• R/O
  • SSH

GM: Commit

Main GraphicsMagick source repository


Commit MetaInfo

Revisioneae611832371b77c84aad7a0c3785fff87200e80 (tree)
Time2022-01-02 03:38:34
AuthorBob Friesenhahn <bfriesen@Grap...>
CommiterBob Friesenhahn

Log Message

Rotate ChangeLog for 2022. Happy New Year!

Change Summary

Incremental Difference

diff -r f31b38267c37 -r eae611832371 ChangeLog
--- a/ChangeLog Fri Dec 31 17:37:22 2021 -0600
+++ b/ChangeLog Sat Jan 01 12:38:34 2022 -0600
@@ -1,806 +1,3 @@
1-2021-12-31 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
2-
3- * doc/{gmdoc2html, gmdocselect, imdoc2man, imdocselect}: Fixes to
4- work better with both GNU sed and Solaris/Illumos sed.
5-
6- * doc/GNUmakefile: Use GNU make rules to produce the full imdoc
7- list for man, html, and tex, rather than relying on a shell
8- wildcard expression, since the order produced by the shell
9- wildcard expression is indeterminate.
10-
11-
12-2021-12-30 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
13-
14- * www/index.rst: Document that
15- https://graphicsmagick.sourceforge.io/index.html is also
16- available.
17-
18- * www/programming.rst: Update URLs. Add a link to a 'Go' binding.
19-
20- * Copyright.txt: Update Copyright text for 2022 and prepare for
21- new year.
22-
23-2021-12-29 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
24-
25- * coders/{gif.c, meta.c, miff.c, mpc.c, pdb.c, pnm.c xpm.c}: Rely
26- on _MagickReallocateResourceLimitedMemory() to extend memory
27- allocation.
28-
29- * magick/memory.c (_MagickReallocateResourceLimitedMemory): Remove
30- size limit from realloc binary expansion. Fix reallocs tally counts.
31-
32- * magick/memory-private.h(_MagickReallocateResourceLimitedMemory)
33- : Remove use of GCC/Clang '__attribute_malloc__' since it is not
34- appropriate for this function.
35-
36- * magick/memory.c (_MagickReallocateResourceLimitedMemory):
37- Maintain a tally of the total number of octets moved by realloc.
38-
39-2021-12-27 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
40-
41- * coders/mat.c (ReadMATImage): Change 'ldblk' to size_t and
42- check related calculations for overflow and to avoid possible
43- negative seek offsets.
44- (FixLogical): Pass 'ldblk' as size_t.
45- (ReadMATImage): Assure that corrupt/incomplete image is not
46- returned.
47-
48-2021-12-25 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
49-
50- * magick/profile.c (AppendImageProfile): Deprecate this function
51- since JPEG was the last user.
52-
53- * coders/jpeg.c (AppendProfile): Implement more efficient way to
54- append JPEG profile chunks. Addresses SourceForge issue #634
55- "Slow to read JPEG with big APP1 profile".
56-
57- * coders/jp2.c (ReadJP2Image): Free 'options' which is now
58- allocated memory.
59-
60- * coders/png.c (ReadOnePNGImage): Support the define
61- png:chunk-malloc-max=limit in order to allow reading PNG files
62- which report "chunk data is too large" or to reduce the default
63- limit. The default libpng limit is 8,000,000 bytes, which is more
64- than sufficient for normal files. Note that since PNG uses
65- compression, the limit is on the uncompressed data and a
66- relatively small file may be able to provide a chunk which
67- decompresses to a large size. Addresses SourceForge #594 "Be able
68- to affect libpng user_chunk_malloc_max".
69-
70-2021-12-24 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
71-
72- * PerlMagick/Magick.xs: Fix issue that image fill attribute had
73- its opacity reset to transparent so it could not be usefully set
74- at image scope. Note that this fix may change results if the fill
75- attribute is not set since then the default will actually be used.
76- Support Get of "fill" and "stroke". Addresses SourceForge issue
77- #650 "Image attributes not working and not as documented for
78- PerlMagick". Eliminate use of dangerous strncpy().
79-
80- * magick/transform.c (TransformImage): Trace crop geometry. Trace
81- transform geometry.
82- (CropImage): Trace crop geometry. Trace bounding page.
83-
84- * Magick++/lib/Image.cpp (Magick::Image::trim): Trim requires
85- NorthWestGravity.
86-
87- * magick/command.c (MogrifyImage): Trim requires
88- NorthWestGravity. Fixes SourceForge issue #653 "convert: warning
89- when using -gravity with -trim". This was more than a warning.
90-
91-2021-12-23 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
92-
93- * coders/jp2.c: Properly support passing JasPer options for
94- decoder and encoder, including the 'debug' option.
95- (initialize_jasper): Call jas_conf_set_allocator() and pass the
96- maximum amount of memory it should be allocated to use. This
97- seems to avoid a malfunction. Re-enable use of jas_initialize().
98-
99-2021-12-22 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
100-
101- * coders/jp2.c (realloc_rlm): JasPer wants its custom memory
102- allocators to return non-null for a zero-sized request. Make it
103- so for the 'realloc' case as well. Development JasPer 3.0.0
104- jas_initialize() is not yet ready for our purposes.
105-
106- * coders/mat.c (ReadMATImageV4): Change 'ldblk' to size_t and
107- check related calculations for overflow and to avoid possible
108- negative seek offsets.
109-
110-2021-12-21 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
111-
112- * magick/signature.c: Remove functions FinalizeSignature,
113- GetSignatureInfo, TransformSignature, UpdateSignature and other
114- private implementation details from signature.h. Use managed
115- memory allocator.
116-
117- * coders/png.c (DestroyJNG): Deallocate alpha_image temporary file in DestroyJNG().
118- (ReadOnePNGImage): If setjmp fires, then don't return a broken
119- image.
120-
121-2021-12-18 Fojtik Jaroslav <JaFojtik@yandex.com>
122-
123- * magick/wpg.c: Fix incorrect TrX and TrY elements in CTM.
124- Backported from WP2LaTeX: https://hg.osdn.net/view/wp2latex/wp2latex/rev/ce47149e7e67
125-
126-2021-12-14 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
127-
128- * utilities/tests/convert.tap: Use sed to count file lines rather
129- than wc since wc output is inconsistent. Fixes SourceForge issue
130- #657 "Convert test fails in 1.3.37".
131-
132- * configure.ac: Search for a GnuPG 'gpg' program.
133-
134- * Makefile.am (snapshot): Add support for PGP-signed snapshots.
135-
136- * www/download.rst: Add documentation for how to validate
137- downloaded files.
138-
139-2021-12-12 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
140-
141- * version.sh: Update shared library versioning information for
142- forthcoming 1.3.37 release.
143-
144- * scripts/graphicsmagick_snapshot_copy-ssh: Sample
145- graphicsmagick_snapshot_copy script which uses scp to copy
146- snapshot files to a directory at a remote host, and then rsync
147- over ssh from there to SourceForge. Copy to a local script
148- directory and edit to suit local requirements.
149-
150- * scripts/graphicsmagick_snapshot_copy-local: Sample
151- graphicsmagick_snapshot_copy script to copy snapshot files to a
152- local directory and then rsync over ssh to SourceForge. Copy to a
153- local script directory and edit to suit local requirements.
154-
155- * Makefile.am (snapshot): Rely on the graphicsmagick_snapshot_copy
156- script to reduce files we don't care to distribute so that all
157- targets are still produced.
158-
159- * coders/jp2.c (alloc_rlm): JasPer expects its allocator to return
160- non-null for zero size
161-
162-2021-12-05 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
163-
164- * Makefile.am (snapshot): Update the snapshot target to distribute
165- a minimal set of files.
166-
167- * magick/symbols.h: Update the list of Gm prefixed symbols.
168-
169- * NEWS.txt: Updated with changes until today.
170-
171-2021-12-04 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
172-
173- * www/index.rst: Development snapshots are now at SourceForge.
174-
175- * www/download.rst, www/index.rst, README.txt: Remove references
176- to ftp.graphicsmagick.org, which was shut down due to continuing
177- abusive practices and lack of support from the user community.
178-
179-2021-12-03 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
180-
181- * magick/memory-private.h
182- (MagickAllocateResourceLimitedMemoryAttribute): Remove extraneous
183- comma.
184-
185- * coders/wpg.c (LoadWPG2Flags): Fix comment type and whitespace
186- issues.
187-
188-2021-11-15 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
189-
190- * coders/caption.c (ReadCAPTIONImage): Set draw_info to NULL upon
191- deallocation. Fixes an assertion reported by Michael Melcher via
192- the graphicsmagick-bugs list on November 11, 2021.
193-
194-2021-11-05 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
195-
196- * coders/jp2.c (initialize_jasper): For JasPer 3.0.0 and later,
197- use resource-limited memory allocators. JasPer 3.0.0 is not yet
198- released at this time.
199-
200-2021-11-04 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
201-
202- * coders/gif.c (ReadGIFImage): Handle GIF files where the 'opaque'
203- index matches the number of colors by producing an extra colormap
204- entry of transparent black. Fixes SourceForge issue 649 "Bug with
205- gm identify" where the test case produces the error "Invalid
206- colormap index (index 128 >= 128 colors, /tmp/broken.gif)".
207-
208- * magick/enum_strings.c (StringToDisposeType): New utility
209- function to convert a string to a DisposeType.
210- (DisposeTypeToString) New utility function to convert a
211- DisposeType to a string.
212-
213- * coders/msl.c (MSLEndElement): Ignore imbalanced group
214- closure. Fixes oss-fuzz 40680 "graphicsmagick:coder_MSL_fuzzer:
215- Heap-buffer-overflow in MSLEndElement".
216-
217-2021-11-03 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
218-
219- * coders/tiff.c (ReadTIFFImage): Make sure that loops using
220- TIFFReadScanline(), etc, do quit upon first reported error. Fixes
221- oss-fuzz 39167 "graphicsmagick:coder_BIGTIFF_fuzzer:
222- Use-of-uninitialized-value in DisassociateAlphaRegion", as well as
223- other such cases.
224-
225- * coders/png.c (png_get_data): On a short read, assure that the
226- remainder of the buffer is initialized just in case subsequent
227- code accesses it.
228-
229- * coders/msl.c (MSLStartElement): Assure that
230- 'msl_info->attributes[n]' is not NULL before attempting to use it.
231- This is assumed to eliminate oss-fuzz 40226
232- "graphicsmagick:coder_MSL_fuzzer: ASSERT: image != (Image *)
233- NULL".
234-
235-2021-11-02 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
236-
237- * coders/msl.c (MSLStartElement): Return immediately if there is
238- already an error or the image is NULL. Do not discard exceptions
239- when calling functions which return a new image. Try even harder
240- to shut down the libxml2 parser. Fixes SourceForge issue 652 "SEGV
241- in gm at coders/msl.c:883".
242-
243-2021-10-31 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
244-
245- * magick/widget.c (MagickXPreferencesWidget): Eliminate
246- compilation warning about 'strlen' argument missing terminating
247- nul.
248-
249-2021-10-24 Fojtik Jaroslav <JaFojtik@yandex.com>
250-
251- * magick/wpg.c: ObjectID>=0x8000 automatically switches double precision on.
252-
253-2021-09-18 Fojtik Jaroslav <JaFojtik@yandex.com>
254-
255- * PerlMagick/t/wmf/JPGinside.emf: Add test file: EMF that embedds
256- JPG.
257-
258-2021-09-17 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
259-
260- * magick/blob.c (WriteBlob): Use appropriate handle for bzip2.
261- Patch by Sam James <sam@gentoo.org>.
262-
263-2021-08-26 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
264-
265- * coders/jp2.c (initialize_jasper): Make minimal use of new JasPer
266- function jas_initialize() in order to avoid severe problems with
267- jas_init().
268-
269- * configure.ac: Detect new JasPer function jas_initialize().
270-
271-2021-08-14 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
272-
273- * coders/msl.c (MSLError): Call xmlStopParser() rather than
274- setting parser instate = XML_PARSER_EOF.
275-
276- * coders/svg.c (SVGError): Call xmlStopParser() rather than
277- setting parser instate = XML_PARSER_EOF.
278-
279-2021-07-21 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
280-
281- * coders/pdf.c (WritePDFImage): Use appropriate memory deallocator
282- for memory returned by StringToList(). Fixes SourceForge issue
283- 646 "Assertion failed using -label with PDF".
284-
285- * coders/webp.c (ReadWEBPImage): Add full error checking when
286- retrieving embedded profiles.
287-
288- * magick/profile.c (SetImageProfile): Do not try to store a
289- zero-sized profile.
290-
291- * coders/webp.c (ReadWEBPImage): Enforce that embedded profiles
292- provided by libWebP are not zero-sized. This problem was brought
293- to our attention by Shane Bishop on the graphicsmagick-help
294- mailing list.
295-
296-2021-07-18 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
297-
298- * Makefile.am: Add support for using an external
299- 'graphicsmagick_snapshot_copy' script to copy files for the
300- 'snapshot' target. This provides local control over how files are
301- copied and where they are copied to.
302-
303- * coders/msl.c (MSLStartElement): Use macros to simplify
304- validations and reduce repeated code fragments. Add validations
305- for image size and pixels present where applicable. Fixes
306- oss-fuzz 36224 "graphicsmagick:coder_MSL_fuzzer: Timeout in
307- coder_MSL_fuzzer".
308-
309- * magick/transform.c (RollImage): Assert that image rows and
310- columns are not zero.
311-
312-2021-07-16 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
313-
314- * coders/jp2.c (initialize_jasper): Update for the latest version
315- of the evolving jas_init_custom() interface provided by the
316- mdadams-callbacks branch.
317-
318-2021-07-05 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
319-
320- * coders/jp2.c: Assure that the designated decoder is used rather
321- than using autodetection and possibly using a different decoder
322- than intended. Added experimental support for JasPer
323- HAVE_JAS_INIT_CUSTOM feature, but leave disabled by default. Fix
324- a stream manager bug noticed with the madams-callbacks branch of
325- JasPer.
326-
327-2021-06-27 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
328-
329- * coders/msl.c (ProcessMSLScript): Fix possible use of freed
330- memory. Fixes oss-fuzz 35621 "graphicsmagick:coder_MSL_fuzzer:
331- ASSERT: image->signature == MagickSignature".
332-
333- * fuzzing/oss-fuzz-build.sh: Disable reading and writing of
334- gzip/bzip files since we don't have a viable solution for formats
335- which require an uncompressed file as input.
336-
337-2021-06-26 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
338-
339- * coders/pcx.c (ReadPCXImage): Fix problem that 16-colors are used
340- rather than 256-colors given sample file provided. Resolves
341- SourceForge patch #65 "PCX file not read correctly". Patch is by
342- Sam Yang.
343-
344- * coders/jp2.c (ReadJP2Image): Pass "max_samples" option to Jasper
345- to try to limit the amount of memory it may allocate while opening
346- a file. Addresses oss-fuzz 35265
347- "graphicsmagick:coder_PGX_fuzzer: Out-of-memory in
348- coder_PGX_fuzzer".
349-
350-2021-06-22 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
351-
352- * coders/webp.c (ReadWEBPImage): Use SetImagePixelsEx() rather
353- than GetImagePixelsEx() in reader. Patch by Tobias Mark via
354- SourceForge patch #66 "Minor improvment webp".
355-
356-2021-06-12 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
357-
358- * coders/svg.c (GetTransformTokens): Fix massive over-allocation
359- of string due to use of AcquireString() on entire remaining text
360- buffer. Addresses oss-fuzz 35171 "graphicsmagick:coder_SVG_fuzzer:
361- Out-of-memory in coder_SVG_fuzzer".
362- (GetTransformTokens): Apply an arbitrary limit on number of tokens
363- to avoid DOS.
364- (GetStyleTokens): Fix massive over-allocation of string due to use
365- of AcquireString() on entire remaining text buffer.
366- (GetStyleTokens): Don't use strlcpy() to copy token because it
367- scans full text.
368- (GetTransformTokens): Don't use strlcpy() to copy token because it
369- scans full text.
370-
371-2021-06-05 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
372-
373- * coders/msl.c (MSLStartElement): Use resource-managed memory
374- allocator for msl_info->group_info and assure that memory is
375- cleared so that empty group does not result in use of
376- uninitialized data. Addresses oss-fuzz 34869
377- "graphicsmagick:coder_MSL_fuzzer: Use-of-uninitialized-value in
378- MSLEndElement".
379-
380- * magick/memory.c (_MagickReallocateResourceLimitedMemory): Round
381- up allocation size on small reallocs in order to lessen the number
382- of actual reallocs.
383-
384-2021-05-31 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
385-
386- * coders/svg.c (SVGComment): Re-implement comment callback to be based on
387- the managed-memory allocator and avoid excessive use of strlen().
388- (SVGCharacters): Re-implement characters callback to to be based
389- on the managed-memory allocator and avoid excessive use of
390- strlen(). Addresses oss-fuzz 34168
391- "graphicsmagick:coder_SVGZ_fuzzer: Timeout in coder_SVGZ_fuzzer".
392-
393- * magick/memory.c (_MagickResourceLimitedMemoryGetSizeAttribute):
394- New private function to retrieve various integral size values from
395- the managed-memory allocator regarding a specified allocation.
396-
397- * magick/utility.c (MagickStripString): New function to replace
398- 'Strip' which is now deprecated. This version returns the string
399- length.
400-
401-2021-05-10 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
1+2022-01-01 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
4022
403- * Magick++/lib/Magick++/{Drawable.h, STL.h}: Use _MSVC_LANG in
404- addition to __cplusplus when testing for C++'17 since the
405- Microsoft C++ compiler only properly defines __cplusplus if the
406- /Zc:__cplusplus switch was provided.
407-
408-2021-05-09 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
409-
410- * Magick++/lib/Magick++/STL.h: Support compiling with C++'98
411- through C++'17.
412-
413- * Magick++/lib/Magick++/Drawable.h: Support compiling with C++'98
414- through C++'17.
415-
416-2021-05-02 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
417-
418- * magick/command.c (CompareImageCommand): If user has not
419- indicated a 'matte' preference, then include the opacity channel
420- in the compare if either image has a matte channel. Addresses
421- SourceForge issue #642 "Result of command "gm compare" depends on
422- order of images".
423-
424-2021-04-25 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
425-
426- * magick/compare.c (IsImagesEqual): Eliminate hard
427- "ImageOpacityDiffers" error when matte channel flag differs
428- between the images being compared. Instead of throwing a hard
429- error, treat the opacity channel of the image as opaque if the
430- matte flag is not set.
431-
432-2021-04-24 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
433-
434- * coders/jpeg.c: It is apparently now undefined behavior to assign
435- the return value from setjmp() to a variable. Remove recently
436- added code which is now doing that. Much thanks to Chris Gravely
437- for noticing this.
438-
439-2021-04-19 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
440-
441- * coders/jpeg.c (ReadJPEGImage): Error cases depending on
442- ThrowReaderException() were now leaking client data memory.
443- Replace such cases with customized ThrowJPEGReaderException()
444- which assures that it is freed.
445- (WriteJPEGImage): Error cases depending on ThrowWriterException()
446- were now client data memory. Replace such cases with customized
447- ThrowJPEGWriterException() which assures that it is freed.
