2021-04-10 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>

* coders/png.c (ReadOnePNGImage): Assure that null ping_trans_alpha pointer is not dereferenced. Addresses oss-fuzz 33119 "graphicsmagick:coder_MNG_fuzzer: Null-dereference READ in ReadOnePNGImage".

* magick/profile.c (SetImageProfile): Use the resource-limited memory allocator to allocate embedded profiles.

* magick/map.c (MagickMapCopyResourceLimitedString): New private function to copy a resource-limited string. (MagickMapDeallocateResourceLimitedString): New private function to deallocate a resource-limited string. (MagickMapCopyResourceLimitedBlob): New private function to copy a resource-limited blob. (MagickMapDeallocateResourceLimitedBlob): New private function to deallocate a resource-limited blob.

2021-04-06 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>

* coders/svg.c (GetStyleTokens): Limit the number of style tokens. Addresses oss-fuzz 32921 "graphicsmagick:coder_SVG_fuzzer: Out-of-memory in coder_SVG_fuzzer". (SVGComment): Only capture first comment rather than concatenating all comments. Addresses oss-fuzz 32944 "graphicsmagick:coder_SVGZ_fuzzer: Timeout in coder_SVGZ_fuzzer".

2021-04-02 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>

* coders/msl.c (MSLReference): Fix memory leak when parser node is null. Addresses oss-fuzz 32713 "graphicsmagick:coder_MSL_fuzzer: Direct-leak in xmlNewReference".

2021-04-01 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>

* coders/png.c (ReadOnePNGImage): Avoid use of null ping_trans_color. Fixes oss-fuzz 32666 "graphicsmagick:coder_MNG_fuzzer: Null-dereference READ in ReadOnePNGImage".

2021-03-29 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>

* coders/msl.c (WriteMSLImage): Add OpenBlob()/CloseBlob() which seems necessary to avoid memory leak in ImageToBlob(). Hopefully will fix oss-fuzz 32575 "graphicsmagick:coder_MSL_fuzzer: Direct-leak in MagickMalloc".

2021-03-26 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>

* coders/jp2.c (RegisterJP2Image): Report JasPer library version.

* coders/msl.c (ProcessMSLScript): Free msl_image upon reader failure. Should fix oss-fuzz 32479 "graphicsmagick:coder_MSL_fuzzer: Indirect-leak in MagickMalloc".

2021-03-24 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>

* PerlMagick/Makefile.am (check-perl): Nullify the check-perl target when PerlMagick is enabled and shared libraries are used. This is because a dynamic GraphicsMagick needs to be formally installed before PerlMagick can be tested.

* coders/jp2.c (ReadJP2Image): Support both old and new ways to determine if JasPer codec support is available.

* coders/msl.c (ProcessMSLScript): Another attempt to properly fix oss-fuzz 32263 "graphicsmagick:coder_MSL_fuzzer: Heap-use-after-free in ProcessMSLScript" without causing new problems.

2021-03-23 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>

* coders/msl.c (ProcessMSLScript): Fix oss-fuzz 32263 "graphicsmagick:coder_MSL_fuzzer: Heap-use-after-free in ProcessMSLScript".

2021-03-18 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>

* Magick++/lib/Image.cpp (Magick::Image::write): Due to the design of ImageToBlob(), it is possible for data to be returned although an exception was thrown. Deposit it in the Blob so that it will be freed. May finish fixing oss-fuzz 31965 "graphicsmagick:coder_MSL_fuzzer: Indirect-leak in MagickMalloc".

2021-03-17 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>

* coders/msl.c (ProcessMSLScript): Attempt to address leak of "msl_image". May fix oss-fuzz 31965 "graphicsmagick:coder_MSL_fuzzer: Indirect-leak in MagickMalloc".

2021-03-13 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>

* coders/dcm.c (DCM_ReadNonNativeImages): Enforce that image depth is in the supported range of 1-16. Embedded PGX was observed to cause JasPer to report a component depth of 20 bits. Fixes oss-fuzz issue 31373 "graphicsmagick:coder_DCM_fuzzer: Heap-buffer-overflow in DCM_SetupRescaleMap".

2021-03-10 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>

* coders/svg.c (SVGError): Force xml parser input state to XML_PARSER_EOF state upon error to abort parsing.

* coders/msl.c (MSLError): Force xml parser input state to XML_PARSER_EOF state upon error to abort parsing. Fixes oss-fuzz 31401 "graphicsmagick:coder_MSL_fuzzer: Timeout in coder_MSL_fuzzer".

