ImageMagick-6.9.4-7差分
ImageMagick-6.9.4-6差分 - yoyaのメモの続き
The latest release of ImageMagick is version 6.9.4-7
- 7 系同時リリースは ImageMagick-7.0.1-9
まとめ
- コーダーのpath探索のチェックに抜け
- 画像差分のαチャネル不具合修正
- 小さなメモリリーク修正
差分
ChangeLogにない差分
- /coders/psd.c
- PDFQuantum に 12 を足してる
2545c2545,2549 < if ((q+PSDQuantum(count)+12) < (datum+length-16)) --- > ssize_t > quantum; > > quantum=PSDQuantum(count)+12; > if ((quantum >= 12) && (q+quantum < (datum+length-16))) 2547,2549c2551,2552 < (void) CopyMagickMemory(q,q+PSDQuantum(count)+12,length- < (PSDQuantum(count)+12)-(q-datum)); < SetStringInfoLength(bim_profile,length-(PSDQuantum(count)+12)); --- > (void) CopyMagickMemory(q,q+quantum,length-quantum-(q-datum)); > SetStringInfoLength(bim_profile,length-quantum);
- coders/sun.c
59a60 > #include "magick/memory-private.h" 266d266 < data_length, 424a425,426 > if (HeapOverflowSanityCheck(sun_info.width,sun_info.depth) != MagickFalse) > ThrowReaderException(CorruptImageError,"ImproperImageHeader");
-
- 文字列 0 terminate
< while ((n=ReadBlob(image,MaxTextExtent,message)) != 0) --- > while ((n=ReadBlob(image,MaxTextExtent-1,message)) != 0) 2978a2979 > message[n]='\0'; 3201c3202,3203 < n=ReadBlob(image,MaxTextExtent,message); --- > n=ReadBlob(image,MaxTextExtent-1,message); > message[n]='\0'; 3206c3208 < while ((n=ReadBlob(image,MaxTextExtent,message)) != 0) --- > while ((n=ReadBlob(image,MaxTextExtent-1,message)) != 0)
- magick/draw.c
- number_points が MagickSizeType に収まるかのチェック?
2895c2899,2900 < if (primitive_info == (PrimitiveInfo *) NULL) --- > if ((primitive_info == (PrimitiveInfo *) NULL) || > (number_points != (MagickSizeType) ((size_t) number_points)))
-
- GetMagickInfo のエラー処理
> magick_info=GetMagickInfo(magic,sans_exception); > if ((magick_info != (const MagickInfo *) NULL) && > (IsMagickConflict(magic) == MagickFalse)) 2829d2833 < magick_info=GetMagickInfo(magic,sans_exception); 2833a2838,2839
-
- affirm のエラーチェック
> if (image_info->affirm != MagickFalse)
> {
2835a2842
> }
- magick/module.c
- GetMagickModulePath で / を許可しない
static MagickBooleanType GetMagickModulePath(const char *filename, MagickModuleType module_type,char *path,ExceptionInfo *exception) <略> > if (strchr(filename,'/') != (char *) NULL) > return(MagickFalse);
-
-
- InitOpenCLEnvInternal のエラー処理
1423d1422 < status = MagickFalse; 2364a2364,2366 > MagickBooleanType > status; > 2397c2399 < InitOpenCLEnvInternal(clEnv,exception); --- > status=InitOpenCLEnvInternal(clEnv,exception); 2401a2404 > if (status != MagickFalse) 2451a2455 > if (event_count > 0) 2474a2479,2480 > > if (status != MagickFalse) 2475a2482,2483 > else > *(AccelerateScoreType*)device->score=42;
ChangeLog
2016-06-03 6.9.4-7 Cristy <quetzlzacatenango@image...> * Release ImageMagick version 6.9.4-7, GIT revision 10847:339f803:20160602. 2016-06-02 6.9.4-7 Cristy <quetzlzacatenango@image...> * Fix small memory leak (patch provided by Андрей Черный). * Coder path traversal is not authorized (bug report provided by Masaaki Chida). * Turn off alpha channel for the compare difference image (reference http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=29828).