448-
449-2021-04-18 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
450-
451- * coders/jpeg.c: Restructure client data so it is allocated on the
452- heap rather than the stack. Happens to fix SourceForge issue 641
453- "SIGSEGV thrown performing longjmp in jpeg.c".
454-
455-2021-04-10 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
456-
457- * coders/png.c (ReadOnePNGImage): Assure that null
458- ping_trans_alpha pointer is not dereferenced. Addresses oss-fuzz
459- 33119 "graphicsmagick:coder_MNG_fuzzer: Null-dereference READ in
460- ReadOnePNGImage".
461-
462- * magick/profile.c (SetImageProfile): Use the resource-limited
463- memory allocator to allocate embedded profiles.
464-
465- * magick/map.c (MagickMapCopyResourceLimitedString): New private
466- function to copy a resource-limited string.
467- (MagickMapDeallocateResourceLimitedString): New private function
468- to deallocate a resource-limited string.
469- (MagickMapCopyResourceLimitedBlob): New private function to copy a
470- resource-limited blob.
471- (MagickMapDeallocateResourceLimitedBlob): New private function to
472- deallocate a resource-limited blob.
473-
474-2021-04-06 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
475-
476- * coders/svg.c (GetStyleTokens): Limit the number of style tokens.
477- Addresses oss-fuzz 32921 "graphicsmagick:coder_SVG_fuzzer:
478- Out-of-memory in coder_SVG_fuzzer".
479- (SVGComment): Only capture first comment rather than concatenating
480- all comments. Addresses oss-fuzz 32944
481- "graphicsmagick:coder_SVGZ_fuzzer: Timeout in coder_SVGZ_fuzzer".
482-
483-2021-04-02 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
484-
485- * coders/msl.c (MSLReference): Fix memory leak when parser node is
486- null. Addresses oss-fuzz 32713 "graphicsmagick:coder_MSL_fuzzer:
487- Direct-leak in xmlNewReference".
488-
489-2021-04-01 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
490-
491- * coders/png.c (ReadOnePNGImage): Avoid use of null
492- ping_trans_color. Fixes oss-fuzz 32666
493- "graphicsmagick:coder_MNG_fuzzer: Null-dereference READ in
494- ReadOnePNGImage".
495-
496-2021-03-29 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
497-
498- * coders/msl.c (WriteMSLImage): Add OpenBlob()/CloseBlob() which
499- seems necessary to avoid memory leak in ImageToBlob(). Hopefully
500- will fix oss-fuzz 32575 "graphicsmagick:coder_MSL_fuzzer:
501- Direct-leak in MagickMalloc".
502-
503-2021-03-26 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
504-
505- * coders/jp2.c (RegisterJP2Image): Report JasPer library version.
506-
507- * coders/msl.c (ProcessMSLScript): Free msl_image upon reader
508- failure. Should fix oss-fuzz 32479
509- "graphicsmagick:coder_MSL_fuzzer: Indirect-leak in MagickMalloc".
510-
511-2021-03-24 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
512-
513- * PerlMagick/Makefile.am (check-perl): Nullify the check-perl
514- target when PerlMagick is enabled and shared libraries are used.
515- This is because a dynamic GraphicsMagick needs to be formally
516- installed before PerlMagick can be tested.
517-
518- * coders/jp2.c (ReadJP2Image): Support both old and new ways to
519- determine if JasPer codec support is available.
520-
521- * coders/msl.c (ProcessMSLScript): Another attempt to properly fix
522- oss-fuzz 32263 "graphicsmagick:coder_MSL_fuzzer:
523- Heap-use-after-free in ProcessMSLScript" without causing new
524- problems.
525-
526-2021-03-23 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
527-
528- * coders/msl.c (ProcessMSLScript): Fix oss-fuzz 32263
529- "graphicsmagick:coder_MSL_fuzzer: Heap-use-after-free in
530- ProcessMSLScript".
531-
532-2021-03-18 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
533-
534- * Magick++/lib/Image.cpp (Magick::Image::write): Due to the design
535- of ImageToBlob(), it is possible for data to be returned although
536- an exception was thrown. Deposit it in the Blob so that it will
537- be freed. May finish fixing oss-fuzz 31965
538- "graphicsmagick:coder_MSL_fuzzer: Indirect-leak in MagickMalloc".
539-
540-2021-03-17 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
541-
542- * coders/msl.c (ProcessMSLScript): Attempt to address leak of
543- "msl_image". May fix oss-fuzz 31965
544- "graphicsmagick:coder_MSL_fuzzer: Indirect-leak in MagickMalloc".
545-
546-2021-03-13 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
547-
548- * coders/dcm.c (DCM_ReadNonNativeImages): Enforce that image depth
549- is in the supported range of 1-16. Embedded PGX was observed to
550- cause JasPer to report a component depth of 20 bits. Fixes
551- oss-fuzz issue 31373 "graphicsmagick:coder_DCM_fuzzer:
552- Heap-buffer-overflow in DCM_SetupRescaleMap".
553-
554-2021-03-10 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
555-
556- * coders/svg.c (SVGError): Force xml parser input state to
557- XML_PARSER_EOF state upon error to abort parsing.
558-
559- * coders/msl.c (MSLError): Force xml parser input state to
560- XML_PARSER_EOF state upon error to abort parsing. Fixes oss-fuzz
561- 31401 "graphicsmagick:coder_MSL_fuzzer: Timeout in
562- coder_MSL_fuzzer".
563-
564-2021-03-08 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
565-
566- * coders/msl.c (ProcessMSLScript): Replicate clean-up actions
567- which should already be done by MSLPopImage(). Trying to address
568- oss-fuzz 31259 "graphicsmagick:coder_MSL_fuzzer: Direct-leak in
569- MagickMalloc", which I have not been able to reproduce.
570-
571- * magick/tsd.c (MagickTsdKeyDelete): Fix memory leak of key values
572- array at exit when use of pthread or WIN32 TSD APIs is disabled.
573-
574-2021-03-07 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
575-
576- * coders/msl.c (MSLStartElement): Consistently verify that
577- attributes are non-NULL before calling TranslateText(). Fixes
578- oss-fuzz 31779 "graphicsmagick:coder_MSL_fuzzer: ASSERT: image !=
579- (Image *) NULL".
580-
581- * README.txt: Add mention of libdeflate library, since it is an
582- optional dependency of the next libtiff release, and might be
583- required to link if libtiff itself depends on it.
584-
585- * configure.ac (MAGICK_DEP_LIBS): Liblzma is a libtiff dependency.
586- GraphicsMagick does not directly use liblzma. Do not include
587- liblzma as direct dependency for the modules build.
588-
589-2021-03-04 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
590-
591- * coders/svg.c (ProcessStyleClassDefs): Fix non-terminal execution
592- while traversing "active" list based on a patch by Gregory J
593- Wolfe. Addresses oss-fuzz 31663
594- "graphicsmagick:coder_SVGZ_fuzzer: Timeout in coder_SVGZ_fuzzer".
595-
596-2021-03-02 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
597-
598- * coders/svg.c (ProcessStyleClassDefs): Corrected fix for oss-fuzz
599- 31234 "graphicsmagick:coder_SVG_fuzzer: Direct-leak in
600- MagickMalloc" based on a patch by Gregory J Wolfe.
601-
602-2021-02-28 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
603-
604- * configure.ac: Add tests for Jasper jp2_decode(), jpc_decode(),
605- and pgx_decode().
606-
607- * coders/jp2.c (ReadJP2Image): Call jp2_decode(), jpc_decode(), or
608- pgx_decode(), directly. Using jas_image_decode() makes us subject
609- to Jasper's own format determination, which may include file
610- formats we don't want to support via Jasper.
611-
612- * fuzzing/oss-fuzz-build.sh: Disable support for Jasper codecs we
613- don't want or need.
614-
615-2021-02-27 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
616-
617- * coders/msl.c (MSLStartElement): Fix assertion in TranslateText()
618- when there are no attributes available. Addresses oss-fuzz 31307
619- "graphicsmagick:coder_MSL_fuzzer: ASSERT: image != (Image *)
620- NULL".
621-
622- * coders/svg.c (ProcessStyleClassDefs): Fix memory leak upon
623- malformed class name list. Addresses oss-fuzz 31234
624- "graphicsmagick:coder_SVG_fuzzer: Direct-leak in MagickMalloc".
625- (ProcessStyleClassDefs): Fix non-terminal loop and huge memory
626- allocation caused by self-referential list. Not sure if
627- implementation is as intended, but it does not crash. Addresses
628- oss-fuzz 31391 "graphicsmagick:coder_SVG_fuzzer: Out-of-memory in
629- coder_SVG_fuzzer".
630- (SVGReference): Fix memory leak when parser node is null.
631- Addresses oss-fuzz 31286 "graphicsmagick:coder_SVGZ_fuzzer:
632- Direct-leak in xmlNewReference".
633-
634-2021-02-25 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
635-
636- * coders/msl.c (MSLCDataBlock): Fix leak of value from
637- xmlNewCDataBlock(). Addresses oss-fuzz 31400
638- "graphicsmagick:coder_MSL_fuzzer: Direct-leak in
639- xmlNewCDataBlock".
640-
641-2021-02-22 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
642-
643- * coders/svg.c (ProcessStyleClassDefs): Fix non-terminal loop
644- caused by a self-referential list which results in huge memory
645- usage. Addresses oss-fuzz 31238 "graphicsmagick:coder_SVG_fuzzer:
646- Out-of-memory in coder_SVG_fuzzer".
647-
648-2021-02-21 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
649-
650- * coders/svg.c (SVGStartElement): Reject impossibly small bounds
651- and view_box width or height. Addresses oss-fuzz 31224
652- "graphicsmagick:coder_SVG_fuzzer: Divide-by-zero in
653- SVGStartElement".
654-
655- * coders/msl.c (MSLPushImage): Only clone attributes if not null.
656- Should address oss-fuzz 31205 "graphicsmagick:coder_MSL_fuzzer:
657- ASSERT: image != (Image *) NULL".
658-
659- * coders/jp2.c (ReadJP2Image): Validate that actual file header
660- does appear to be a supported format regardless of 'magick' being
661- forced. Jasper appears to dispatch to other libraries if it
662- detects a known format it supports and then the program exits if
663- there is a problem. Fixes oss-fuzz 31200
664- "graphicsmagick:coder_JPC_fuzzer: Unexpected-exit in error_exit".
665-
666-2021-02-20 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
667-
668- * magick/nt_base.c (NTGhostscriptFind,NTGhostscriptGetString):
669- Handle Ghostscript point versions added after 9.52. Fixes
670- SourceForge issue #636 'Failed to find Ghostscript' with
671- Ghostscript version 9.53.0+.
672-
673- * fuzzing/oss-fuzz-build.sh: Patch by Paul Kehrer to incorporate
674- Jasper and libxml2 into the oss-fuzz build.
675-
676-2021-02-14 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
677-
678- * VisualMagick/All/All.vcproj.in: Fixes by sourcer42
679- <sourcer42@users.sourceforge.net> for the problem that Visual
680- Studio is not able to load the All project if the project supports
681- the x64 target.
682-
683-2021-02-12 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
684-
685- * www/Hg.rst: Document new redundant Mercurial server at OSDN,
686- "https://hg.osdn.net/view/graphicsmagick/GM".
687-
688-2021-02-07 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
689-
690- * Add explicit cast to float where implicit casts to float from
691- double were occurring.
692-
693- * magick/utility.c (MagickDoubleToLong): Guard against LONG_MAX
694- not directly representable as a double.
695-
696-2021-02-06 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
697-
698- * magick/utility.c (TranslateTextEx): If image resolution is
699- impossibly small, then report the default resolution of 72 DPI, or
700- the equivalent in centimeters if units is in
701- pixels-per-centimeter. Addresses SourceForge bug #396 "dpi not
702- retrived (no default value)". I do have some misgivings about
703- this solution since it is lying about the actual value. Not all
704- usages of raster images have an associated physical reality and
705- thus resolution is not necessarily relevant.
706-
707-2021-02-04 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
708-
709- * coders/tiff.c, coders/ps2.c, coders/ps3.c: Libtiff versions
710- beyond 20201219 want to use types from stdint.h.
711-
712-2021-01-31 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
713-
714- * magick/monitor.c (MagickMonitorActive): Need to export this
715- function for use by modules.
716-
717-2021-01-30 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
718-
719- * VisualMagick/bin: Remove hp2xx.exe, mpeg2dec.exe, and
720- mpeg2enc.exe. There is no value to distributing these pre-built
721- and flimsy executables in the source package.
722-
723- * filters/analyze.c (AnalyzeImage): Add OpenMP speed-ups.
724-
725-2021-01-29 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
726-
727- * filters/analyze.c (AnalyzeImage): Tidy the structure of the code
728- a bit.
729-
730- * magick/module.c (ExecuteModuleProcess): Add error reporting for
731- the case that the expected symbol is not resolved.
732-
733-2021-01-23 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
734-
735- * configure.ac: Remove updates to use recommended forms of AC_INIT
736- and AM_INIT_AUTOMAKE. There were too many annoying side-effects
737- to daily development from these changes. Perhaps they will be
738- re-visited if solutions for Autotools regeneration issues are
739- found.
740-
741-2021-01-19 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
742-
743- * magick/render.c (InverseAffineMatrix): Avoid possible division
744- by zero or absurdly extreme scaling in InverseAffineMatrix().
745- Fixes oss-fuzz 28293 "Divide-by-zero - InverseAffineMatrix".
746-
747-2021-01-13 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
748-
749- * configure.ac (CONFIG_STATUS_DEPENDENCIES): Regenerate
750- configure.ac if ChangeLog or version.sh is updated.
751-
752-2021-01-10 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
753-
754- * coders/pdf.c (WritePDFImage): Converting a TIF to a PDF set the
755- page MediaBox to the TIFF dimensions in pixels while the CropBox
756- is set in local context dimensions. The latter is correct, the
757- former is not. Set the MediaBox to the proper dimension in local
758- context. Should be the same in this context. Patch by Hubert
759- Figuiere and retrieved from SourceForge patch #64 "Incorrect
760- MediaBox in PDF export".
761-
762- * magick/pixel_cache.c: Memory cache implementation of pixel cache
763- now uses resource limited memory allocator. It was previously
764- resource limited, but by using the resource allocation APIs
765- directly.
766-
767-2021-01-09 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
768-
769- * coders/tiff.c: Remove unintended double-charging for memory
770- resource. Remove explicit memset where possible.
771-
772-2021-01-07 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
773-
774- * coders/gif.c (ReadGIFImage): Fix memory leak of global_colormap
775- if realloc of memory for comment fails. Fixes oss-fuzz 29316
776- "Direct-leak in MagickMalloc".
777-
778- * coders/meta.c (ReadMETAImage): Fix double-free if blob buffer
779- was reallocated after being attached to blob. Fixes oss-fuzz
780- 29193 "Heap-double-free in MagickFree".
781-
782-2021-01-06 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
783-
784- * configure.ac: Updates to use recommended forms of AC_INIT and
785- AM_INIT_AUTOMAKE. This was/is painful due to how development
786- snapshot versioning is handled. The version string produced for
787- the snapshot version will now contain the snapshot date. Effort
788- has been made to avoid other impacts due to AC_INIT's enforcements
789- for how version information is used.
790-
791-2021-01-02 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
792-
793- * PerlMagick/Magick.xs: Remove GCC warnings which spewed out at
794- increased warning levels.
795-
796- * magick/magick_types.h.in: Hide definitions not intended for the
797- rest of the world under "if defined(MAGICK_IMPLEMENTATION)".
798-
799-2021-01-01 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
800-
801- * configure.ac: Skip library symbol tests for gdi32 since these
802- fail with the MSYS2 w64-i686 compiler and well as i686 Cygwin.
803- The failures caused a build regression for i686 MSYS2/Cygwin.
804-
805- * Copyright.txt: Copyright year updates and ChangeLog rotation for
806- the new year.
3+ * ChangeLog.2021: Rotate ChangeLog for 2022. Happy New Year!
diff -r f31b38267c37 -r eae611832371 ChangeLog.2021
--- a/ChangeLog.2021 Fri Dec 31 17:37:22 2021 -0600
+++ b/ChangeLog.2021 Sat Jan 01 12:38:34 2022 -0600
@@ -0,0 +1,806 @@
1+2021-12-31 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
2+
3+ * doc/{gmdoc2html, gmdocselect, imdoc2man, imdocselect}: Fixes to
4+ work better with both GNU sed and Solaris/Illumos sed.
5+
6+ * doc/GNUmakefile: Use GNU make rules to produce the full imdoc
7+ list for man, html, and tex, rather than relying on a shell
8+ wildcard expression, since the order produced by the shell
9+ wildcard expression is indeterminate.
10+
11+
12+2021-12-30 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
13+
14+ * www/index.rst: Document that
15+ https://graphicsmagick.sourceforge.io/index.html is also
16+ available.
17+
18+ * www/programming.rst: Update URLs. Add a link to a 'Go' binding.
19+
20+ * Copyright.txt: Update Copyright text for 2022 and prepare for
21+ new year.
22+
23+2021-12-29 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
24+
25+ * coders/{gif.c, meta.c, miff.c, mpc.c, pdb.c, pnm.c xpm.c}: Rely
26+ on _MagickReallocateResourceLimitedMemory() to extend memory
27+ allocation.
28+
29+ * magick/memory.c (_MagickReallocateResourceLimitedMemory): Remove
30+ size limit from realloc binary expansion. Fix reallocs tally counts.
31+
32+ * magick/memory-private.h(_MagickReallocateResourceLimitedMemory)
33+ : Remove use of GCC/Clang '__attribute_malloc__' since it is not
34+ appropriate for this function.
35+
36+ * magick/memory.c (_MagickReallocateResourceLimitedMemory):
37+ Maintain a tally of the total number of octets moved by realloc.
38+
39+2021-12-27 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
40+
41+ * coders/mat.c (ReadMATImage): Change 'ldblk' to size_t and
42+ check related calculations for overflow and to avoid possible
43+ negative seek offsets.
44+ (FixLogical): Pass 'ldblk' as size_t.
45+ (ReadMATImage): Assure that corrupt/incomplete image is not
46+ returned.
47+
48+2021-12-25 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
49+
50+ * magick/profile.c (AppendImageProfile): Deprecate this function
51+ since JPEG was the last user.
52+
53+ * coders/jpeg.c (AppendProfile): Implement more efficient way to
54+ append JPEG profile chunks. Addresses SourceForge issue #634
55+ "Slow to read JPEG with big APP1 profile".
56+
57+ * coders/jp2.c (ReadJP2Image): Free 'options' which is now
58+ allocated memory.
59+
60+ * coders/png.c (ReadOnePNGImage): Support the define
61+ png:chunk-malloc-max=limit in order to allow reading PNG files
62+ which report "chunk data is too large" or to reduce the default
63+ limit. The default libpng limit is 8,000,000 bytes, which is more
64+ than sufficient for normal files. Note that since PNG uses
65+ compression, the limit is on the uncompressed data and a
66+ relatively small file may be able to provide a chunk which
67+ decompresses to a large size. Addresses SourceForge #594 "Be able
68+ to affect libpng user_chunk_malloc_max".
69+
70+2021-12-24 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
71+
72+ * PerlMagick/Magick.xs: Fix issue that image fill attribute had
73+ its opacity reset to transparent so it could not be usefully set
74+ at image scope. Note that this fix may change results if the fill
75+ attribute is not set since then the default will actually be used.