2021-03-08 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>

* coders/msl.c (ProcessMSLScript): Replicate clean-up actions which should already be done by MSLPopImage(). Trying to address oss-fuzz 31259 "graphicsmagick:coder_MSL_fuzzer: Direct-leak in MagickMalloc", which I have not been able to reproduce.

* magick/tsd.c (MagickTsdKeyDelete): Fix memory leak of key values array at exit when use of pthread or WIN32 TSD APIs is disabled.

2021-03-07 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>

* coders/msl.c (MSLStartElement): Consistently verify that attributes are non-NULL before calling TranslateText(). Fixes oss-fuzz 31779 "graphicsmagick:coder_MSL_fuzzer: ASSERT: image != (Image *) NULL".

* README.txt: Add mention of libdeflate library, since it is an optional dependency of the next libtiff release, and might be required to link if libtiff itself depends on it.

* configure.ac (MAGICK_DEP_LIBS): Liblzma is a libtiff dependency. GraphicsMagick does not directly use liblzma. Do not include liblzma as direct dependency for the modules build.

2021-03-04 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>

* coders/svg.c (ProcessStyleClassDefs): Fix non-terminal execution while traversing "active" list based on a patch by Gregory J Wolfe. Addresses oss-fuzz 31663 "graphicsmagick:coder_SVGZ_fuzzer: Timeout in coder_SVGZ_fuzzer".

2021-03-02 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>

* coders/svg.c (ProcessStyleClassDefs): Corrected fix for oss-fuzz 31234 "graphicsmagick:coder_SVG_fuzzer: Direct-leak in MagickMalloc" based on a patch by Gregory J Wolfe.

2021-02-28 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>

* configure.ac: Add tests for Jasper jp2_decode(), jpc_decode(), and pgx_decode().

* coders/jp2.c (ReadJP2Image): Call jp2_decode(), jpc_decode(), or pgx_decode(), directly. Using jas_image_decode() makes us subject to Jasper's own format determination, which may include file formats we don't want to support via Jasper.

* fuzzing/oss-fuzz-build.sh: Disable support for Jasper codecs we don't want or need.

2021-02-27 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>

* coders/msl.c (MSLStartElement): Fix assertion in TranslateText() when there are no attributes available. Addresses oss-fuzz 31307 "graphicsmagick:coder_MSL_fuzzer: ASSERT: image != (Image *) NULL".

* coders/svg.c (ProcessStyleClassDefs): Fix memory leak upon malformed class name list. Addresses oss-fuzz 31234 "graphicsmagick:coder_SVG_fuzzer: Direct-leak in MagickMalloc". (ProcessStyleClassDefs): Fix non-terminal loop and huge memory allocation caused by self-referential list. Not sure if implementation is as intended, but it does not crash. Addresses oss-fuzz 31391 "graphicsmagick:coder_SVG_fuzzer: Out-of-memory in coder_SVG_fuzzer". (SVGReference): Fix memory leak when parser node is null. Addresses oss-fuzz 31286 "graphicsmagick:coder_SVGZ_fuzzer: Direct-leak in xmlNewReference".

2021-02-25 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>

* coders/msl.c (MSLCDataBlock): Fix leak of value from xmlNewCDataBlock(). Addresses oss-fuzz 31400 "graphicsmagick:coder_MSL_fuzzer: Direct-leak in xmlNewCDataBlock".

2021-02-22 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>

* coders/svg.c (ProcessStyleClassDefs): Fix non-terminal loop caused by a self-referential list which results in huge memory usage. Addresses oss-fuzz 31238 "graphicsmagick:coder_SVG_fuzzer: Out-of-memory in coder_SVG_fuzzer".

2021-02-21 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>

* coders/svg.c (SVGStartElement): Reject impossibly small bounds and view_box width or height. Addresses oss-fuzz 31224 "graphicsmagick:coder_SVG_fuzzer: Divide-by-zero in SVGStartElement".

* coders/msl.c (MSLPushImage): Only clone attributes if not null. Should address oss-fuzz 31205 "graphicsmagick:coder_MSL_fuzzer: ASSERT: image != (Image *) NULL".

* coders/jp2.c (ReadJP2Image): Validate that actual file header does appear to be a supported format regardless of 'magick' being forced. Jasper appears to dispatch to other libraries if it detects a known format it supports and then the program exits if there is a problem. Fixes oss-fuzz 31200 "graphicsmagick:coder_JPC_fuzzer: Unexpected-exit in error_exit".

2021-02-20 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>

* magick/nt_base.c (NTGhostscriptFind,NTGhostscriptGetString): Handle Ghostscript point versions added after 9.52. Fixes SourceForge issue #636 'Failed to find Ghostscript' with Ghostscript version 9.53.0+.

