• R/O
  • SSH

GM: Commit

Main GraphicsMagick source repository


Commit MetaInfo

Revision241c653c42ad1f21a8904806e099b3b038c9bc84 (tree)
Time2022-01-12 08:00:24
AuthorBob Friesenhahn <bfriesen@Grap...>
CommiterBob Friesenhahn

Log Message

PICT: Assure that the claimed scanline length is within the bounds of the scanline allocation

Change Summary

Incremental Difference

diff -r 9b6b6e12b91d -r 241c653c42ad ChangeLog
--- a/ChangeLog Sun Jan 09 10:14:13 2022 -0600
+++ b/ChangeLog Tue Jan 11 17:00:24 2022 -0600
@@ -1,3 +1,9 @@
1+2022-01-11 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
2+
3+ * coders/pict.c (DecodeImage): Assure that the claimed scanline
4+ length is within the bounds of the scanline allocation to avoid
5+ possible heap overflow.
6+
17 2022-01-09 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
28
39 * magick/blob.c: Make sure that read resource limiting can support
diff -r 9b6b6e12b91d -r 241c653c42ad VisualMagick/installer/inc/version.isx
--- a/VisualMagick/installer/inc/version.isx Sun Jan 09 10:14:13 2022 -0600
+++ b/VisualMagick/installer/inc/version.isx Tue Jan 11 17:00:24 2022 -0600
@@ -10,5 +10,5 @@
1010
1111 #define public MagickPackageName "GraphicsMagick"
1212 #define public MagickPackageVersion "1.4"
13-#define public MagickPackageVersionAddendum ".020220109"
14-#define public MagickPackageReleaseDate "snapshot-20220109"
13+#define public MagickPackageVersionAddendum ".020220111"
14+#define public MagickPackageReleaseDate "snapshot-20220111"
diff -r 9b6b6e12b91d -r 241c653c42ad coders/pict.c
--- a/coders/pict.c Sun Jan 09 10:14:13 2022 -0600
+++ b/coders/pict.c Tue Jan 11 17:00:24 2022 -0600
@@ -942,6 +942,17 @@
942942 scanline_length, (MAGICK_SIZE_T)scanline_alloc);
943943 if (scanline_length < 2)
944944 {
945+ (void) LogMagickEvent(CoderEvent,GetMagickModule(),
946+ "Scanline length %u < 2!",scanline_length);
947+ ThrowException(&image->exception,CorruptImageError,UnableToUncompressImage,
948+ image->filename);
949+ goto decode_error_exit;
950+ }
951+ if (scanline_length > scanline_alloc)
952+ {
953+ (void) LogMagickEvent(CoderEvent,GetMagickModule(),
954+ "Scanline length %u exceeds allocation %"MAGICK_SIZE_T_F"u",
955+ scanline_length, (MAGICK_SIZE_T)scanline_alloc);
945956 ThrowException(&image->exception,CorruptImageError,UnableToUncompressImage,
946957 image->filename);
947958 goto decode_error_exit;
diff -r 9b6b6e12b91d -r 241c653c42ad magick/version.h
--- a/magick/version.h Sun Jan 09 10:14:13 2022 -0600
+++ b/magick/version.h Tue Jan 11 17:00:24 2022 -0600
@@ -38,8 +38,8 @@
3838 #define MagickLibVersion 0x262300
3939 #define MagickLibVersionText "1.4"
4040 #define MagickLibVersionNumber 26,23,0
41-#define MagickChangeDate "20220109"
42-#define MagickReleaseDate "snapshot-20220109"
41+#define MagickChangeDate "20220111"
42+#define MagickReleaseDate "snapshot-20220111"
4343
4444 /*
4545 The MagickLibInterfaceNewest and MagickLibInterfaceOldest defines
diff -r 9b6b6e12b91d -r 241c653c42ad www/Changelog.html
--- a/www/Changelog.html Sun Jan 09 10:14:13 2022 -0600
+++ b/www/Changelog.html Tue Jan 11 17:00:24 2022 -0600
@@ -35,6 +35,11 @@
3535 <div class="document">
3636
3737
38+<p>2022-01-11 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
39+<blockquote>
40+* coders/pict.c (DecodeImage): Assure that the claimed scanline
41+length is within the bounds of the scanline allocation to avoid
42+possible heap overflow.</blockquote>
3843 <p>2022-01-09 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
3944 <blockquote>
4045 * magick/blob.c: Make sure that read resource limiting can support
diff -r 9b6b6e12b91d -r 241c653c42ad www/index.html
--- a/www/index.html Sun Jan 09 10:14:13 2022 -0600
+++ b/www/index.html Tue Jan 11 17:00:24 2022 -0600
@@ -61,8 +61,8 @@
6161 <a class="reference external" href="https://graphicsmagick.sourceforge.io/index.html">https://graphicsmagick.sourceforge.io/index.html</a> for the latest
6262 version of this page.</p>
6363 <p>GraphicsMagick is the swiss army knife of image processing. Comprised
64-of 267K physical lines (according to David A. Wheeler's <a class="reference external" href="https://dwheeler.com/sloccount/">SLOCCount</a>)
65-of source code in the base package (or 1,225K including 3rd party
64+of 279K physical lines (according to David A. Wheeler's <a class="reference external" href="https://dwheeler.com/sloccount/">SLOCCount</a>)
65+of source code in the base package (or 1,275K including 3rd party
6666 libraries) it provides a robust and efficient collection of tools and
6767 libraries which support reading, writing, and manipulating an image in
6868 over 89 major formats including important formats like DPX, GIF, JPEG,
diff -r 9b6b6e12b91d -r 241c653c42ad www/index.rst
--- a/www/index.rst Sun Jan 09 10:14:13 2022 -0600
+++ b/www/index.rst Tue Jan 11 17:00:24 2022 -0600
@@ -66,8 +66,8 @@
6666 .. _`oss-fuzz` : https://github.com/google/oss-fuzz
6767
6868 GraphicsMagick is the swiss army knife of image processing. Comprised
69-of 267K physical lines (according to David A. Wheeler's `SLOCCount`_)
70-of source code in the base package (or 1,225K including 3rd party
69+of 279K physical lines (according to David A. Wheeler's `SLOCCount`_)
70+of source code in the base package (or 1,275K including 3rd party
7171 libraries) it provides a robust and efficient collection of tools and
7272 libraries which support reading, writing, and manipulating an image in
7373 over 89 major formats including important formats like DPX, GIF, JPEG,
Show on old repository browser