76+ Support Get of "fill" and "stroke". Addresses SourceForge issue
77+ #650 "Image attributes not working and not as documented for
78+ PerlMagick". Eliminate use of dangerous strncpy().
79+
80+ * magick/transform.c (TransformImage): Trace crop geometry. Trace
81+ transform geometry.
82+ (CropImage): Trace crop geometry. Trace bounding page.
83+
84+ * Magick++/lib/Image.cpp (Magick::Image::trim): Trim requires
85+ NorthWestGravity.
86+
87+ * magick/command.c (MogrifyImage): Trim requires
88+ NorthWestGravity. Fixes SourceForge issue #653 "convert: warning
89+ when using -gravity with -trim". This was more than a warning.
90+
91+2021-12-23 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
92+
93+ * coders/jp2.c: Properly support passing JasPer options for
94+ decoder and encoder, including the 'debug' option.
95+ (initialize_jasper): Call jas_conf_set_allocator() and pass the
96+ maximum amount of memory it should be allocated to use. This
97+ seems to avoid a malfunction. Re-enable use of jas_initialize().
98+
99+2021-12-22 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
100+
101+ * coders/jp2.c (realloc_rlm): JasPer wants its custom memory
102+ allocators to return non-null for a zero-sized request. Make it
103+ so for the 'realloc' case as well. Development JasPer 3.0.0
104+ jas_initialize() is not yet ready for our purposes.
105+
106+ * coders/mat.c (ReadMATImageV4): Change 'ldblk' to size_t and
107+ check related calculations for overflow and to avoid possible
108+ negative seek offsets.
109+
110+2021-12-21 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
111+
112+ * magick/signature.c: Remove functions FinalizeSignature,
113+ GetSignatureInfo, TransformSignature, UpdateSignature and other
114+ private implementation details from signature.h. Use managed
115+ memory allocator.
116+
117+ * coders/png.c (DestroyJNG): Deallocate alpha_image temporary file in DestroyJNG().
118+ (ReadOnePNGImage): If setjmp fires, then don't return a broken
119+ image.
120+
121+2021-12-18 Fojtik Jaroslav <JaFojtik@yandex.com>
122+
123+ * magick/wpg.c: Fix incorrect TrX and TrY elements in CTM.
124+ Backported from WP2LaTeX: https://hg.osdn.net/view/wp2latex/wp2latex/rev/ce47149e7e67
125+
126+2021-12-14 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
127+
128+ * utilities/tests/convert.tap: Use sed to count file lines rather
129+ than wc since wc output is inconsistent. Fixes SourceForge issue
130+ #657 "Convert test fails in 1.3.37".
131+
132+ * configure.ac: Search for a GnuPG 'gpg' program.
133+
134+ * Makefile.am (snapshot): Add support for PGP-signed snapshots.
135+
136+ * www/download.rst: Add documentation for how to validate
137+ downloaded files.
138+
139+2021-12-12 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
140+
141+ * version.sh: Update shared library versioning information for
142+ forthcoming 1.3.37 release.
143+
144+ * scripts/graphicsmagick_snapshot_copy-ssh: Sample
145+ graphicsmagick_snapshot_copy script which uses scp to copy
146+ snapshot files to a directory at a remote host, and then rsync
147+ over ssh from there to SourceForge. Copy to a local script
148+ directory and edit to suit local requirements.
149+
150+ * scripts/graphicsmagick_snapshot_copy-local: Sample
151+ graphicsmagick_snapshot_copy script to copy snapshot files to a
152+ local directory and then rsync over ssh to SourceForge. Copy to a
153+ local script directory and edit to suit local requirements.
154+
155+ * Makefile.am (snapshot): Rely on the graphicsmagick_snapshot_copy
156+ script to reduce files we don't care to distribute so that all
157+ targets are still produced.
158+
159+ * coders/jp2.c (alloc_rlm): JasPer expects its allocator to return
160+ non-null for zero size
161+
162+2021-12-05 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
163+
164+ * Makefile.am (snapshot): Update the snapshot target to distribute
165+ a minimal set of files.
166+
167+ * magick/symbols.h: Update the list of Gm prefixed symbols.
168+
169+ * NEWS.txt: Updated with changes until today.
170+
171+2021-12-04 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
172+
173+ * www/index.rst: Development snapshots are now at SourceForge.
174+
175+ * www/download.rst, www/index.rst, README.txt: Remove references
176+ to ftp.graphicsmagick.org, which was shut down due to continuing
177+ abusive practices and lack of support from the user community.
178+
179+2021-12-03 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
180+
181+ * magick/memory-private.h
182+ (MagickAllocateResourceLimitedMemoryAttribute): Remove extraneous
183+ comma.
184+
185+ * coders/wpg.c (LoadWPG2Flags): Fix comment type and whitespace
186+ issues.
187+
188+2021-11-15 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
189+
190+ * coders/caption.c (ReadCAPTIONImage): Set draw_info to NULL upon
191+ deallocation. Fixes an assertion reported by Michael Melcher via
192+ the graphicsmagick-bugs list on November 11, 2021.
193+
194+2021-11-05 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
195+
196+ * coders/jp2.c (initialize_jasper): For JasPer 3.0.0 and later,
197+ use resource-limited memory allocators. JasPer 3.0.0 is not yet
198+ released at this time.
199+
200+2021-11-04 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
201+
202+ * coders/gif.c (ReadGIFImage): Handle GIF files where the 'opaque'
203+ index matches the number of colors by producing an extra colormap
204+ entry of transparent black. Fixes SourceForge issue 649 "Bug with
205+ gm identify" where the test case produces the error "Invalid
206+ colormap index (index 128 >= 128 colors, /tmp/broken.gif)".
207+
208+ * magick/enum_strings.c (StringToDisposeType): New utility
209+ function to convert a string to a DisposeType.
210+ (DisposeTypeToString) New utility function to convert a
211+ DisposeType to a string.
212+
213+ * coders/msl.c (MSLEndElement): Ignore imbalanced group
214+ closure. Fixes oss-fuzz 40680 "graphicsmagick:coder_MSL_fuzzer:
215+ Heap-buffer-overflow in MSLEndElement".
216+
217+2021-11-03 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
218+
219+ * coders/tiff.c (ReadTIFFImage): Make sure that loops using
220+ TIFFReadScanline(), etc, do quit upon first reported error. Fixes
221+ oss-fuzz 39167 "graphicsmagick:coder_BIGTIFF_fuzzer:
222+ Use-of-uninitialized-value in DisassociateAlphaRegion", as well as
223+ other such cases.
224+
225+ * coders/png.c (png_get_data): On a short read, assure that the
226+ remainder of the buffer is initialized just in case subsequent
227+ code accesses it.
228+
229+ * coders/msl.c (MSLStartElement): Assure that
230+ 'msl_info->attributes[n]' is not NULL before attempting to use it.
231+ This is assumed to eliminate oss-fuzz 40226
232+ "graphicsmagick:coder_MSL_fuzzer: ASSERT: image != (Image *)
233+ NULL".
234+
235+2021-11-02 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
236+
237+ * coders/msl.c (MSLStartElement): Return immediately if there is
238+ already an error or the image is NULL. Do not discard exceptions
239+ when calling functions which return a new image. Try even harder
240+ to shut down the libxml2 parser. Fixes SourceForge issue 652 "SEGV
241+ in gm at coders/msl.c:883".
242+
243+2021-10-31 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
244+
245+ * magick/widget.c (MagickXPreferencesWidget): Eliminate
246+ compilation warning about 'strlen' argument missing terminating
247+ nul.
248+
249+2021-10-24 Fojtik Jaroslav <JaFojtik@yandex.com>
250+
251+ * magick/wpg.c: ObjectID>=0x8000 automatically switches double precision on.
252+
253+2021-09-18 Fojtik Jaroslav <JaFojtik@yandex.com>
254+
255+ * PerlMagick/t/wmf/JPGinside.emf: Add test file: EMF that embedds
256+ JPG.
257+
258+2021-09-17 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
259+
260+ * magick/blob.c (WriteBlob): Use appropriate handle for bzip2.
261+ Patch by Sam James <sam@gentoo.org>.
262+
263+2021-08-26 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
264+
265+ * coders/jp2.c (initialize_jasper): Make minimal use of new JasPer
266+ function jas_initialize() in order to avoid severe problems with
267+ jas_init().
268+
269+ * configure.ac: Detect new JasPer function jas_initialize().
270+
271+2021-08-14 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
272+
273+ * coders/msl.c (MSLError): Call xmlStopParser() rather than
274+ setting parser instate = XML_PARSER_EOF.
275+
276+ * coders/svg.c (SVGError): Call xmlStopParser() rather than
277+ setting parser instate = XML_PARSER_EOF.
278+
279+2021-07-21 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
280+
281+ * coders/pdf.c (WritePDFImage): Use appropriate memory deallocator
282+ for memory returned by StringToList(). Fixes SourceForge issue
283+ 646 "Assertion failed using -label with PDF".
284+
285+ * coders/webp.c (ReadWEBPImage): Add full error checking when
286+ retrieving embedded profiles.
287+
288+ * magick/profile.c (SetImageProfile): Do not try to store a
289+ zero-sized profile.
290+
291+ * coders/webp.c (ReadWEBPImage): Enforce that embedded profiles
292+ provided by libWebP are not zero-sized. This problem was brought
293+ to our attention by Shane Bishop on the graphicsmagick-help
294+ mailing list.
295+
296+2021-07-18 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
297+
298+ * Makefile.am: Add support for using an external
299+ 'graphicsmagick_snapshot_copy' script to copy files for the
300+ 'snapshot' target. This provides local control over how files are
301+ copied and where they are copied to.
302+
303+ * coders/msl.c (MSLStartElement): Use macros to simplify
304+ validations and reduce repeated code fragments. Add validations
305+ for image size and pixels present where applicable. Fixes
306+ oss-fuzz 36224 "graphicsmagick:coder_MSL_fuzzer: Timeout in
307+ coder_MSL_fuzzer".
308+
309+ * magick/transform.c (RollImage): Assert that image rows and
310+ columns are not zero.
311+
312+2021-07-16 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
313+
314+ * coders/jp2.c (initialize_jasper): Update for the latest version
315+ of the evolving jas_init_custom() interface provided by the
316+ mdadams-callbacks branch.
317+
318+2021-07-05 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
319+
320+ * coders/jp2.c: Assure that the designated decoder is used rather
321+ than using autodetection and possibly using a different decoder
322+ than intended. Added experimental support for JasPer
323+ HAVE_JAS_INIT_CUSTOM feature, but leave disabled by default. Fix
324+ a stream manager bug noticed with the madams-callbacks branch of
325+ JasPer.
326+
327+2021-06-27 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
328+
329+ * coders/msl.c (ProcessMSLScript): Fix possible use of freed
330+ memory. Fixes oss-fuzz 35621 "graphicsmagick:coder_MSL_fuzzer:
331+ ASSERT: image->signature == MagickSignature".
332+
333+ * fuzzing/oss-fuzz-build.sh: Disable reading and writing of
334+ gzip/bzip files since we don't have a viable solution for formats
335+ which require an uncompressed file as input.
336+
337+2021-06-26 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
338+
339+ * coders/pcx.c (ReadPCXImage): Fix problem that 16-colors are used
340+ rather than 256-colors given sample file provided. Resolves
341+ SourceForge patch #65 "PCX file not read correctly". Patch is by
342+ Sam Yang.
343+
344+ * coders/jp2.c (ReadJP2Image): Pass "max_samples" option to Jasper
345+ to try to limit the amount of memory it may allocate while opening
346+ a file. Addresses oss-fuzz 35265
347+ "graphicsmagick:coder_PGX_fuzzer: Out-of-memory in
348+ coder_PGX_fuzzer".
349+
350+2021-06-22 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
351+
352+ * coders/webp.c (ReadWEBPImage): Use SetImagePixelsEx() rather
353+ than GetImagePixelsEx() in reader. Patch by Tobias Mark via
354+ SourceForge patch #66 "Minor improvment webp".
355+
356+2021-06-12 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
357+
358+ * coders/svg.c (GetTransformTokens): Fix massive over-allocation
359+ of string due to use of AcquireString() on entire remaining text
360+ buffer. Addresses oss-fuzz 35171 "graphicsmagick:coder_SVG_fuzzer:
361+ Out-of-memory in coder_SVG_fuzzer".
362+ (GetTransformTokens): Apply an arbitrary limit on number of tokens
363+ to avoid DOS.
364+ (GetStyleTokens): Fix massive over-allocation of string due to use
365+ of AcquireString() on entire remaining text buffer.
366+ (GetStyleTokens): Don't use strlcpy() to copy token because it
367+ scans full text.
368+ (GetTransformTokens): Don't use strlcpy() to copy token because it
369+ scans full text.
370+
371+2021-06-05 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
372+
373+ * coders/msl.c (MSLStartElement): Use resource-managed memory
374+ allocator for msl_info->group_info and assure that memory is
375+ cleared so that empty group does not result in use of
376+ uninitialized data. Addresses oss-fuzz 34869
377+ "graphicsmagick:coder_MSL_fuzzer: Use-of-uninitialized-value in
378+ MSLEndElement".
379+
380+ * magick/memory.c (_MagickReallocateResourceLimitedMemory): Round
381+ up allocation size on small reallocs in order to lessen the number
382+ of actual reallocs.
383+
384+2021-05-31 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
385+
386+ * coders/svg.c (SVGComment): Re-implement comment callback to be based on
387+ the managed-memory allocator and avoid excessive use of strlen().
388+ (SVGCharacters): Re-implement characters callback to to be based
389+ on the managed-memory allocator and avoid excessive use of
390+ strlen(). Addresses oss-fuzz 34168
391+ "graphicsmagick:coder_SVGZ_fuzzer: Timeout in coder_SVGZ_fuzzer".
392+
393+ * magick/memory.c (_MagickResourceLimitedMemoryGetSizeAttribute):
394+ New private function to retrieve various integral size values from
395+ the managed-memory allocator regarding a specified allocation.
396+
397+ * magick/utility.c (MagickStripString): New function to replace
398+ 'Strip' which is now deprecated. This version returns the string
399+ length.
400+
401+2021-05-10 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
402+
403+ * Magick++/lib/Magick++/{Drawable.h, STL.h}: Use _MSVC_LANG in
404+ addition to __cplusplus when testing for C++'17 since the
405+ Microsoft C++ compiler only properly defines __cplusplus if the
406+ /Zc:__cplusplus switch was provided.
407+
408+2021-05-09 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
409+
410+ * Magick++/lib/Magick++/STL.h: Support compiling with C++'98
411+ through C++'17.
412+
413+ * Magick++/lib/Magick++/Drawable.h: Support compiling with C++'98
414+ through C++'17.
415+
416+2021-05-02 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
417+
418+ * magick/command.c (CompareImageCommand): If user has not
419+ indicated a 'matte' preference, then include the opacity channel
420+ in the compare if either image has a matte channel. Addresses
421+ SourceForge issue #642 "Result of command "gm compare" depends on
422+ order of images".
423+
424+2021-04-25 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
425+
426+ * magick/compare.c (IsImagesEqual): Eliminate hard
427+ "ImageOpacityDiffers" error when matte channel flag differs
428+ between the images being compared. Instead of throwing a hard
429+ error, treat the opacity channel of the image as opaque if the
430+ matte flag is not set.
431+
432+2021-04-24 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
433+
434+ * coders/jpeg.c: It is apparently now undefined behavior to assign
435+ the return value from setjmp() to a variable. Remove recently
436+ added code which is now doing that. Much thanks to Chris Gravely
437+ for noticing this.
438+
439+2021-04-19 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
440+
441+ * coders/jpeg.c (ReadJPEGImage): Error cases depending on
442+ ThrowReaderException() were now leaking client data memory.
443+ Replace such cases with customized ThrowJPEGReaderException()
444+ which assures that it is freed.
445+ (WriteJPEGImage): Error cases depending on ThrowWriterException()
446+ were now client data memory. Replace such cases with customized
447+ ThrowJPEGWriterException() which assures that it is freed.
448+
449+2021-04-18 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
450+
451+ * coders/jpeg.c: Restructure client data so it is allocated on the
452+ heap rather than the stack. Happens to fix SourceForge issue 641
453+ "SIGSEGV thrown performing longjmp in jpeg.c".
454+
455+2021-04-10 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
456+
457+ * coders/png.c (ReadOnePNGImage): Assure that null
458+ ping_trans_alpha pointer is not dereferenced. Addresses oss-fuzz
459+ 33119 "graphicsmagick:coder_MNG_fuzzer: Null-dereference READ in
460+ ReadOnePNGImage".
461+
462+ * magick/profile.c (SetImageProfile): Use the resource-limited
463+ memory allocator to allocate embedded profiles.
464+
465+ * magick/map.c (MagickMapCopyResourceLimitedString): New private
466+ function to copy a resource-limited string.
467+ (MagickMapDeallocateResourceLimitedString): New private function
468+ to deallocate a resource-limited string.
469+ (MagickMapCopyResourceLimitedBlob): New private function to copy a
470+ resource-limited blob.
471+ (MagickMapDeallocateResourceLimitedBlob): New private function to
472+ deallocate a resource-limited blob.
473+
474+2021-04-06 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
475+
476+ * coders/svg.c (GetStyleTokens): Limit the number of style tokens.
477+ Addresses oss-fuzz 32921 "graphicsmagick:coder_SVG_fuzzer:
478+ Out-of-memory in coder_SVG_fuzzer".
479+ (SVGComment): Only capture first comment rather than concatenating
480+ all comments. Addresses oss-fuzz 32944
481+ "graphicsmagick:coder_SVGZ_fuzzer: Timeout in coder_SVGZ_fuzzer".
482+
483+2021-04-02 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
484+
485+ * coders/msl.c (MSLReference): Fix memory leak when parser node is
486+ null. Addresses oss-fuzz 32713 "graphicsmagick:coder_MSL_fuzzer:
487+ Direct-leak in xmlNewReference".
488+
489+2021-04-01 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
490+
491+ * coders/png.c (ReadOnePNGImage): Avoid use of null
492+ ping_trans_color. Fixes oss-fuzz 32666
493+ "graphicsmagick:coder_MNG_fuzzer: Null-dereference READ in
494+ ReadOnePNGImage".
495+
496+2021-03-29 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
497+
498+ * coders/msl.c (WriteMSLImage): Add OpenBlob()/CloseBlob() which
499+ seems necessary to avoid memory leak in ImageToBlob(). Hopefully
500+ will fix oss-fuzz 32575 "graphicsmagick:coder_MSL_fuzzer:
501+ Direct-leak in MagickMalloc".
502+
503+2021-03-26 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
504+
505+ * coders/jp2.c (RegisterJP2Image): Report JasPer library version.
506+
507+ * coders/msl.c (ProcessMSLScript): Free msl_image upon reader
508+ failure. Should fix oss-fuzz 32479
509+ "graphicsmagick:coder_MSL_fuzzer: Indirect-leak in MagickMalloc".
510+
511+2021-03-24 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
512+
513+ * PerlMagick/Makefile.am (check-perl): Nullify the check-perl
514+ target when PerlMagick is enabled and shared libraries are used.
515+ This is because a dynamic GraphicsMagick needs to be formally
516+ installed before PerlMagick can be tested.