* fuzzing/oss-fuzz-build.sh: Patch by Paul Kehrer to incorporate Jasper and libxml2 into the oss-fuzz build.

2021-02-14 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>

* VisualMagick/All/All.vcproj.in: Fixes by sourcer42 <sourcer42@users.sourceforge.net> for the problem that Visual Studio is not able to load the All project if the project supports the x64 target.

2021-02-12 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>

* www/Hg.rst: Document new redundant Mercurial server at OSDN, "https://hg.osdn.net/view/graphicsmagick/GM".

2021-02-07 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>

* Add explicit cast to float where implicit casts to float from double were occurring.

* magick/utility.c (MagickDoubleToLong): Guard against LONG_MAX not directly representable as a double.

2021-02-06 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>

* magick/utility.c (TranslateTextEx): If image resolution is impossibly small, then report the default resolution of 72 DPI, or the equivalent in centimeters if units is in pixels-per-centimeter. Addresses SourceForge bug #396 "dpi not retrived (no default value)". I do have some misgivings about this solution since it is lying about the actual value. Not all usages of raster images have an associated physical reality and thus resolution is not necessarily relevant.

2021-02-04 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>

* coders/tiff.c, coders/ps2.c, coders/ps3.c: Libtiff versions beyond 20201219 want to use types from stdint.h.

2021-01-31 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>

* magick/monitor.c (MagickMonitorActive): Need to export this function for use by modules.

2021-01-30 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>

* VisualMagick/bin: Remove hp2xx.exe, mpeg2dec.exe, and mpeg2enc.exe. There is no value to distributing these pre-built and flimsy executables in the source package.

* filters/analyze.c (AnalyzeImage): Add OpenMP speed-ups.

2021-01-29 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>

* filters/analyze.c (AnalyzeImage): Tidy the structure of the code a bit.

* magick/module.c (ExecuteModuleProcess): Add error reporting for the case that the expected symbol is not resolved.

2021-01-23 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>

* configure.ac: Remove updates to use recommended forms of AC_INIT and AM_INIT_AUTOMAKE. There were too many annoying side-effects to daily development from these changes. Perhaps they will be re-visited if solutions for Autotools regeneration issues are found.

2021-01-19 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>

* magick/render.c (InverseAffineMatrix): Avoid possible division by zero or absurdly extreme scaling in InverseAffineMatrix(). Fixes oss-fuzz 28293 "Divide-by-zero - InverseAffineMatrix".

2021-01-13 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>

* configure.ac (CONFIG_STATUS_DEPENDENCIES): Regenerate configure.ac if ChangeLog or version.sh is updated.

2021-01-10 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>

* coders/pdf.c (WritePDFImage): Converting a TIF to a PDF set the page MediaBox to the TIFF dimensions in pixels while the CropBox is set in local context dimensions. The latter is correct, the former is not. Set the MediaBox to the proper dimension in local context. Should be the same in this context. Patch by Hubert Figuiere and retrieved from SourceForge patch #64 "Incorrect MediaBox in PDF export".

* magick/pixel_cache.c: Memory cache implementation of pixel cache now uses resource limited memory allocator. It was previously resource limited, but by using the resource allocation APIs directly.

2021-01-09 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>

* coders/tiff.c: Remove unintended double-charging for memory resource. Remove explicit memset where possible.

2021-01-07 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>

* coders/gif.c (ReadGIFImage): Fix memory leak of global_colormap if realloc of memory for comment fails. Fixes oss-fuzz 29316 "Direct-leak in MagickMalloc".

* coders/meta.c (ReadMETAImage): Fix double-free if blob buffer was reallocated after being attached to blob. Fixes oss-fuzz 29193 "Heap-double-free in MagickFree".

2021-01-06 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>

* configure.ac: Updates to use recommended forms of AC_INIT and AM_INIT_AUTOMAKE. This was/is painful due to how development snapshot versioning is handled. The version string produced for the snapshot version will now contain the snapshot date. Effort has been made to avoid other impacts due to AC_INIT's enforcements for how version information is used.

2021-01-02 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>

* PerlMagick/Magick.xs: Remove GCC warnings which spewed out at increased warning levels.

* magick/magick_types.h.in: Hide definitions not intended for the rest of the world under "if defined(MAGICK_IMPLEMENTATION)".

2021-01-01 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>

* configure.ac: Skip library symbol tests for gdi32 since these fail with the MSYS2 w64-i686 compiler and well as i686 Cygwin. The failures caused a build regression for i686 MSYS2/Cygwin.

* Copyright.txt: Copyright year updates and ChangeLog rotation for the new year.


Copyright © GraphicsMagick Group 2002 - 2021