The PALM image coder at coders/palm.c makes an improper call to AcquireQuantumMemory() in routine WritePALMImage() because it needs to be offset by 256. This can cause a out-of-bounds read later on in the routine. The patch adds 256 to bytes_per_row in the call to AcquireQuantumMemory(). This could cause impact to reliability. This flaw affects ImageMagick versions prior to 7.0.8-68.
[
{
"vendor": "n/a",
"product": "ImageMagick",
"versions": [
{
"version": "prior to 7.0.8-68",
"status": "affected"
}
]
}
]