517+
518+ * coders/jp2.c (ReadJP2Image): Support both old and new ways to
519+ determine if JasPer codec support is available.
520+
521+ * coders/msl.c (ProcessMSLScript): Another attempt to properly fix
522+ oss-fuzz 32263 "graphicsmagick:coder_MSL_fuzzer:
523+ Heap-use-after-free in ProcessMSLScript" without causing new
524+ problems.
525+
526+2021-03-23 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
527+
528+ * coders/msl.c (ProcessMSLScript): Fix oss-fuzz 32263
529+ "graphicsmagick:coder_MSL_fuzzer: Heap-use-after-free in
530+ ProcessMSLScript".
531+
532+2021-03-18 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
533+
534+ * Magick++/lib/Image.cpp (Magick::Image::write): Due to the design
535+ of ImageToBlob(), it is possible for data to be returned although
536+ an exception was thrown. Deposit it in the Blob so that it will
537+ be freed. May finish fixing oss-fuzz 31965
538+ "graphicsmagick:coder_MSL_fuzzer: Indirect-leak in MagickMalloc".
539+
540+2021-03-17 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
541+
542+ * coders/msl.c (ProcessMSLScript): Attempt to address leak of
543+ "msl_image". May fix oss-fuzz 31965
544+ "graphicsmagick:coder_MSL_fuzzer: Indirect-leak in MagickMalloc".
545+
546+2021-03-13 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
547+
548+ * coders/dcm.c (DCM_ReadNonNativeImages): Enforce that image depth
549+ is in the supported range of 1-16. Embedded PGX was observed to
550+ cause JasPer to report a component depth of 20 bits. Fixes
551+ oss-fuzz issue 31373 "graphicsmagick:coder_DCM_fuzzer:
552+ Heap-buffer-overflow in DCM_SetupRescaleMap".
553+
554+2021-03-10 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
555+
556+ * coders/svg.c (SVGError): Force xml parser input state to
557+ XML_PARSER_EOF state upon error to abort parsing.
558+
559+ * coders/msl.c (MSLError): Force xml parser input state to
560+ XML_PARSER_EOF state upon error to abort parsing. Fixes oss-fuzz
561+ 31401 "graphicsmagick:coder_MSL_fuzzer: Timeout in
562+ coder_MSL_fuzzer".
563+
564+2021-03-08 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
565+
566+ * coders/msl.c (ProcessMSLScript): Replicate clean-up actions
567+ which should already be done by MSLPopImage(). Trying to address
568+ oss-fuzz 31259 "graphicsmagick:coder_MSL_fuzzer: Direct-leak in
569+ MagickMalloc", which I have not been able to reproduce.
570+
571+ * magick/tsd.c (MagickTsdKeyDelete): Fix memory leak of key values
572+ array at exit when use of pthread or WIN32 TSD APIs is disabled.
573+
574+2021-03-07 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
575+
576+ * coders/msl.c (MSLStartElement): Consistently verify that
577+ attributes are non-NULL before calling TranslateText(). Fixes
578+ oss-fuzz 31779 "graphicsmagick:coder_MSL_fuzzer: ASSERT: image !=
579+ (Image *) NULL".
580+
581+ * README.txt: Add mention of libdeflate library, since it is an
582+ optional dependency of the next libtiff release, and might be
583+ required to link if libtiff itself depends on it.
584+
585+ * configure.ac (MAGICK_DEP_LIBS): Liblzma is a libtiff dependency.
586+ GraphicsMagick does not directly use liblzma. Do not include
587+ liblzma as direct dependency for the modules build.
588+
589+2021-03-04 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
590+
591+ * coders/svg.c (ProcessStyleClassDefs): Fix non-terminal execution
592+ while traversing "active" list based on a patch by Gregory J
593+ Wolfe. Addresses oss-fuzz 31663
594+ "graphicsmagick:coder_SVGZ_fuzzer: Timeout in coder_SVGZ_fuzzer".
595+
596+2021-03-02 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
597+
598+ * coders/svg.c (ProcessStyleClassDefs): Corrected fix for oss-fuzz
599+ 31234 "graphicsmagick:coder_SVG_fuzzer: Direct-leak in
600+ MagickMalloc" based on a patch by Gregory J Wolfe.
601+
602+2021-02-28 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
603+
604+ * configure.ac: Add tests for Jasper jp2_decode(), jpc_decode(),
605+ and pgx_decode().
606+
607+ * coders/jp2.c (ReadJP2Image): Call jp2_decode(), jpc_decode(), or
608+ pgx_decode(), directly. Using jas_image_decode() makes us subject
609+ to Jasper's own format determination, which may include file
610+ formats we don't want to support via Jasper.
611+
612+ * fuzzing/oss-fuzz-build.sh: Disable support for Jasper codecs we
613+ don't want or need.
614+
615+2021-02-27 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
616+
617+ * coders/msl.c (MSLStartElement): Fix assertion in TranslateText()
618+ when there are no attributes available. Addresses oss-fuzz 31307
619+ "graphicsmagick:coder_MSL_fuzzer: ASSERT: image != (Image *)
620+ NULL".
621+
622+ * coders/svg.c (ProcessStyleClassDefs): Fix memory leak upon
623+ malformed class name list. Addresses oss-fuzz 31234
624+ "graphicsmagick:coder_SVG_fuzzer: Direct-leak in MagickMalloc".
625+ (ProcessStyleClassDefs): Fix non-terminal loop and huge memory
626+ allocation caused by self-referential list. Not sure if
627+ implementation is as intended, but it does not crash. Addresses
628+ oss-fuzz 31391 "graphicsmagick:coder_SVG_fuzzer: Out-of-memory in
629+ coder_SVG_fuzzer".
630+ (SVGReference): Fix memory leak when parser node is null.
631+ Addresses oss-fuzz 31286 "graphicsmagick:coder_SVGZ_fuzzer:
632+ Direct-leak in xmlNewReference".
633+
634+2021-02-25 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
635+
636+ * coders/msl.c (MSLCDataBlock): Fix leak of value from
637+ xmlNewCDataBlock(). Addresses oss-fuzz 31400
638+ "graphicsmagick:coder_MSL_fuzzer: Direct-leak in
639+ xmlNewCDataBlock".
640+
641+2021-02-22 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
642+
643+ * coders/svg.c (ProcessStyleClassDefs): Fix non-terminal loop
644+ caused by a self-referential list which results in huge memory
645+ usage. Addresses oss-fuzz 31238 "graphicsmagick:coder_SVG_fuzzer:
646+ Out-of-memory in coder_SVG_fuzzer".
647+
648+2021-02-21 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
649+
650+ * coders/svg.c (SVGStartElement): Reject impossibly small bounds
651+ and view_box width or height. Addresses oss-fuzz 31224
652+ "graphicsmagick:coder_SVG_fuzzer: Divide-by-zero in
653+ SVGStartElement".
654+
655+ * coders/msl.c (MSLPushImage): Only clone attributes if not null.
656+ Should address oss-fuzz 31205 "graphicsmagick:coder_MSL_fuzzer:
657+ ASSERT: image != (Image *) NULL".
658+
659+ * coders/jp2.c (ReadJP2Image): Validate that actual file header
660+ does appear to be a supported format regardless of 'magick' being
661+ forced. Jasper appears to dispatch to other libraries if it
662+ detects a known format it supports and then the program exits if
663+ there is a problem. Fixes oss-fuzz 31200
664+ "graphicsmagick:coder_JPC_fuzzer: Unexpected-exit in error_exit".
665+
666+2021-02-20 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
667+
668+ * magick/nt_base.c (NTGhostscriptFind,NTGhostscriptGetString):
669+ Handle Ghostscript point versions added after 9.52. Fixes
670+ SourceForge issue #636 'Failed to find Ghostscript' with
671+ Ghostscript version 9.53.0+.
672+
673+ * fuzzing/oss-fuzz-build.sh: Patch by Paul Kehrer to incorporate
674+ Jasper and libxml2 into the oss-fuzz build.
675+
676+2021-02-14 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
677+
678+ * VisualMagick/All/All.vcproj.in: Fixes by sourcer42
679+ <sourcer42@users.sourceforge.net> for the problem that Visual
680+ Studio is not able to load the All project if the project supports
681+ the x64 target.
682+
683+2021-02-12 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
684+
685+ * www/Hg.rst: Document new redundant Mercurial server at OSDN,
686+ "https://hg.osdn.net/view/graphicsmagick/GM".
687+
688+2021-02-07 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
689+
690+ * Add explicit cast to float where implicit casts to float from
691+ double were occurring.
692+
693+ * magick/utility.c (MagickDoubleToLong): Guard against LONG_MAX
694+ not directly representable as a double.
695+
696+2021-02-06 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
697+
698+ * magick/utility.c (TranslateTextEx): If image resolution is
699+ impossibly small, then report the default resolution of 72 DPI, or
700+ the equivalent in centimeters if units is in
701+ pixels-per-centimeter. Addresses SourceForge bug #396 "dpi not
702+ retrived (no default value)". I do have some misgivings about
703+ this solution since it is lying about the actual value. Not all
704+ usages of raster images have an associated physical reality and
705+ thus resolution is not necessarily relevant.
706+
707+2021-02-04 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
708+
709+ * coders/tiff.c, coders/ps2.c, coders/ps3.c: Libtiff versions
710+ beyond 20201219 want to use types from stdint.h.
711+
712+2021-01-31 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
713+
714+ * magick/monitor.c (MagickMonitorActive): Need to export this
715+ function for use by modules.
716+
717+2021-01-30 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
718+
719+ * VisualMagick/bin: Remove hp2xx.exe, mpeg2dec.exe, and
720+ mpeg2enc.exe. There is no value to distributing these pre-built
721+ and flimsy executables in the source package.
722+
723+ * filters/analyze.c (AnalyzeImage): Add OpenMP speed-ups.
724+
725+2021-01-29 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
726+
727+ * filters/analyze.c (AnalyzeImage): Tidy the structure of the code
728+ a bit.
729+
730+ * magick/module.c (ExecuteModuleProcess): Add error reporting for
731+ the case that the expected symbol is not resolved.
732+
733+2021-01-23 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
734+
735+ * configure.ac: Remove updates to use recommended forms of AC_INIT
736+ and AM_INIT_AUTOMAKE. There were too many annoying side-effects
737+ to daily development from these changes. Perhaps they will be
738+ re-visited if solutions for Autotools regeneration issues are
739+ found.
740+
741+2021-01-19 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
742+
743+ * magick/render.c (InverseAffineMatrix): Avoid possible division
744+ by zero or absurdly extreme scaling in InverseAffineMatrix().
745+ Fixes oss-fuzz 28293 "Divide-by-zero - InverseAffineMatrix".
746+
747+2021-01-13 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
748+
749+ * configure.ac (CONFIG_STATUS_DEPENDENCIES): Regenerate
750+ configure.ac if ChangeLog or version.sh is updated.
751+
752+2021-01-10 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
753+
754+ * coders/pdf.c (WritePDFImage): Converting a TIF to a PDF set the
755+ page MediaBox to the TIFF dimensions in pixels while the CropBox
756+ is set in local context dimensions. The latter is correct, the
757+ former is not. Set the MediaBox to the proper dimension in local
758+ context. Should be the same in this context. Patch by Hubert
759+ Figuiere and retrieved from SourceForge patch #64 "Incorrect
760+ MediaBox in PDF export".
761+
762+ * magick/pixel_cache.c: Memory cache implementation of pixel cache
763+ now uses resource limited memory allocator. It was previously
764+ resource limited, but by using the resource allocation APIs
765+ directly.
766+
767+2021-01-09 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
768+
769+ * coders/tiff.c: Remove unintended double-charging for memory
770+ resource. Remove explicit memset where possible.
771+
772+2021-01-07 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
773+
774+ * coders/gif.c (ReadGIFImage): Fix memory leak of global_colormap
775+ if realloc of memory for comment fails. Fixes oss-fuzz 29316
776+ "Direct-leak in MagickMalloc".
777+
778+ * coders/meta.c (ReadMETAImage): Fix double-free if blob buffer
779+ was reallocated after being attached to blob. Fixes oss-fuzz
780+ 29193 "Heap-double-free in MagickFree".
781+
782+2021-01-06 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
783+
784+ * configure.ac: Updates to use recommended forms of AC_INIT and
785+ AM_INIT_AUTOMAKE. This was/is painful due to how development
786+ snapshot versioning is handled. The version string produced for
787+ the snapshot version will now contain the snapshot date. Effort
788+ has been made to avoid other impacts due to AC_INIT's enforcements
789+ for how version information is used.
790+
791+2021-01-02 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
792+
793+ * PerlMagick/Magick.xs: Remove GCC warnings which spewed out at
794+ increased warning levels.
795+
796+ * magick/magick_types.h.in: Hide definitions not intended for the
797+ rest of the world under "if defined(MAGICK_IMPLEMENTATION)".
798+
799+2021-01-01 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
800+
801+ * configure.ac: Skip library symbol tests for gdi32 since these
802+ fail with the MSYS2 w64-i686 compiler and well as i686 Cygwin.
803+ The failures caused a build regression for i686 MSYS2/Cygwin.
804+
805+ * Copyright.txt: Copyright year updates and ChangeLog rotation for
806+ the new year.
diff -r f31b38267c37 -r eae611832371 VisualMagick/installer/inc/version.isx
--- a/VisualMagick/installer/inc/version.isx Fri Dec 31 17:37:22 2021 -0600
+++ b/VisualMagick/installer/inc/version.isx Sat Jan 01 12:38:34 2022 -0600
@@ -10,5 +10,5 @@
1010
1111 #define public MagickPackageName "GraphicsMagick"
1212 #define public MagickPackageVersion "1.4"
13-#define public MagickPackageVersionAddendum ".020211231"
14-#define public MagickPackageReleaseDate "snapshot-20211231"
13+#define public MagickPackageVersionAddendum ".020220101"
14+#define public MagickPackageReleaseDate "snapshot-20220101"
diff -r f31b38267c37 -r eae611832371 magick/version.h
--- a/magick/version.h Fri Dec 31 17:37:22 2021 -0600
+++ b/magick/version.h Sat Jan 01 12:38:34 2022 -0600
@@ -38,8 +38,8 @@
3838 #define MagickLibVersion 0x262300
3939 #define MagickLibVersionText "1.4"
4040 #define MagickLibVersionNumber 26,23,0
41-#define MagickChangeDate "20211231"
42-#define MagickReleaseDate "snapshot-20211231"
41+#define MagickChangeDate "20220101"
42+#define MagickReleaseDate "snapshot-20220101"
4343
4444 /*
4545 The MagickLibInterfaceNewest and MagickLibInterfaceOldest defines
diff -r f31b38267c37 -r eae611832371 www/ChangeLog-2021.html
--- a/www/ChangeLog-2021.html Fri Dec 31 17:37:22 2021 -0600
+++ b/www/ChangeLog-2021.html Sat Jan 01 12:38:34 2022 -0600
@@ -35,7 +35,706 @@
3535 <div class="document">
3636
3737
38-
38+<p>2021-12-31 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
39+<blockquote>
40+<p>* doc/{gmdoc2html, gmdocselect, imdoc2man, imdocselect}: Fixes to
41+work better with both GNU sed and Solaris/Illumos sed.</p>
42+<p>* doc/GNUmakefile: Use GNU make rules to produce the full imdoc
43+list for man, html, and tex, rather than relying on a shell
44+wildcard expression, since the order produced by the shell
45+wildcard expression is indeterminate.</p>
46+</blockquote>
47+<p>2021-12-30 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
48+<blockquote>
49+<p>* www/index.rst: Document that
50+<a class="reference external" href="https://graphicsmagick.sourceforge.io/index.html">https://graphicsmagick.sourceforge.io/index.html</a> is also
51+available.</p>
52+<p>* www/programming.rst: Update URLs. Add a link to a 'Go' binding.</p>
53+<p>* Copyright.txt: Update Copyright text for 2022 and prepare for
54+new year.</p>
55+</blockquote>
56+<p>2021-12-29 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
57+<blockquote>
58+<p>* coders/{gif.c, meta.c, miff.c, mpc.c, pdb.c, pnm.c xpm.c}: Rely
59+on _MagickReallocateResourceLimitedMemory() to extend memory
60+allocation.</p>
61+<p>* magick/memory.c (_MagickReallocateResourceLimitedMemory): Remove
62+size limit from realloc binary expansion. Fix reallocs tally counts.</p>
63+<p>* magick/memory-private.h(_MagickReallocateResourceLimitedMemory)
64+: Remove use of GCC/Clang '__attribute_malloc__' since it is not
65+appropriate for this function.</p>
66+<p>* magick/memory.c (_MagickReallocateResourceLimitedMemory):
67+Maintain a tally of the total number of octets moved by realloc.</p>
68+</blockquote>
69+<p>2021-12-27 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
70+<blockquote>
71+* coders/mat.c (ReadMATImage): Change 'ldblk' to size_t and
72+check related calculations for overflow and to avoid possible
73+negative seek offsets.
74+(FixLogical): Pass 'ldblk' as size_t.
75+(ReadMATImage): Assure that corrupt/incomplete image is not
76+returned.</blockquote>
77+<p>2021-12-25 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
78+<blockquote>
79+<p>* magick/profile.c (AppendImageProfile): Deprecate this function
80+since JPEG was the last user.</p>
81+<p>* coders/jpeg.c (AppendProfile): Implement more efficient way to
82+append JPEG profile chunks. Addresses SourceForge issue #634
83+&quot;Slow to read JPEG with big APP1 profile&quot;.</p>
84+<p>* coders/jp2.c (ReadJP2Image): Free 'options' which is now
85+allocated memory.</p>
86+<p>* coders/png.c (ReadOnePNGImage): Support the define
87+png:chunk-malloc-max=limit in order to allow reading PNG files
88+which report &quot;chunk data is too large&quot; or to reduce the default
89+limit. The default libpng limit is 8,000,000 bytes, which is more
90+than sufficient for normal files. Note that since PNG uses
91+compression, the limit is on the uncompressed data and a
92+relatively small file may be able to provide a chunk which
93+decompresses to a large size. Addresses SourceForge #594 &quot;Be able
94+to affect libpng user_chunk_malloc_max&quot;.</p>
95+</blockquote>
96+<p>2021-12-24 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
97+<blockquote>
98+<p>* PerlMagick/Magick.xs: Fix issue that image fill attribute had
99+its opacity reset to transparent so it could not be usefully set
100+at image scope. Note that this fix may change results if the fill
101+attribute is not set since then the default will actually be used.
102+Support Get of &quot;fill&quot; and &quot;stroke&quot;. Addresses SourceForge issue
103+#650 &quot;Image attributes not working and not as documented for
104+PerlMagick&quot;. Eliminate use of dangerous strncpy().</p>
105+<p>* magick/transform.c (TransformImage): Trace crop geometry. Trace
106+transform geometry.
107+(CropImage): Trace crop geometry. Trace bounding page.</p>
108+<p>* Magick++/lib/Image.cpp (Magick::Image::trim): Trim requires
109+NorthWestGravity.</p>
110+<p>* magick/command.c (MogrifyImage): Trim requires
111+NorthWestGravity. Fixes SourceForge issue #653 &quot;convert: warning
112+when using -gravity with -trim&quot;. This was more than a warning.</p>
113+</blockquote>
114+<p>2021-12-23 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
115+<blockquote>
116+* coders/jp2.c: Properly support passing JasPer options for
117+decoder and encoder, including the 'debug' option.
