            http://www.imagemagick.org/
@@ -51,6 +51,8 @@ Url:            http://www.imagemagick.org/
 #Source0:        ftp://ftp.imagemagick.org/pub/ImageMagick/releases/ImageMagick-%%{VER}-%%{Patchlevel}.tar.xz
 Source0:        https://www.imagemagick.org/download/ImageMagick-%{VER}-%{Patchlevel}.tar.xz
 
+Patch0:         3858.patch
+
 BuildRequires:  gcc
 BuildRequires:  gcc-c++
 %if 0%{?fedora} >= 27 || 0%{?rhel} >= 8
@@ -348,6 +350,7 @@ however.
 
 %prep
 %setup -q -n %{libname}-%{VER}-%{Patchlevel}
+%patch0 -p1
 
 # for %%doc
 mkdir Magick++/examples
@@ -598,6 +601,10 @@ fi
 
 
 %changelog
+* Wed Jun 23 2021 Remi Collet <remi@remirepo.net> - 7.1.0-1-2
+- fix memory corruption using fix from
+  https://github.com/ImageMagick/ImageMagick/pull/3858
+
 * Tue Jun 22 2021 Remi Collet <remi@remirepo.net> - 7.1.0.1-1
 - update to version 7.1.0 patch level 1
 
-- 
cgit