118+(initialize_jasper): Call jas_conf_set_allocator() and pass the
119+maximum amount of memory it should be allocated to use. This
120+seems to avoid a malfunction. Re-enable use of jas_initialize().</blockquote>
121+<p>2021-12-22 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
122+<blockquote>
123+<p>* coders/jp2.c (realloc_rlm): JasPer wants its custom memory
124+allocators to return non-null for a zero-sized request. Make it
125+so for the 'realloc' case as well. Development JasPer 3.0.0
126+jas_initialize() is not yet ready for our purposes.</p>
127+<p>* coders/mat.c (ReadMATImageV4): Change 'ldblk' to size_t and
128+check related calculations for overflow and to avoid possible
129+negative seek offsets.</p>
130+</blockquote>
131+<p>2021-12-21 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
132+<blockquote>
133+<p>* magick/signature.c: Remove functions FinalizeSignature,
134+GetSignatureInfo, TransformSignature, UpdateSignature and other
135+private implementation details from signature.h. Use managed
136+memory allocator.</p>
137+<p>* coders/png.c (DestroyJNG): Deallocate alpha_image temporary file in DestroyJNG().
138+(ReadOnePNGImage): If setjmp fires, then don't return a broken
139+image.</p>
140+</blockquote>
141+<p>2021-12-18 Fojtik Jaroslav &lt;<a class="reference external" href="mailto:JaFojtik&#37;&#52;&#48;yandex&#46;com">JaFojtik<span>&#64;</span>yandex<span>&#46;</span>com</a>&gt;</p>
142+<blockquote>
143+* magick/wpg.c: Fix incorrect TrX and TrY elements in CTM.
144+Backported from WP2LaTeX: <a class="reference external" href="https://hg.osdn.net/view/wp2latex/wp2latex/rev/ce47149e7e67">https://hg.osdn.net/view/wp2latex/wp2latex/rev/ce47149e7e67</a></blockquote>
145+<p>2021-12-14 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
146+<blockquote>
147+<p>* utilities/tests/convert.tap: Use sed to count file lines rather
148+than wc since wc output is inconsistent. Fixes SourceForge issue
149+#657 &quot;Convert test fails in 1.3.37&quot;.</p>
150+<p>* configure.ac: Search for a GnuPG 'gpg' program.</p>
151+<p>* Makefile.am (snapshot): Add support for PGP-signed snapshots.</p>
152+<p>* www/download.rst: Add documentation for how to validate
153+downloaded files.</p>
154+</blockquote>
155+<p>2021-12-12 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
156+<blockquote>
157+<p>* version.sh: Update shared library versioning information for
158+forthcoming 1.3.37 release.</p>
159+<p>* scripts/graphicsmagick_snapshot_copy-ssh: Sample
160+graphicsmagick_snapshot_copy script which uses scp to copy
161+snapshot files to a directory at a remote host, and then rsync
162+over ssh from there to SourceForge. Copy to a local script
163+directory and edit to suit local requirements.</p>
164+<p>* scripts/graphicsmagick_snapshot_copy-local: Sample
165+graphicsmagick_snapshot_copy script to copy snapshot files to a
166+local directory and then rsync over ssh to SourceForge. Copy to a
167+local script directory and edit to suit local requirements.</p>
168+<p>* Makefile.am (snapshot): Rely on the graphicsmagick_snapshot_copy
169+script to reduce files we don't care to distribute so that all
170+targets are still produced.</p>
171+<p>* coders/jp2.c (alloc_rlm): JasPer expects its allocator to return
172+non-null for zero size</p>
173+</blockquote>
174+<p>2021-12-05 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
175+<blockquote>
176+<p>* Makefile.am (snapshot): Update the snapshot target to distribute
177+a minimal set of files.</p>
178+<p>* magick/symbols.h: Update the list of Gm prefixed symbols.</p>
179+<p>* NEWS.txt: Updated with changes until today.</p>
180+</blockquote>
181+<p>2021-12-04 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
182+<blockquote>
183+<p>* www/index.rst: Development snapshots are now at SourceForge.</p>
184+<p>* www/download.rst, www/index.rst, README.txt: Remove references
185+to ftp.graphicsmagick.org, which was shut down due to continuing
186+abusive practices and lack of support from the user community.</p>
187+</blockquote>
188+<p>2021-12-03 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
189+<blockquote>
190+<p>* magick/memory-private.h
191+(MagickAllocateResourceLimitedMemoryAttribute): Remove extraneous
192+comma.</p>
193+<p>* coders/wpg.c (LoadWPG2Flags): Fix comment type and whitespace
194+issues.</p>
195+</blockquote>
196+<p>2021-11-15 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
197+<blockquote>
198+* coders/caption.c (ReadCAPTIONImage): Set draw_info to NULL upon
199+deallocation. Fixes an assertion reported by Michael Melcher via
200+the graphicsmagick-bugs list on November 11, 2021.</blockquote>
201+<p>2021-11-05 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
202+<blockquote>
203+* coders/jp2.c (initialize_jasper): For JasPer 3.0.0 and later,
204+use resource-limited memory allocators. JasPer 3.0.0 is not yet
205+released at this time.</blockquote>
206+<p>2021-11-04 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
207+<blockquote>
208+<p>* coders/gif.c (ReadGIFImage): Handle GIF files where the 'opaque'
209+index matches the number of colors by producing an extra colormap
210+entry of transparent black. Fixes SourceForge issue 649 &quot;Bug with
211+gm identify&quot; where the test case produces the error &quot;Invalid
212+colormap index (index 128 &gt;= 128 colors, /tmp/broken.gif)&quot;.</p>
213+<p>* magick/enum_strings.c (StringToDisposeType): New utility
214+function to convert a string to a DisposeType.
215+(DisposeTypeToString) New utility function to convert a
216+DisposeType to a string.</p>
217+<p>* coders/msl.c (MSLEndElement): Ignore imbalanced group
218+closure. Fixes oss-fuzz 40680 &quot;graphicsmagick:coder_MSL_fuzzer:
219+Heap-buffer-overflow in MSLEndElement&quot;.</p>
220+</blockquote>
221+<p>2021-11-03 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
222+<blockquote>
223+<p>* coders/tiff.c (ReadTIFFImage): Make sure that loops using
224+TIFFReadScanline(), etc, do quit upon first reported error. Fixes
225+oss-fuzz 39167 &quot;graphicsmagick:coder_BIGTIFF_fuzzer:
226+Use-of-uninitialized-value in DisassociateAlphaRegion&quot;, as well as
227+other such cases.</p>
228+<p>* coders/png.c (png_get_data): On a short read, assure that the
229+remainder of the buffer is initialized just in case subsequent
230+code accesses it.</p>
231+<p>* coders/msl.c (MSLStartElement): Assure that
232+'msl_info-&gt;attributes[n]' is not NULL before attempting to use it.
233+This is assumed to eliminate oss-fuzz 40226
234+&quot;graphicsmagick:coder_MSL_fuzzer: ASSERT: image != (Image *)
235+NULL&quot;.</p>
236+</blockquote>
237+<p>2021-11-02 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
238+<blockquote>
239+* coders/msl.c (MSLStartElement): Return immediately if there is
240+already an error or the image is NULL. Do not discard exceptions
241+when calling functions which return a new image. Try even harder
242+to shut down the libxml2 parser. Fixes SourceForge issue 652 &quot;SEGV
243+in gm at coders/msl.c:883&quot;.</blockquote>
244+<p>2021-10-31 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
245+<blockquote>
246+* magick/widget.c (MagickXPreferencesWidget): Eliminate
247+compilation warning about 'strlen' argument missing terminating
248+nul.</blockquote>
249+<p>2021-10-24 Fojtik Jaroslav &lt;<a class="reference external" href="mailto:JaFojtik&#37;&#52;&#48;yandex&#46;com">JaFojtik<span>&#64;</span>yandex<span>&#46;</span>com</a>&gt;</p>
250+<blockquote>
251+* magick/wpg.c: ObjectID&gt;=0x8000 automatically switches double precision on.</blockquote>
252+<p>2021-09-18 Fojtik Jaroslav &lt;<a class="reference external" href="mailto:JaFojtik&#37;&#52;&#48;yandex&#46;com">JaFojtik<span>&#64;</span>yandex<span>&#46;</span>com</a>&gt;</p>
253+<blockquote>
254+* PerlMagick/t/wmf/JPGinside.emf: Add test file: EMF that embedds
255+JPG.</blockquote>
256+<p>2021-09-17 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
257+<blockquote>
258+* magick/blob.c (WriteBlob): Use appropriate handle for bzip2.
259+Patch by Sam James &lt;<a class="reference external" href="mailto:sam&#37;&#52;&#48;gentoo&#46;org">sam<span>&#64;</span>gentoo<span>&#46;</span>org</a>&gt;.</blockquote>
260+<p>2021-08-26 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
261+<blockquote>
262+<p>* coders/jp2.c (initialize_jasper): Make minimal use of new JasPer
263+function jas_initialize() in order to avoid severe problems with
264+jas_init().</p>
265+<p>* configure.ac: Detect new JasPer function jas_initialize().</p>
266+</blockquote>
267+<p>2021-08-14 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
268+<blockquote>
269+<p>* coders/msl.c (MSLError): Call xmlStopParser() rather than
270+setting parser instate = XML_PARSER_EOF.</p>
271+<p>* coders/svg.c (SVGError): Call xmlStopParser() rather than
272+setting parser instate = XML_PARSER_EOF.</p>
273+</blockquote>
274+<p>2021-07-21 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
275+<blockquote>
276+<p>* coders/pdf.c (WritePDFImage): Use appropriate memory deallocator
277+for memory returned by StringToList(). Fixes SourceForge issue
278+646 &quot;Assertion failed using -label with PDF&quot;.</p>
279+<p>* coders/webp.c (ReadWEBPImage): Add full error checking when
280+retrieving embedded profiles.</p>
281+<p>* magick/profile.c (SetImageProfile): Do not try to store a
282+zero-sized profile.</p>
283+<p>* coders/webp.c (ReadWEBPImage): Enforce that embedded profiles
284+provided by libWebP are not zero-sized. This problem was brought
285+to our attention by Shane Bishop on the graphicsmagick-help
286+mailing list.</p>
287+</blockquote>
288+<p>2021-07-18 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
289+<blockquote>
290+<p>* Makefile.am: Add support for using an external
291+'graphicsmagick_snapshot_copy' script to copy files for the
292+'snapshot' target. This provides local control over how files are
293+copied and where they are copied to.</p>
294+<p>* coders/msl.c (MSLStartElement): Use macros to simplify
295+validations and reduce repeated code fragments. Add validations
296+for image size and pixels present where applicable. Fixes
297+oss-fuzz 36224 &quot;graphicsmagick:coder_MSL_fuzzer: Timeout in
298+coder_MSL_fuzzer&quot;.</p>
299+<p>* magick/transform.c (RollImage): Assert that image rows and
300+columns are not zero.</p>
301+</blockquote>
302+<p>2021-07-16 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
303+<blockquote>
304+* coders/jp2.c (initialize_jasper): Update for the latest version
305+of the evolving jas_init_custom() interface provided by the
306+mdadams-callbacks branch.</blockquote>
307+<p>2021-07-05 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
308+<blockquote>
309+* coders/jp2.c: Assure that the designated decoder is used rather
310+than using autodetection and possibly using a different decoder
311+than intended. Added experimental support for JasPer
312+HAVE_JAS_INIT_CUSTOM feature, but leave disabled by default. Fix
313+a stream manager bug noticed with the madams-callbacks branch of
314+JasPer.</blockquote>
315+<p>2021-06-27 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
316+<blockquote>
317+<p>* coders/msl.c (ProcessMSLScript): Fix possible use of freed
318+memory. Fixes oss-fuzz 35621 &quot;graphicsmagick:coder_MSL_fuzzer:
319+ASSERT: image-&gt;signature == MagickSignature&quot;.</p>
320+<p>* fuzzing/oss-fuzz-build.sh: Disable reading and writing of
321+gzip/bzip files since we don't have a viable solution for formats
322+which require an uncompressed file as input.</p>
323+</blockquote>
324+<p>2021-06-26 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
325+<blockquote>
326+<p>* coders/pcx.c (ReadPCXImage): Fix problem that 16-colors are used
327+rather than 256-colors given sample file provided. Resolves
328+SourceForge patch #65 &quot;PCX file not read correctly&quot;. Patch is by
329+Sam Yang.</p>
330+<p>* coders/jp2.c (ReadJP2Image): Pass &quot;max_samples&quot; option to Jasper
331+to try to limit the amount of memory it may allocate while opening
332+a file. Addresses oss-fuzz 35265
333+&quot;graphicsmagick:coder_PGX_fuzzer: Out-of-memory in
334+coder_PGX_fuzzer&quot;.</p>
335+</blockquote>
336+<p>2021-06-22 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
337+<blockquote>
338+* coders/webp.c (ReadWEBPImage): Use SetImagePixelsEx() rather
339+than GetImagePixelsEx() in reader. Patch by Tobias Mark via
340+SourceForge patch #66 &quot;Minor improvment webp&quot;.</blockquote>
341+<p>2021-06-12 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
342+<blockquote>
343+* coders/svg.c (GetTransformTokens): Fix massive over-allocation
344+of string due to use of AcquireString() on entire remaining text
345+buffer. Addresses oss-fuzz 35171 &quot;graphicsmagick:coder_SVG_fuzzer:
346+Out-of-memory in coder_SVG_fuzzer&quot;.
347+(GetTransformTokens): Apply an arbitrary limit on number of tokens
348+to avoid DOS.
349+(GetStyleTokens): Fix massive over-allocation of string due to use
350+of AcquireString() on entire remaining text buffer.
351+(GetStyleTokens): Don't use strlcpy() to copy token because it
352+scans full text.
353+(GetTransformTokens): Don't use strlcpy() to copy token because it
354+scans full text.</blockquote>
355+<p>2021-06-05 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
356+<blockquote>
357+<p>* coders/msl.c (MSLStartElement): Use resource-managed memory
358+allocator for msl_info-&gt;group_info and assure that memory is
359+cleared so that empty group does not result in use of
360+uninitialized data. Addresses oss-fuzz 34869
361+&quot;graphicsmagick:coder_MSL_fuzzer: Use-of-uninitialized-value in
362+MSLEndElement&quot;.</p>
363+<p>* magick/memory.c (_MagickReallocateResourceLimitedMemory): Round
364+up allocation size on small reallocs in order to lessen the number
365+of actual reallocs.</p>
366+</blockquote>
367+<p>2021-05-31 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
368+<blockquote>
369+<p>* coders/svg.c (SVGComment): Re-implement comment callback to be based on
370+the managed-memory allocator and avoid excessive use of strlen().
371+(SVGCharacters): Re-implement characters callback to to be based
372+on the managed-memory allocator and avoid excessive use of
373+strlen(). Addresses oss-fuzz 34168
374+&quot;graphicsmagick:coder_SVGZ_fuzzer: Timeout in coder_SVGZ_fuzzer&quot;.</p>
375+<p>* magick/memory.c (_MagickResourceLimitedMemoryGetSizeAttribute):
376+New private function to retrieve various integral size values from
377+the managed-memory allocator regarding a specified allocation.</p>
378+<p>* magick/utility.c (MagickStripString): New function to replace
379+'Strip' which is now deprecated. This version returns the string
380+length.</p>
381+</blockquote>
382+<p>2021-05-10 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
383+<blockquote>
384+* Magick++/lib/Magick++/{Drawable.h, STL.h}: Use _MSVC_LANG in
385+addition to __cplusplus when testing for C++'17 since the
386+Microsoft C++ compiler only properly defines __cplusplus if the
387+/Zc:__cplusplus switch was provided.</blockquote>
388+<p>2021-05-09 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
389+<blockquote>
390+<p>* Magick++/lib/Magick++/STL.h: Support compiling with C++'98
391+through C++'17.</p>
392+<p>* Magick++/lib/Magick++/Drawable.h: Support compiling with C++'98
393+through C++'17.</p>
394+</blockquote>
395+<p>2021-05-02 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
396+<blockquote>
397+* magick/command.c (CompareImageCommand): If user has not
398+indicated a 'matte' preference, then include the opacity channel
399+in the compare if either image has a matte channel. Addresses
400+SourceForge issue #642 &quot;Result of command &quot;gm compare&quot; depends on
401+order of images&quot;.</blockquote>
402+<p>2021-04-25 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
403+<blockquote>
404+* magick/compare.c (IsImagesEqual): Eliminate hard
405+&quot;ImageOpacityDiffers&quot; error when matte channel flag differs
406+between the images being compared. Instead of throwing a hard
407+error, treat the opacity channel of the image as opaque if the
408+matte flag is not set.</blockquote>
409+<p>2021-04-24 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
410+<blockquote>
411+* coders/jpeg.c: It is apparently now undefined behavior to assign
412+the return value from setjmp() to a variable. Remove recently
413+added code which is now doing that. Much thanks to Chris Gravely
414+for noticing this.</blockquote>
415+<p>2021-04-19 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
416+<blockquote>
417+* coders/jpeg.c (ReadJPEGImage): Error cases depending on
418+ThrowReaderException() were now leaking client data memory.
419+Replace such cases with customized ThrowJPEGReaderException()
420+which assures that it is freed.
421+(WriteJPEGImage): Error cases depending on ThrowWriterException()
422+were now client data memory. Replace such cases with customized
423+ThrowJPEGWriterException() which assures that it is freed.</blockquote>
424+<p>2021-04-18 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
425+<blockquote>
426+* coders/jpeg.c: Restructure client data so it is allocated on the
427+heap rather than the stack. Happens to fix SourceForge issue 641
428+&quot;SIGSEGV thrown performing longjmp in jpeg.c&quot;.</blockquote>
429+<p>2021-04-10 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
430+<blockquote>
431+<p>* coders/png.c (ReadOnePNGImage): Assure that null
432+ping_trans_alpha pointer is not dereferenced. Addresses oss-fuzz
433+33119 &quot;graphicsmagick:coder_MNG_fuzzer: Null-dereference READ in
434+ReadOnePNGImage&quot;.</p>
435+<p>* magick/profile.c (SetImageProfile): Use the resource-limited
436+memory allocator to allocate embedded profiles.</p>
437+<p>* magick/map.c (MagickMapCopyResourceLimitedString): New private
438+function to copy a resource-limited string.
439+(MagickMapDeallocateResourceLimitedString): New private function
440+to deallocate a resource-limited string.
441+(MagickMapCopyResourceLimitedBlob): New private function to copy a
442+resource-limited blob.
443+(MagickMapDeallocateResourceLimitedBlob): New private function to
444+deallocate a resource-limited blob.</p>
445+</blockquote>
446+<p>2021-04-06 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
447+<blockquote>
448+* coders/svg.c (GetStyleTokens): Limit the number of style tokens.
449+Addresses oss-fuzz 32921 &quot;graphicsmagick:coder_SVG_fuzzer:
450+Out-of-memory in coder_SVG_fuzzer&quot;.
451+(SVGComment): Only capture first comment rather than concatenating
452+all comments. Addresses oss-fuzz 32944
453+&quot;graphicsmagick:coder_SVGZ_fuzzer: Timeout in coder_SVGZ_fuzzer&quot;.</blockquote>
454+<p>2021-04-02 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
455+<blockquote>
456+* coders/msl.c (MSLReference): Fix memory leak when parser node is
457+null. Addresses oss-fuzz 32713 &quot;graphicsmagick:coder_MSL_fuzzer:
458+Direct-leak in xmlNewReference&quot;.</blockquote>
459+<p>2021-04-01 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
460+<blockquote>
461+* coders/png.c (ReadOnePNGImage): Avoid use of null
462+ping_trans_color. Fixes oss-fuzz 32666
463+&quot;graphicsmagick:coder_MNG_fuzzer: Null-dereference READ in
464+ReadOnePNGImage&quot;.</blockquote>
465+<p>2021-03-29 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
466+<blockquote>
467+* coders/msl.c (WriteMSLImage): Add OpenBlob()/CloseBlob() which
468+seems necessary to avoid memory leak in ImageToBlob(). Hopefully
469+will fix oss-fuzz 32575 &quot;graphicsmagick:coder_MSL_fuzzer:
470+Direct-leak in MagickMalloc&quot;.</blockquote>
471+<p>2021-03-26 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
472+<blockquote>
473+<p>* coders/jp2.c (RegisterJP2Image): Report JasPer library version.</p>
474+<p>* coders/msl.c (ProcessMSLScript): Free msl_image upon reader
475+failure. Should fix oss-fuzz 32479
476+&quot;graphicsmagick:coder_MSL_fuzzer: Indirect-leak in MagickMalloc&quot;.</p>
477+</blockquote>
478+<p>2021-03-24 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
479+<blockquote>
480+<p>* PerlMagick/Makefile.am (check-perl): Nullify the check-perl
481+target when PerlMagick is enabled and shared libraries are used.
482+This is because a dynamic GraphicsMagick needs to be formally
483+installed before PerlMagick can be tested.</p>
484+<p>* coders/jp2.c (ReadJP2Image): Support both old and new ways to
485+determine if JasPer codec support is available.</p>
486+<p>* coders/msl.c (ProcessMSLScript): Another attempt to properly fix
487+oss-fuzz 32263 &quot;graphicsmagick:coder_MSL_fuzzer:
488+Heap-use-after-free in ProcessMSLScript&quot; without causing new
489+problems.</p>
490+</blockquote>
491+<p>2021-03-23 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
492+<blockquote>
493+* coders/msl.c (ProcessMSLScript): Fix oss-fuzz 32263
494+&quot;graphicsmagick:coder_MSL_fuzzer: Heap-use-after-free in
495+ProcessMSLScript&quot;.</blockquote>
496+<p>2021-03-18 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
497+<blockquote>
498+* Magick++/lib/Image.cpp (Magick::Image::write): Due to the design
499+of ImageToBlob(), it is possible for data to be returned although
500+an exception was thrown. Deposit it in the Blob so that it will
501+be freed. May finish fixing oss-fuzz 31965
502+&quot;graphicsmagick:coder_MSL_fuzzer: Indirect-leak in MagickMalloc&quot;.</blockquote>
503+<p>2021-03-17 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
504+<blockquote>
505+* coders/msl.c (ProcessMSLScript): Attempt to address leak of
506+&quot;msl_image&quot;. May fix oss-fuzz 31965
507+&quot;graphicsmagick:coder_MSL_fuzzer: Indirect-leak in MagickMalloc&quot;.</blockquote>
508+<p>2021-03-13 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
509+<blockquote>
510+* coders/dcm.c (DCM_ReadNonNativeImages): Enforce that image depth
511+is in the supported range of 1-16. Embedded PGX was observed to
512+cause JasPer to report a component depth of 20 bits. Fixes
513+oss-fuzz issue 31373 &quot;graphicsmagick:coder_DCM_fuzzer:
514+Heap-buffer-overflow in DCM_SetupRescaleMap&quot;.</blockquote>
515+<p>2021-03-10 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
516+<blockquote>
517+<p>* coders/svg.c (SVGError): Force xml parser input state to
518+XML_PARSER_EOF state upon error to abort parsing.</p>
519+<p>* coders/msl.c (MSLError): Force xml parser input state to
520+XML_PARSER_EOF state upon error to abort parsing. Fixes oss-fuzz
521+31401 &quot;graphicsmagick:coder_MSL_fuzzer: Timeout in
522+coder_MSL_fuzzer&quot;.</p>
523+</blockquote>
524+<p>2021-03-08 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
525+<blockquote>
526+<p>* coders/msl.c (ProcessMSLScript): Replicate clean-up actions
527+which should already be done by MSLPopImage(). Trying to address
528+oss-fuzz 31259 &quot;graphicsmagick:coder_MSL_fuzzer: Direct-leak in
529+MagickMalloc&quot;, which I have not been able to reproduce.</p>
530+<p>* magick/tsd.c (MagickTsdKeyDelete): Fix memory leak of key values
531+array at exit when use of pthread or WIN32 TSD APIs is disabled.</p>
532+</blockquote>
533+<p>2021-03-07 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
534+<blockquote>
535+<p>* coders/msl.c (MSLStartElement): Consistently verify that
536+attributes are non-NULL before calling TranslateText(). Fixes
537+oss-fuzz 31779 &quot;graphicsmagick:coder_MSL_fuzzer: ASSERT: image !=
538+(Image *) NULL&quot;.</p>
539+<p>* README.txt: Add mention of libdeflate library, since it is an
540+optional dependency of the next libtiff release, and might be
541+required to link if libtiff itself depends on it.</p>
542+<p>* configure.ac (MAGICK_DEP_LIBS): Liblzma is a libtiff dependency.
543+GraphicsMagick does not directly use liblzma. Do not include
544+liblzma as direct dependency for the modules build.</p>
545+</blockquote>
546+<p>2021-03-04 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
547+<blockquote>
548+* coders/svg.c (ProcessStyleClassDefs): Fix non-terminal execution
549+while traversing &quot;active&quot; list based on a patch by Gregory J
550+Wolfe. Addresses oss-fuzz 31663
551+&quot;graphicsmagick:coder_SVGZ_fuzzer: Timeout in coder_SVGZ_fuzzer&quot;.</blockquote>
552+<p>2021-03-02 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
553+<blockquote>
554+* coders/svg.c (ProcessStyleClassDefs): Corrected fix for oss-fuzz
555+31234 &quot;graphicsmagick:coder_SVG_fuzzer: Direct-leak in
556+MagickMalloc&quot; based on a patch by Gregory J Wolfe.</blockquote>
557+<p>2021-02-28 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
558+<blockquote>
559+<p>* configure.ac: Add tests for Jasper jp2_decode(), jpc_decode(),
560+and pgx_decode().</p>
561+<p>* coders/jp2.c (ReadJP2Image): Call jp2_decode(), jpc_decode(), or
562+pgx_decode(), directly. Using jas_image_decode() makes us subject
563+to Jasper's own format determination, which may include file
564+formats we don't want to support via Jasper.</p>
565+<p>* fuzzing/oss-fuzz-build.sh: Disable support for Jasper codecs we
566+don't want or need.</p>
567+</blockquote>
568+<p>2021-02-27 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
569+<blockquote>
570+<p>* coders/msl.c (MSLStartElement): Fix assertion in TranslateText()
571+when there are no attributes available. Addresses oss-fuzz 31307
572+&quot;graphicsmagick:coder_MSL_fuzzer: ASSERT: image != (Image *)
573+NULL&quot;.</p>
574+<p>* coders/svg.c (ProcessStyleClassDefs): Fix memory leak upon
575+malformed class name list. Addresses oss-fuzz 31234
576+&quot;graphicsmagick:coder_SVG_fuzzer: Direct-leak in MagickMalloc&quot;.
577+(ProcessStyleClassDefs): Fix non-terminal loop and huge memory
578+allocation caused by self-referential list. Not sure if
579+implementation is as intended, but it does not crash. Addresses
580+oss-fuzz 31391 &quot;graphicsmagick:coder_SVG_fuzzer: Out-of-memory in
581+coder_SVG_fuzzer&quot;.
582+(SVGReference): Fix memory leak when parser node is null.
583+Addresses oss-fuzz 31286 &quot;graphicsmagick:coder_SVGZ_fuzzer:
584+Direct-leak in xmlNewReference&quot;.</p>
585+</blockquote>
586+<p>2021-02-25 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
587+<blockquote>
588+* coders/msl.c (MSLCDataBlock): Fix leak of value from
589+xmlNewCDataBlock(). Addresses oss-fuzz 31400
590+&quot;graphicsmagick:coder_MSL_fuzzer: Direct-leak in
591+xmlNewCDataBlock&quot;.</blockquote>
592+<p>2021-02-22 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
593+<blockquote>
594+* coders/svg.c (ProcessStyleClassDefs): Fix non-terminal loop
595+caused by a self-referential list which results in huge memory
596+usage. Addresses oss-fuzz 31238 &quot;graphicsmagick:coder_SVG_fuzzer:
597+Out-of-memory in coder_SVG_fuzzer&quot;.</blockquote>
598+<p>2021-02-21 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
599+<blockquote>
600+<p>* coders/svg.c (SVGStartElement): Reject impossibly small bounds
601+and view_box width or height. Addresses oss-fuzz 31224
602+&quot;graphicsmagick:coder_SVG_fuzzer: Divide-by-zero in
603+SVGStartElement&quot;.</p>
604+<p>* coders/msl.c (MSLPushImage): Only clone attributes if not null.
605+Should address oss-fuzz 31205 &quot;graphicsmagick:coder_MSL_fuzzer:
606+ASSERT: image != (Image *) NULL&quot;.</p>
607+<p>* coders/jp2.c (ReadJP2Image): Validate that actual file header
608+does appear to be a supported format regardless of 'magick' being
609+forced. Jasper appears to dispatch to other libraries if it
610+detects a known format it supports and then the program exits if
611+there is a problem. Fixes oss-fuzz 31200
612+&quot;graphicsmagick:coder_JPC_fuzzer: Unexpected-exit in error_exit&quot;.</p>
613+</blockquote>
614+<p>2021-02-20 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
615+<blockquote>
616+<p>* magick/nt_base.c (NTGhostscriptFind,NTGhostscriptGetString):
617+Handle Ghostscript point versions added after 9.52. Fixes
618+SourceForge issue #636 'Failed to find Ghostscript' with
619+Ghostscript version 9.53.0+.</p>
620+<p>* fuzzing/oss-fuzz-build.sh: Patch by Paul Kehrer to incorporate
621+Jasper and libxml2 into the oss-fuzz build.</p>
622+</blockquote>
623+<p>2021-02-14 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
624+<blockquote>
625+* VisualMagick/All/All.vcproj.in: Fixes by sourcer42
626+&lt;<a class="reference external" href="mailto:sourcer42&#37;&#52;&#48;users&#46;sourceforge&#46;net">sourcer42<span>&#64;</span>users<span>&#46;</span>sourceforge<span>&#46;</span>net</a>&gt; for the problem that Visual
627+Studio is not able to load the All project if the project supports
628+the x64 target.</blockquote>
629+<p>2021-02-12 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
630+<blockquote>
631+* www/Hg.rst: Document new redundant Mercurial server at OSDN,
632+&quot;<a class="reference external" href="https://hg.osdn.net/view/graphicsmagick/GM">https://hg.osdn.net/view/graphicsmagick/GM</a>&quot;.</blockquote>
633+<p>2021-02-07 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
634+<blockquote>
635+<p>* Add explicit cast to float where implicit casts to float from
636+double were occurring.</p>
637+<p>* magick/utility.c (MagickDoubleToLong): Guard against LONG_MAX
638+not directly representable as a double.</p>
639+</blockquote>
640+<p>2021-02-06 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
641+<blockquote>
642+* magick/utility.c (TranslateTextEx): If image resolution is
643+impossibly small, then report the default resolution of 72 DPI, or
644+the equivalent in centimeters if units is in
645+pixels-per-centimeter. Addresses SourceForge bug #396 &quot;dpi not
646+retrived (no default value)&quot;. I do have some misgivings about
647+this solution since it is lying about the actual value. Not all
648+usages of raster images have an associated physical reality and
649+thus resolution is not necessarily relevant.</blockquote>
650+<p>2021-02-04 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
651+<blockquote>
652+* coders/tiff.c, coders/ps2.c, coders/ps3.c: Libtiff versions
653+beyond 20201219 want to use types from stdint.h.</blockquote>
654+<p>2021-01-31 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
655+<blockquote>
656+* magick/monitor.c (MagickMonitorActive): Need to export this
657+function for use by modules.</blockquote>
658+<p>2021-01-30 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
659+<blockquote>
660+<p>* VisualMagick/bin: Remove hp2xx.exe, mpeg2dec.exe, and
661+mpeg2enc.exe. There is no value to distributing these pre-built
662+and flimsy executables in the source package.</p>
663+<p>* filters/analyze.c (AnalyzeImage): Add OpenMP speed-ups.</p>
664+</blockquote>
665+<p>2021-01-29 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
666+<blockquote>
667+<p>* filters/analyze.c (AnalyzeImage): Tidy the structure of the code
668+a bit.</p>
669+<p>* magick/module.c (ExecuteModuleProcess): Add error reporting for
670+the case that the expected symbol is not resolved.</p>
671+</blockquote>
672+<p>2021-01-23 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
673+<blockquote>
674+* configure.ac: Remove updates to use recommended forms of AC_INIT
675+and AM_INIT_AUTOMAKE. There were too many annoying side-effects
676+to daily development from these changes. Perhaps they will be
677+re-visited if solutions for Autotools regeneration issues are
678+found.</blockquote>
679+<p>2021-01-19 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
680+<blockquote>
681+* magick/render.c (InverseAffineMatrix): Avoid possible division
682+by zero or absurdly extreme scaling in InverseAffineMatrix().
683+Fixes oss-fuzz 28293 &quot;Divide-by-zero - InverseAffineMatrix&quot;.</blockquote>
684+<p>2021-01-13 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
685+<blockquote>
686+* configure.ac (CONFIG_STATUS_DEPENDENCIES): Regenerate
687+configure.ac if ChangeLog or version.sh is updated.</blockquote>
688+<p>2021-01-10 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
689+<blockquote>
690+<p>* coders/pdf.c (WritePDFImage): Converting a TIF to a PDF set the
691+page MediaBox to the TIFF dimensions in pixels while the CropBox
692+is set in local context dimensions. The latter is correct, the
693+former is not. Set the MediaBox to the proper dimension in local
694+context. Should be the same in this context. Patch by Hubert
695+Figuiere and retrieved from SourceForge patch #64 &quot;Incorrect
696+MediaBox in PDF export&quot;.</p>
697+<p>* magick/pixel_cache.c: Memory cache implementation of pixel cache
698+now uses resource limited memory allocator. It was previously
699+resource limited, but by using the resource allocation APIs
700+directly.</p>
701+</blockquote>
702+<p>2021-01-09 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
703+<blockquote>
704+* coders/tiff.c: Remove unintended double-charging for memory
705+resource. Remove explicit memset where possible.</blockquote>
706+<p>2021-01-07 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
707+<blockquote>
708+<p>* coders/gif.c (ReadGIFImage): Fix memory leak of global_colormap
709+if realloc of memory for comment fails. Fixes oss-fuzz 29316
710+&quot;Direct-leak in MagickMalloc&quot;.</p>
711+<p>* coders/meta.c (ReadMETAImage): Fix double-free if blob buffer
712+was reallocated after being attached to blob. Fixes oss-fuzz
713+29193 &quot;Heap-double-free in MagickFree&quot;.</p>
714+</blockquote>
715+<p>2021-01-06 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
716+<blockquote>
717+* configure.ac: Updates to use recommended forms of AC_INIT and
718+AM_INIT_AUTOMAKE. This was/is painful due to how development
719+snapshot versioning is handled. The version string produced for
720+the snapshot version will now contain the snapshot date. Effort
721+has been made to avoid other impacts due to AC_INIT's enforcements
722+for how version information is used.</blockquote>
723+<p>2021-01-02 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
724+<blockquote>
725+<p>* PerlMagick/Magick.xs: Remove GCC warnings which spewed out at
726+increased warning levels.</p>
727+<p>* magick/magick_types.h.in: Hide definitions not intended for the
728+rest of the world under &quot;if defined(MAGICK_IMPLEMENTATION)&quot;.</p>
729+</blockquote>
730+<p>2021-01-01 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
731+<blockquote>
732+<p>* configure.ac: Skip library symbol tests for gdi32 since these
733+fail with the MSYS2 w64-i686 compiler and well as i686 Cygwin.
734+The failures caused a build regression for i686 MSYS2/Cygwin.</p>
735+<p>* Copyright.txt: Copyright year updates and ChangeLog rotation for
736+the new year.</p>
737+</blockquote>
39738 </div>
40739
41740 <hr class="docutils">
diff -r f31b38267c37 -r eae611832371 www/Changelog.html
--- a/www/Changelog.html Fri Dec 31 17:37:22 2021 -0600
+++ b/www/Changelog.html Sat Jan 01 12:38:34 2022 -0600
@@ -35,706 +35,9 @@
3535 <div class="document">
3636
3737
38-<p>2021-12-31 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
39-<blockquote>
40-<p>* doc/{gmdoc2html, gmdocselect, imdoc2man, imdocselect}: Fixes to
41-work better with both GNU sed and Solaris/Illumos sed.</p>
42-<p>* doc/GNUmakefile: Use GNU make rules to produce the full imdoc
43-list for man, html, and tex, rather than relying on a shell
44-wildcard expression, since the order produced by the shell
45-wildcard expression is indeterminate.</p>
46-</blockquote>
47-<p>2021-12-30 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
48-<blockquote>
49-<p>* www/index.rst: Document that
50-<a class="reference external" href="https://graphicsmagick.sourceforge.io/index.html">https://graphicsmagick.sourceforge.io/index.html</a> is also
51-available.</p>
52-<p>* www/programming.rst: Update URLs. Add a link to a 'Go' binding.</p>
53-<p>* Copyright.txt: Update Copyright text for 2022 and prepare for
54-new year.</p>
55-</blockquote>
56-<p>2021-12-29 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
57-<blockquote>
58-<p>* coders/{gif.c, meta.c, miff.c, mpc.c, pdb.c, pnm.c xpm.c}: Rely
59-on _MagickReallocateResourceLimitedMemory() to extend memory
60-allocation.</p>
61-<p>* magick/memory.c (_MagickReallocateResourceLimitedMemory): Remove
62-size limit from realloc binary expansion. Fix reallocs tally counts.</p>
63-<p>* magick/memory-private.h(_MagickReallocateResourceLimitedMemory)
64-: Remove use of GCC/Clang '__attribute_malloc__' since it is not
65-appropriate for this function.</p>
66-<p>* magick/memory.c (_MagickReallocateResourceLimitedMemory):
67-Maintain a tally of the total number of octets moved by realloc.</p>
68-</blockquote>
69-<p>2021-12-27 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
70-<blockquote>
71-* coders/mat.c (ReadMATImage): Change 'ldblk' to size_t and
72-check related calculations for overflow and to avoid possible
73-negative seek offsets.
74-(FixLogical): Pass 'ldblk' as size_t.
75-(ReadMATImage): Assure that corrupt/incomplete image is not
76-returned.</blockquote>
77-<p>2021-12-25 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
78-<blockquote>
79-<p>* magick/profile.c (AppendImageProfile): Deprecate this function
80-since JPEG was the last user.</p>
81-<p>* coders/jpeg.c (AppendProfile): Implement more efficient way to
82-append JPEG profile chunks. Addresses SourceForge issue #634
83-&quot;Slow to read JPEG with big APP1 profile&quot;.</p>
84-<p>* coders/jp2.c (ReadJP2Image): Free 'options' which is now
85-allocated memory.</p>
86-<p>* coders/png.c (ReadOnePNGImage): Support the define
87-png:chunk-malloc-max=limit in order to allow reading PNG files
88-which report &quot;chunk data is too large&quot; or to reduce the default
89-limit. The default libpng limit is 8,000,000 bytes, which is more
90-than sufficient for normal files. Note that since PNG uses
91-compression, the limit is on the uncompressed data and a
92-relatively small file may be able to provide a chunk which
93-decompresses to a large size. Addresses SourceForge #594 &quot;Be able
94-to affect libpng user_chunk_malloc_max&quot;.</p>
95-</blockquote>
96-<p>2021-12-24 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
97-<blockquote>
98-<p>* PerlMagick/Magick.xs: Fix issue that image fill attribute had
99-its opacity reset to transparent so it could not be usefully set
100-at image scope. Note that this fix may change results if the fill
101-attribute is not set since then the default will actually be used.
102-Support Get of &quot;fill&quot; and &quot;stroke&quot;. Addresses SourceForge issue
103-#650 &quot;Image attributes not working and not as documented for
104-PerlMagick&quot;. Eliminate use of dangerous strncpy().</p>
105-<p>* magick/transform.c (TransformImage): Trace crop geometry. Trace
106-transform geometry.
107-(CropImage): Trace crop geometry. Trace bounding page.</p>
108-<p>* Magick++/lib/Image.cpp (Magick::Image::trim): Trim requires
109-NorthWestGravity.</p>
110-<p>* magick/command.c (MogrifyImage): Trim requires
111-NorthWestGravity. Fixes SourceForge issue #653 &quot;convert: warning
112-when using -gravity with -trim&quot;. This was more than a warning.</p>
113-</blockquote>
114-<p>2021-12-23 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
115-<blockquote>
116-* coders/jp2.c: Properly support passing JasPer options for
117-decoder and encoder, including the 'debug' option.
118-(initialize_jasper): Call jas_conf_set_allocator() and pass the
119-maximum amount of memory it should be allocated to use. This
120-seems to avoid a malfunction. Re-enable use of jas_initialize().</blockquote>
121-<p>2021-12-22 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
122-<blockquote>
123-<p>* coders/jp2.c (realloc_rlm): JasPer wants its custom memory
124-allocators to return non-null for a zero-sized request. Make it
125-so for the 'realloc' case as well. Development JasPer 3.0.0
126-jas_initialize() is not yet ready for our purposes.</p>
127-<p>* coders/mat.c (ReadMATImageV4): Change 'ldblk' to size_t and
128-check related calculations for overflow and to avoid possible
129-negative seek offsets.</p>
130-</blockquote>
131-<p>2021-12-21 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
132-<blockquote>
133-<p>* magick/signature.c: Remove functions FinalizeSignature,
134-GetSignatureInfo, TransformSignature, UpdateSignature and other
135-private implementation details from signature.h. Use managed
136-memory allocator.</p>
137-<p>* coders/png.c (DestroyJNG): Deallocate alpha_image temporary file in DestroyJNG().
138-(ReadOnePNGImage): If setjmp fires, then don't return a broken
139-image.</p>
140-</blockquote>
141-<p>2021-12-18 Fojtik Jaroslav &lt;<a class="reference external" href="mailto:JaFojtik&#37;&#52;&#48;yandex&#46;com">JaFojtik<span>&#64;</span>yandex<span>&#46;</span>com</a>&gt;</p>
142-<blockquote>
143-* magick/wpg.c: Fix incorrect TrX and TrY elements in CTM.
144-Backported from WP2LaTeX: <a class="reference external" href="https://hg.osdn.net/view/wp2latex/wp2latex/rev/ce47149e7e67">https://hg.osdn.net/view/wp2latex/wp2latex/rev/ce47149e7e67</a></blockquote>
145-<p>2021-12-14 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
146-<blockquote>
147-<p>* utilities/tests/convert.tap: Use sed to count file lines rather
148-than wc since wc output is inconsistent. Fixes SourceForge issue
149-#657 &quot;Convert test fails in 1.3.37&quot;.</p>
150-<p>* configure.ac: Search for a GnuPG 'gpg' program.</p>
151-<p>* Makefile.am (snapshot): Add support for PGP-signed snapshots.</p>
152-<p>* www/download.rst: Add documentation for how to validate
153-downloaded files.</p>
154-</blockquote>
155-<p>2021-12-12 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
156-<blockquote>
157-<p>* version.sh: Update shared library versioning information for
158-forthcoming 1.3.37 release.</p>
159-<p>* scripts/graphicsmagick_snapshot_copy-ssh: Sample
160-graphicsmagick_snapshot_copy script which uses scp to copy
161-snapshot files to a directory at a remote host, and then rsync
162-over ssh from there to SourceForge. Copy to a local script
163-directory and edit to suit local requirements.</p>
164-<p>* scripts/graphicsmagick_snapshot_copy-local: Sample
165-graphicsmagick_snapshot_copy script to copy snapshot files to a
166-local directory and then rsync over ssh to SourceForge. Copy to a
167-local script directory and edit to suit local requirements.</p>
168-<p>* Makefile.am (snapshot): Rely on the graphicsmagick_snapshot_copy
169-script to reduce files we don't care to distribute so that all
170-targets are still produced.</p>
171-<p>* coders/jp2.c (alloc_rlm): JasPer expects its allocator to return
172-non-null for zero size</p>
173-</blockquote>
174-<p>2021-12-05 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
175-<blockquote>
176-<p>* Makefile.am (snapshot): Update the snapshot target to distribute
177-a minimal set of files.</p>
178-<p>* magick/symbols.h: Update the list of Gm prefixed symbols.</p>
179-<p>* NEWS.txt: Updated with changes until today.</p>
180-</blockquote>
181-<p>2021-12-04 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
182-<blockquote>
183-<p>* www/index.rst: Development snapshots are now at SourceForge.</p>
184-<p>* www/download.rst, www/index.rst, README.txt: Remove references
185-to ftp.graphicsmagick.org, which was shut down due to continuing
186-abusive practices and lack of support from the user community.</p>
187-</blockquote>
188-<p>2021-12-03 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
189-<blockquote>
190-<p>* magick/memory-private.h
191-(MagickAllocateResourceLimitedMemoryAttribute): Remove extraneous
192-comma.</p>
193-<p>* coders/wpg.c (LoadWPG2Flags): Fix comment type and whitespace
194-issues.</p>
195-</blockquote>
196-<p>2021-11-15 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
197-<blockquote>
198-* coders/caption.c (ReadCAPTIONImage): Set draw_info to NULL upon
199-deallocation. Fixes an assertion reported by Michael Melcher via
200-the graphicsmagick-bugs list on November 11, 2021.</blockquote>
201-<p>2021-11-05 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
202-<blockquote>
203-* coders/jp2.c (initialize_jasper): For JasPer 3.0.0 and later,
204-use resource-limited memory allocators. JasPer 3.0.0 is not yet
205-released at this time.</blockquote>
206-<p>2021-11-04 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
207-<blockquote>
208-<p>* coders/gif.c (ReadGIFImage): Handle GIF files where the 'opaque'
209-index matches the number of colors by producing an extra colormap
210-entry of transparent black. Fixes SourceForge issue 649 &quot;Bug with
211-gm identify&quot; where the test case produces the error &quot;Invalid
212-colormap index (index 128 &gt;= 128 colors, /tmp/broken.gif)&quot;.</p>
213-<p>* magick/enum_strings.c (StringToDisposeType): New utility
214-function to convert a string to a DisposeType.
215-(DisposeTypeToString) New utility function to convert a
216-DisposeType to a string.</p>
217-<p>* coders/msl.c (MSLEndElement): Ignore imbalanced group
218-closure. Fixes oss-fuzz 40680 &quot;graphicsmagick:coder_MSL_fuzzer:
219-Heap-buffer-overflow in MSLEndElement&quot;.</p>
220-</blockquote>
221-<p>2021-11-03 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
222-<blockquote>
223-<p>* coders/tiff.c (ReadTIFFImage): Make sure that loops using
224-TIFFReadScanline(), etc, do quit upon first reported error. Fixes
225-oss-fuzz 39167 &quot;graphicsmagick:coder_BIGTIFF_fuzzer:
226-Use-of-uninitialized-value in DisassociateAlphaRegion&quot;, as well as
227-other such cases.</p>
228-<p>* coders/png.c (png_get_data): On a short read, assure that the
229-remainder of the buffer is initialized just in case subsequent
230-code accesses it.</p>
231-<p>* coders/msl.c (MSLStartElement): Assure that
232-'msl_info-&gt;attributes[n]' is not NULL before attempting to use it.
233-This is assumed to eliminate oss-fuzz 40226
234-&quot;graphicsmagick:coder_MSL_fuzzer: ASSERT: image != (Image *)
235-NULL&quot;.</p>
236-</blockquote>
237-<p>2021-11-02 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
238-<blockquote>
239-* coders/msl.c (MSLStartElement): Return immediately if there is
240-already an error or the image is NULL. Do not discard exceptions
241-when calling functions which return a new image. Try even harder
242-to shut down the libxml2 parser. Fixes SourceForge issue 652 &quot;SEGV
243-in gm at coders/msl.c:883&quot;.</blockquote>
244-<p>2021-10-31 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
245-<blockquote>
246-* magick/widget.c (MagickXPreferencesWidget): Eliminate
247-compilation warning about 'strlen' argument missing terminating
248-nul.</blockquote>
249-<p>2021-10-24 Fojtik Jaroslav &lt;<a class="reference external" href="mailto:JaFojtik&#37;&#52;&#48;yandex&#46;com">JaFojtik<span>&#64;</span>yandex<span>&#46;</span>com</a>&gt;</p>
250-<blockquote>
251-* magick/wpg.c: ObjectID&gt;=0x8000 automatically switches double precision on.</blockquote>
252-<p>2021-09-18 Fojtik Jaroslav &lt;<a class="reference external" href="mailto:JaFojtik&#37;&#52;&#48;yandex&#46;com">JaFojtik<span>&#64;</span>yandex<span>&#46;</span>com</a>&gt;</p>
253-<blockquote>
254-* PerlMagick/t/wmf/JPGinside.emf: Add test file: EMF that embedds
255-JPG.</blockquote>
256-<p>2021-09-17 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
257-<blockquote>
258-* magick/blob.c (WriteBlob): Use appropriate handle for bzip2.
259-Patch by Sam James &lt;<a class="reference external" href="mailto:sam&#37;&#52;&#48;gentoo&#46;org">sam<span>&#64;</span>gentoo<span>&#46;</span>org</a>&gt;.</blockquote>
260-<p>2021-08-26 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
261-<blockquote>
262-<p>* coders/jp2.c (initialize_jasper): Make minimal use of new JasPer
263-function jas_initialize() in order to avoid severe problems with
264-jas_init().</p>
265-<p>* configure.ac: Detect new JasPer function jas_initialize().</p>
266-</blockquote>
267-<p>2021-08-14 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
268-<blockquote>
269-<p>* coders/msl.c (MSLError): Call xmlStopParser() rather than
270-setting parser instate = XML_PARSER_EOF.</p>
271-<p>* coders/svg.c (SVGError): Call xmlStopParser() rather than
272-setting parser instate = XML_PARSER_EOF.</p>
273-</blockquote>
274-<p>2021-07-21 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
275-<blockquote>
276-<p>* coders/pdf.c (WritePDFImage): Use appropriate memory deallocator
277-for memory returned by StringToList(). Fixes SourceForge issue
278-646 &quot;Assertion failed using -label with PDF&quot;.</p>
279-<p>* coders/webp.c (ReadWEBPImage): Add full error checking when
280-retrieving embedded profiles.</p>
281-<p>* magick/profile.c (SetImageProfile): Do not try to store a
282-zero-sized profile.</p>
283-<p>* coders/webp.c (ReadWEBPImage): Enforce that embedded profiles
284-provided by libWebP are not zero-sized. This problem was brought
285-to our attention by Shane Bishop on the graphicsmagick-help
286-mailing list.</p>
287-</blockquote>
288-<p>2021-07-18 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
289-<blockquote>
290-<p>* Makefile.am: Add support for using an external
291-'graphicsmagick_snapshot_copy' script to copy files for the
292-'snapshot' target. This provides local control over how files are
293-copied and where they are copied to.</p>
294-<p>* coders/msl.c (MSLStartElement): Use macros to simplify
295-validations and reduce repeated code fragments. Add validations
296-for image size and pixels present where applicable. Fixes
297-oss-fuzz 36224 &quot;graphicsmagick:coder_MSL_fuzzer: Timeout in
298-coder_MSL_fuzzer&quot;.</p>
299-<p>* magick/transform.c (RollImage): Assert that image rows and
300-columns are not zero.</p>
301-</blockquote>
302-<p>2021-07-16 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
303-<blockquote>
304-* coders/jp2.c (initialize_jasper): Update for the latest version
305-of the evolving jas_init_custom() interface provided by the
306-mdadams-callbacks branch.</blockquote>
307-<p>2021-07-05 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
308-<blockquote>
309-* coders/jp2.c: Assure that the designated decoder is used rather
310-than using autodetection and possibly using a different decoder
311-than intended. Added experimental support for JasPer
312-HAVE_JAS_INIT_CUSTOM feature, but leave disabled by default. Fix
313-a stream manager bug noticed with the madams-callbacks branch of
314-JasPer.</blockquote>
315-<p>2021-06-27 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
316-<blockquote>
317-<p>* coders/msl.c (ProcessMSLScript): Fix possible use of freed
318-memory. Fixes oss-fuzz 35621 &quot;graphicsmagick:coder_MSL_fuzzer:
319-ASSERT: image-&gt;signature == MagickSignature&quot;.</p>
320-<p>* fuzzing/oss-fuzz-build.sh: Disable reading and writing of
321-gzip/bzip files since we don't have a viable solution for formats
322-which require an uncompressed file as input.</p>
323-</blockquote>
324-<p>2021-06-26 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
325-<blockquote>
326-<p>* coders/pcx.c (ReadPCXImage): Fix problem that 16-colors are used
327-rather than 256-colors given sample file provided. Resolves
328-SourceForge patch #65 &quot;PCX file not read correctly&quot;. Patch is by
329-Sam Yang.</p>
330-<p>* coders/jp2.c (ReadJP2Image): Pass &quot;max_samples&quot; option to Jasper
331-to try to limit the amount of memory it may allocate while opening
332-a file. Addresses oss-fuzz 35265
333-&quot;graphicsmagick:coder_PGX_fuzzer: Out-of-memory in
334-coder_PGX_fuzzer&quot;.</p>
335-</blockquote>
336-<p>2021-06-22 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
337-<blockquote>
338-* coders/webp.c (ReadWEBPImage): Use SetImagePixelsEx() rather
339-than GetImagePixelsEx() in reader. Patch by Tobias Mark via
340-SourceForge patch #66 &quot;Minor improvment webp&quot;.</blockquote>
341-<p>2021-06-12 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
342-<blockquote>
343-* coders/svg.c (GetTransformTokens): Fix massive over-allocation
344-of string due to use of AcquireString() on entire remaining text
345-buffer. Addresses oss-fuzz 35171 &quot;graphicsmagick:coder_SVG_fuzzer:
346-Out-of-memory in coder_SVG_fuzzer&quot;.
347-(GetTransformTokens): Apply an arbitrary limit on number of tokens
348-to avoid DOS.
349-(GetStyleTokens): Fix massive over-allocation of string due to use
350-of AcquireString() on entire remaining text buffer.
351-(GetStyleTokens): Don't use strlcpy() to copy token because it
352-scans full text.
353-(GetTransformTokens): Don't use strlcpy() to copy token because it
354-scans full text.</blockquote>
355-<p>2021-06-05 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
356-<blockquote>
357-<p>* coders/msl.c (MSLStartElement): Use resource-managed memory
358-allocator for msl_info-&gt;group_info and assure that memory is
359-cleared so that empty group does not result in use of
360-uninitialized data. Addresses oss-fuzz 34869
361-&quot;graphicsmagick:coder_MSL_fuzzer: Use-of-uninitialized-value in
362-MSLEndElement&quot;.</p>
363-<p>* magick/memory.c (_MagickReallocateResourceLimitedMemory): Round
364-up allocation size on small reallocs in order to lessen the number
365-of actual reallocs.</p>
366-</blockquote>
367-<p>2021-05-31 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
368-<blockquote>
369-<p>* coders/svg.c (SVGComment): Re-implement comment callback to be based on
370-the managed-memory allocator and avoid excessive use of strlen().
371-(SVGCharacters): Re-implement characters callback to to be based
372-on the managed-memory allocator and avoid excessive use of
373-strlen(). Addresses oss-fuzz 34168
374-&quot;graphicsmagick:coder_SVGZ_fuzzer: Timeout in coder_SVGZ_fuzzer&quot;.</p>
375-<p>* magick/memory.c (_MagickResourceLimitedMemoryGetSizeAttribute):
376-New private function to retrieve various integral size values from
377-the managed-memory allocator regarding a specified allocation.</p>
378-<p>* magick/utility.c (MagickStripString): New function to replace
379-'Strip' which is now deprecated. This version returns the string
380-length.</p>
381-</blockquote>
382-<p>2021-05-10 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
38+<p>2022-01-01 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
38339 <blockquote>
384-* Magick++/lib/Magick++/{Drawable.h, STL.h}: Use _MSVC_LANG in
385-addition to __cplusplus when testing for C++'17 since the
386-Microsoft C++ compiler only properly defines __cplusplus if the
387-/Zc:__cplusplus switch was provided.</blockquote>
388-<p>2021-05-09 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
389-<blockquote>
390-<p>* Magick++/lib/Magick++/STL.h: Support compiling with C++'98
391-through C++'17.</p>
392-<p>* Magick++/lib/Magick++/Drawable.h: Support compiling with C++'98
393-through C++'17.</p>
394-</blockquote>
395-<p>2021-05-02 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
396-<blockquote>
397-* magick/command.c (CompareImageCommand): If user has not
398-indicated a 'matte' preference, then include the opacity channel
399-in the compare if either image has a matte channel. Addresses
400-SourceForge issue #642 &quot;Result of command &quot;gm compare&quot; depends on
401-order of images&quot;.</blockquote>
402-<p>2021-04-25 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
403-<blockquote>
404-* magick/compare.c (IsImagesEqual): Eliminate hard
405-&quot;ImageOpacityDiffers&quot; error when matte channel flag differs
406-between the images being compared. Instead of throwing a hard
407-error, treat the opacity channel of the image as opaque if the
408-matte flag is not set.</blockquote>
409-<p>2021-04-24 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
410-<blockquote>
411-* coders/jpeg.c: It is apparently now undefined behavior to assign
412-the return value from setjmp() to a variable. Remove recently
413-added code which is now doing that. Much thanks to Chris Gravely
414-for noticing this.</blockquote>
415-<p>2021-04-19 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
416-<blockquote>
417-* coders/jpeg.c (ReadJPEGImage): Error cases depending on
418-ThrowReaderException() were now leaking client data memory.
419-Replace such cases with customized ThrowJPEGReaderException()
420-which assures that it is freed.
421-(WriteJPEGImage): Error cases depending on ThrowWriterException()
422-were now client data memory. Replace such cases with customized
423-ThrowJPEGWriterException() which assures that it is freed.</blockquote>
424-<p>2021-04-18 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
425-<blockquote>
426-* coders/jpeg.c: Restructure client data so it is allocated on the
427-heap rather than the stack. Happens to fix SourceForge issue 641
428-&quot;SIGSEGV thrown performing longjmp in jpeg.c&quot;.</blockquote>
429-<p>2021-04-10 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
430-<blockquote>
431-<p>* coders/png.c (ReadOnePNGImage): Assure that null
432-ping_trans_alpha pointer is not dereferenced. Addresses oss-fuzz
433-33119 &quot;graphicsmagick:coder_MNG_fuzzer: Null-dereference READ in
434-ReadOnePNGImage&quot;.</p>
435-<p>* magick/profile.c (SetImageProfile): Use the resource-limited
436-memory allocator to allocate embedded profiles.</p>
437-<p>* magick/map.c (MagickMapCopyResourceLimitedString): New private
438-function to copy a resource-limited string.
439-(MagickMapDeallocateResourceLimitedString): New private function
440-to deallocate a resource-limited string.
441-(MagickMapCopyResourceLimitedBlob): New private function to copy a
442-resource-limited blob.
443-(MagickMapDeallocateResourceLimitedBlob): New private function to
444-deallocate a resource-limited blob.</p>
445-</blockquote>
446-<p>2021-04-06 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
447-<blockquote>
448-* coders/svg.c (GetStyleTokens): Limit the number of style tokens.
449-Addresses oss-fuzz 32921 &quot;graphicsmagick:coder_SVG_fuzzer:
450-Out-of-memory in coder_SVG_fuzzer&quot;.
451-(SVGComment): Only capture first comment rather than concatenating
452-all comments. Addresses oss-fuzz 32944
453-&quot;graphicsmagick:coder_SVGZ_fuzzer: Timeout in coder_SVGZ_fuzzer&quot;.</blockquote>
454-<p>2021-04-02 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
455-<blockquote>
456-* coders/msl.c (MSLReference): Fix memory leak when parser node is
457-null. Addresses oss-fuzz 32713 &quot;graphicsmagick:coder_MSL_fuzzer:
458-Direct-leak in xmlNewReference&quot;.</blockquote>
459-<p>2021-04-01 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
460-<blockquote>
461-* coders/png.c (ReadOnePNGImage): Avoid use of null
462-ping_trans_color. Fixes oss-fuzz 32666
463-&quot;graphicsmagick:coder_MNG_fuzzer: Null-dereference READ in
464-ReadOnePNGImage&quot;.</blockquote>
465-<p>2021-03-29 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
466-<blockquote>
467-* coders/msl.c (WriteMSLImage): Add OpenBlob()/CloseBlob() which
468-seems necessary to avoid memory leak in ImageToBlob(). Hopefully
469-will fix oss-fuzz 32575 &quot;graphicsmagick:coder_MSL_fuzzer:
470-Direct-leak in MagickMalloc&quot;.</blockquote>
471-<p>2021-03-26 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
472-<blockquote>
473-<p>* coders/jp2.c (RegisterJP2Image): Report JasPer library version.</p>
474-<p>* coders/msl.c (ProcessMSLScript): Free msl_image upon reader
475-failure. Should fix oss-fuzz 32479
476-&quot;graphicsmagick:coder_MSL_fuzzer: Indirect-leak in MagickMalloc&quot;.</p>
477-</blockquote>
478-<p>2021-03-24 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
479-<blockquote>
480-<p>* PerlMagick/Makefile.am (check-perl): Nullify the check-perl
481-target when PerlMagick is enabled and shared libraries are used.
482-This is because a dynamic GraphicsMagick needs to be formally
483-installed before PerlMagick can be tested.</p>
484-<p>* coders/jp2.c (ReadJP2Image): Support both old and new ways to
485-determine if JasPer codec support is available.</p>
486-<p>* coders/msl.c (ProcessMSLScript): Another attempt to properly fix
487-oss-fuzz 32263 &quot;graphicsmagick:coder_MSL_fuzzer:
488-Heap-use-after-free in ProcessMSLScript&quot; without causing new
489-problems.</p>
490-</blockquote>
491-<p>2021-03-23 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
492-<blockquote>
493-* coders/msl.c (ProcessMSLScript): Fix oss-fuzz 32263
494-&quot;graphicsmagick:coder_MSL_fuzzer: Heap-use-after-free in
495-ProcessMSLScript&quot;.</blockquote>
496-<p>2021-03-18 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
497-<blockquote>
498-* Magick++/lib/Image.cpp (Magick::Image::write): Due to the design
499-of ImageToBlob(), it is possible for data to be returned although
500-an exception was thrown. Deposit it in the Blob so that it will
501-be freed. May finish fixing oss-fuzz 31965
502-&quot;graphicsmagick:coder_MSL_fuzzer: Indirect-leak in MagickMalloc&quot;.</blockquote>
503-<p>2021-03-17 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
504-<blockquote>
505-* coders/msl.c (ProcessMSLScript): Attempt to address leak of
506-&quot;msl_image&quot;. May fix oss-fuzz 31965
507-&quot;graphicsmagick:coder_MSL_fuzzer: Indirect-leak in MagickMalloc&quot;.</blockquote>
508-<p>2021-03-13 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
509-<blockquote>
510-* coders/dcm.c (DCM_ReadNonNativeImages): Enforce that image depth
511-is in the supported range of 1-16. Embedded PGX was observed to
512-cause JasPer to report a component depth of 20 bits. Fixes
513-oss-fuzz issue 31373 &quot;graphicsmagick:coder_DCM_fuzzer:
514-Heap-buffer-overflow in DCM_SetupRescaleMap&quot;.</blockquote>
515-<p>2021-03-10 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
516-<blockquote>
517-<p>* coders/svg.c (SVGError): Force xml parser input state to
518-XML_PARSER_EOF state upon error to abort parsing.</p>
519-<p>* coders/msl.c (MSLError): Force xml parser input state to
520-XML_PARSER_EOF state upon error to abort parsing. Fixes oss-fuzz
521-31401 &quot;graphicsmagick:coder_MSL_fuzzer: Timeout in
522-coder_MSL_fuzzer&quot;.</p>
523-</blockquote>
524-<p>2021-03-08 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
525-<blockquote>
526-<p>* coders/msl.c (ProcessMSLScript): Replicate clean-up actions
527-which should already be done by MSLPopImage(). Trying to address
528-oss-fuzz 31259 &quot;graphicsmagick:coder_MSL_fuzzer: Direct-leak in
529-MagickMalloc&quot;, which I have not been able to reproduce.</p>
530-<p>* magick/tsd.c (MagickTsdKeyDelete): Fix memory leak of key values
531-array at exit when use of pthread or WIN32 TSD APIs is disabled.</p>
532-</blockquote>
533-<p>2021-03-07 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
534-<blockquote>
535-<p>* coders/msl.c (MSLStartElement): Consistently verify that
536-attributes are non-NULL before calling TranslateText(). Fixes
537-oss-fuzz 31779 &quot;graphicsmagick:coder_MSL_fuzzer: ASSERT: image !=
538-(Image *) NULL&quot;.</p>
539-<p>* README.txt: Add mention of libdeflate library, since it is an
540-optional dependency of the next libtiff release, and might be
541-required to link if libtiff itself depends on it.</p>
542-<p>* configure.ac (MAGICK_DEP_LIBS): Liblzma is a libtiff dependency.
543-GraphicsMagick does not directly use liblzma. Do not include
544-liblzma as direct dependency for the modules build.</p>
545-</blockquote>
546-<p>2021-03-04 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
547-<blockquote>
548-* coders/svg.c (ProcessStyleClassDefs): Fix non-terminal execution
549-while traversing &quot;active&quot; list based on a patch by Gregory J
550-Wolfe. Addresses oss-fuzz 31663
551-&quot;graphicsmagick:coder_SVGZ_fuzzer: Timeout in coder_SVGZ_fuzzer&quot;.</blockquote>
552-<p>2021-03-02 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
553-<blockquote>
554-* coders/svg.c (ProcessStyleClassDefs): Corrected fix for oss-fuzz
555-31234 &quot;graphicsmagick:coder_SVG_fuzzer: Direct-leak in
556-MagickMalloc&quot; based on a patch by Gregory J Wolfe.</blockquote>
557-<p>2021-02-28 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
558-<blockquote>
559-<p>* configure.ac: Add tests for Jasper jp2_decode(), jpc_decode(),
560-and pgx_decode().</p>
561-<p>* coders/jp2.c (ReadJP2Image): Call jp2_decode(), jpc_decode(), or
562-pgx_decode(), directly. Using jas_image_decode() makes us subject
563-to Jasper's own format determination, which may include file
564-formats we don't want to support via Jasper.</p>
565-<p>* fuzzing/oss-fuzz-build.sh: Disable support for Jasper codecs we
566-don't want or need.</p>
567-</blockquote>
568-<p>2021-02-27 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
569-<blockquote>
570-<p>* coders/msl.c (MSLStartElement): Fix assertion in TranslateText()
571-when there are no attributes available. Addresses oss-fuzz 31307
572-&quot;graphicsmagick:coder_MSL_fuzzer: ASSERT: image != (Image *)
573-NULL&quot;.</p>
574-<p>* coders/svg.c (ProcessStyleClassDefs): Fix memory leak upon
575-malformed class name list. Addresses oss-fuzz 31234
576-&quot;graphicsmagick:coder_SVG_fuzzer: Direct-leak in MagickMalloc&quot;.
577-(ProcessStyleClassDefs): Fix non-terminal loop and huge memory
578-allocation caused by self-referential list. Not sure if
579-implementation is as intended, but it does not crash. Addresses
580-oss-fuzz 31391 &quot;graphicsmagick:coder_SVG_fuzzer: Out-of-memory in
581-coder_SVG_fuzzer&quot;.
582-(SVGReference): Fix memory leak when parser node is null.
583-Addresses oss-fuzz 31286 &quot;graphicsmagick:coder_SVGZ_fuzzer:
584-Direct-leak in xmlNewReference&quot;.</p>
585-</blockquote>
586-<p>2021-02-25 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
587-<blockquote>
588-* coders/msl.c (MSLCDataBlock): Fix leak of value from
589-xmlNewCDataBlock(). Addresses oss-fuzz 31400
590-&quot;graphicsmagick:coder_MSL_fuzzer: Direct-leak in
591-xmlNewCDataBlock&quot;.</blockquote>
592-<p>2021-02-22 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
593-<blockquote>
594-* coders/svg.c (ProcessStyleClassDefs): Fix non-terminal loop
595-caused by a self-referential list which results in huge memory
596-usage. Addresses oss-fuzz 31238 &quot;graphicsmagick:coder_SVG_fuzzer:
597-Out-of-memory in coder_SVG_fuzzer&quot;.</blockquote>
598-<p>2021-02-21 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
599-<blockquote>
600-<p>* coders/svg.c (SVGStartElement): Reject impossibly small bounds
601-and view_box width or height. Addresses oss-fuzz 31224
602-&quot;graphicsmagick:coder_SVG_fuzzer: Divide-by-zero in
603-SVGStartElement&quot;.</p>
604-<p>* coders/msl.c (MSLPushImage): Only clone attributes if not null.
605-Should address oss-fuzz 31205 &quot;graphicsmagick:coder_MSL_fuzzer:
606-ASSERT: image != (Image *) NULL&quot;.</p>
607-<p>* coders/jp2.c (ReadJP2Image): Validate that actual file header
608-does appear to be a supported format regardless of 'magick' being
609-forced. Jasper appears to dispatch to other libraries if it
610-detects a known format it supports and then the program exits if
611-there is a problem. Fixes oss-fuzz 31200
612-&quot;graphicsmagick:coder_JPC_fuzzer: Unexpected-exit in error_exit&quot;.</p>
613-</blockquote>
614-<p>2021-02-20 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
615-<blockquote>
616-<p>* magick/nt_base.c (NTGhostscriptFind,NTGhostscriptGetString):
617-Handle Ghostscript point versions added after 9.52. Fixes
618-SourceForge issue #636 'Failed to find Ghostscript' with
619-Ghostscript version 9.53.0+.</p>
620-<p>* fuzzing/oss-fuzz-build.sh: Patch by Paul Kehrer to incorporate
621-Jasper and libxml2 into the oss-fuzz build.</p>
622-</blockquote>
623-<p>2021-02-14 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
624-<blockquote>
625-* VisualMagick/All/All.vcproj.in: Fixes by sourcer42
626-&lt;<a class="reference external" href="mailto:sourcer42&#37;&#52;&#48;users&#46;sourceforge&#46;net">sourcer42<span>&#64;</span>users<span>&#46;</span>sourceforge<span>&#46;</span>net</a>&gt; for the problem that Visual
627-Studio is not able to load the All project if the project supports
628-the x64 target.</blockquote>
629-<p>2021-02-12 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
630-<blockquote>
631-* www/Hg.rst: Document new redundant Mercurial server at OSDN,
632-&quot;<a class="reference external" href="https://hg.osdn.net/view/graphicsmagick/GM">https://hg.osdn.net/view/graphicsmagick/GM</a>&quot;.</blockquote>
633-<p>2021-02-07 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
634-<blockquote>
635-<p>* Add explicit cast to float where implicit casts to float from
636-double were occurring.</p>
637-<p>* magick/utility.c (MagickDoubleToLong): Guard against LONG_MAX
638-not directly representable as a double.</p>
639-</blockquote>
640-<p>2021-02-06 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
641-<blockquote>
642-* magick/utility.c (TranslateTextEx): If image resolution is
643-impossibly small, then report the default resolution of 72 DPI, or
644-the equivalent in centimeters if units is in
645-pixels-per-centimeter. Addresses SourceForge bug #396 &quot;dpi not
646-retrived (no default value)&quot;. I do have some misgivings about
647-this solution since it is lying about the actual value. Not all
648-usages of raster images have an associated physical reality and
649-thus resolution is not necessarily relevant.</blockquote>
650-<p>2021-02-04 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
651-<blockquote>
652-* coders/tiff.c, coders/ps2.c, coders/ps3.c: Libtiff versions
653-beyond 20201219 want to use types from stdint.h.</blockquote>
654-<p>2021-01-31 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
655-<blockquote>
656-* magick/monitor.c (MagickMonitorActive): Need to export this
657-function for use by modules.</blockquote>
658-<p>2021-01-30 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
659-<blockquote>
660-<p>* VisualMagick/bin: Remove hp2xx.exe, mpeg2dec.exe, and
661-mpeg2enc.exe. There is no value to distributing these pre-built
662-and flimsy executables in the source package.</p>
663-<p>* filters/analyze.c (AnalyzeImage): Add OpenMP speed-ups.</p>
664-</blockquote>
665-<p>2021-01-29 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
666-<blockquote>
667-<p>* filters/analyze.c (AnalyzeImage): Tidy the structure of the code
668-a bit.</p>
669-<p>* magick/module.c (ExecuteModuleProcess): Add error reporting for
670-the case that the expected symbol is not resolved.</p>
671-</blockquote>
672-<p>2021-01-23 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
673-<blockquote>
674-* configure.ac: Remove updates to use recommended forms of AC_INIT
675-and AM_INIT_AUTOMAKE. There were too many annoying side-effects
676-to daily development from these changes. Perhaps they will be
677-re-visited if solutions for Autotools regeneration issues are
678-found.</blockquote>
679-<p>2021-01-19 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
680-<blockquote>
681-* magick/render.c (InverseAffineMatrix): Avoid possible division
682-by zero or absurdly extreme scaling in InverseAffineMatrix().
683-Fixes oss-fuzz 28293 &quot;Divide-by-zero - InverseAffineMatrix&quot;.</blockquote>
684-<p>2021-01-13 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
685-<blockquote>
686-* configure.ac (CONFIG_STATUS_DEPENDENCIES): Regenerate
687-configure.ac if ChangeLog or version.sh is updated.</blockquote>
688-<p>2021-01-10 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
689-<blockquote>
690-<p>* coders/pdf.c (WritePDFImage): Converting a TIF to a PDF set the
691-page MediaBox to the TIFF dimensions in pixels while the CropBox
692-is set in local context dimensions. The latter is correct, the
693-former is not. Set the MediaBox to the proper dimension in local
694-context. Should be the same in this context. Patch by Hubert
695-Figuiere and retrieved from SourceForge patch #64 &quot;Incorrect
696-MediaBox in PDF export&quot;.</p>
697-<p>* magick/pixel_cache.c: Memory cache implementation of pixel cache
698-now uses resource limited memory allocator. It was previously
699-resource limited, but by using the resource allocation APIs
700-directly.</p>
701-</blockquote>
702-<p>2021-01-09 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
703-<blockquote>
704-* coders/tiff.c: Remove unintended double-charging for memory
705-resource. Remove explicit memset where possible.</blockquote>
706-<p>2021-01-07 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
707-<blockquote>
708-<p>* coders/gif.c (ReadGIFImage): Fix memory leak of global_colormap
709-if realloc of memory for comment fails. Fixes oss-fuzz 29316
710-&quot;Direct-leak in MagickMalloc&quot;.</p>
711-<p>* coders/meta.c (ReadMETAImage): Fix double-free if blob buffer
712-was reallocated after being attached to blob. Fixes oss-fuzz
713-29193 &quot;Heap-double-free in MagickFree&quot;.</p>
714-</blockquote>
715-<p>2021-01-06 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
716-<blockquote>
717-* configure.ac: Updates to use recommended forms of AC_INIT and
718-AM_INIT_AUTOMAKE. This was/is painful due to how development
719-snapshot versioning is handled. The version string produced for
720-the snapshot version will now contain the snapshot date. Effort
721-has been made to avoid other impacts due to AC_INIT's enforcements
722-for how version information is used.</blockquote>
723-<p>2021-01-02 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
724-<blockquote>
725-<p>* PerlMagick/Magick.xs: Remove GCC warnings which spewed out at
726-increased warning levels.</p>
727-<p>* magick/magick_types.h.in: Hide definitions not intended for the
728-rest of the world under &quot;if defined(MAGICK_IMPLEMENTATION)&quot;.</p>
729-</blockquote>
730-<p>2021-01-01 Bob Friesenhahn &lt;<a class="reference external" href="mailto:bfriesen&#37;&#52;&#48;simple&#46;dallas&#46;tx&#46;us">bfriesen<span>&#64;</span>simple<span>&#46;</span>dallas<span>&#46;</span>tx<span>&#46;</span>us</a>&gt;</p>
731-<blockquote>
732-<p>* configure.ac: Skip library symbol tests for gdi32 since these
733-fail with the MSYS2 w64-i686 compiler and well as i686 Cygwin.
734-The failures caused a build regression for i686 MSYS2/Cygwin.</p>
735-<p>* Copyright.txt: Copyright year updates and ChangeLog rotation for
736-the new year.</p>
737-</blockquote>
40+* ChangeLog.2021: Rotate ChangeLog for 2022. Happy New Year!</blockquote>
73841 </div>
73942
74043 <hr class="docutils">
Show on old repository browser