Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP4:GA
ImageMagick
ImageMagick-CVE-2023-34151.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File ImageMagick-CVE-2023-34151.patch of Package ImageMagick
Index: ImageMagick-6.8.8-1/coders/caption.c =================================================================== --- ImageMagick-6.8.8-1.orig/coders/caption.c +++ ImageMagick-6.8.8-1/coders/caption.c @@ -168,7 +168,7 @@ static Image *ReadCAPTIONImage(const Ima if (draw_info->gravity == UndefinedGravity) (void) CloneString(&draw_info->geometry,geometry); status=GetMultilineTypeMetrics(image,draw_info,&metrics); - width=(size_t) floor(metrics.width+draw_info->stroke_width+0.5); + width=CastDoubleToUnsigned(metrics.width+draw_info->stroke_width+0.5); image->columns=width; } if (image->rows == 0) @@ -207,8 +207,8 @@ static Image *ReadCAPTIONImage(const Ima (void) CloneString(&draw_info->geometry,geometry); status=GetMultilineTypeMetrics(image,draw_info,&metrics); (void) status; - width=(size_t) floor(metrics.width+draw_info->stroke_width+0.5); - height=(size_t) floor(metrics.height+draw_info->stroke_width+0.5); + width=CastDoubleToUnsigned(metrics.width+draw_info->stroke_width+0.5); + height=CastDoubleToUnsigned(metrics.height+draw_info->stroke_width+0.5); if ((image->columns != 0) && (image->rows != 0)) { if ((width >= image->columns) && (height >= image->rows)) @@ -232,8 +232,8 @@ static Image *ReadCAPTIONImage(const Ima if (draw_info->gravity == UndefinedGravity) (void) CloneString(&draw_info->geometry,geometry); status=GetMultilineTypeMetrics(image,draw_info,&metrics); - width=(size_t) floor(metrics.width+draw_info->stroke_width+0.5); - height=(size_t) floor(metrics.height+draw_info->stroke_width+0.5); + width=CastDoubleToUnsigned(metrics.width+draw_info->stroke_width+0.5); + height=CastDoubleToUnsigned(metrics.height+draw_info->stroke_width+0.5); if ((image->columns != 0) && (image->rows != 0)) { if ((width < image->columns) && (height < image->rows)) Index: ImageMagick-6.8.8-1/coders/label.c =================================================================== --- ImageMagick-6.8.8-1.orig/coders/label.c +++ ImageMagick-6.8.8-1/coders/label.c @@ -156,8 +156,8 @@ static Image *ReadLABELImage(const Image (void) CloneString(&draw_info->geometry,geometry); status=GetMultilineTypeMetrics(image,draw_info,&metrics); (void) status; - width=(size_t) floor(metrics.width+draw_info->stroke_width+0.5); - height=(size_t) floor(metrics.height+draw_info->stroke_width+0.5); + width=CastDoubleToUnsigned(metrics.width+draw_info->stroke_width+0.5); + height=CastDoubleToUnsigned(metrics.height+draw_info->stroke_width+0.5); if ((image->columns != 0) && (image->rows != 0)) { if ((width >= image->columns) && (height >= image->rows)) @@ -177,8 +177,8 @@ static Image *ReadLABELImage(const Image if (draw_info->gravity == UndefinedGravity) (void) CloneString(&draw_info->geometry,geometry); status=GetMultilineTypeMetrics(image,draw_info,&metrics); - width=(size_t) floor(metrics.width+draw_info->stroke_width+0.5); - height=(size_t) floor(metrics.height+draw_info->stroke_width+0.5); + width=CastDoubleToUnsigned(metrics.width+draw_info->stroke_width+0.5); + height=CastDoubleToUnsigned(metrics.height+draw_info->stroke_width+0.5); if ((image->columns != 0) && (image->rows != 0)) { if ((width < image->columns) && (height < image->rows)) Index: ImageMagick-6.8.8-1/coders/pcl.c =================================================================== --- ImageMagick-6.8.8-1.orig/coders/pcl.c +++ ImageMagick-6.8.8-1/coders/pcl.c @@ -341,9 +341,9 @@ static Image *ReadPCLImage(const ImageIn (void) ParseAbsoluteGeometry(image_info->page,&page); (void) FormatLocaleString(density,MaxTextExtent,"%gx%g", image->x_resolution,image->y_resolution); - page.width=(size_t) floor((double) page.width*image->x_resolution/delta.x+ + page.width=CastDoubleToUnsigned((double) page.width*image->x_resolution/delta.x+ 0.5); - page.height=(size_t) floor((double) page.height*image->y_resolution/delta.y+ + page.height=CastDoubleToUnsigned((double) page.height*image->y_resolution/delta.y+ 0.5); (void) FormatLocaleString(options,MaxTextExtent,"-g%.20gx%.20g ",(double) page.width,(double) page.height); Index: ImageMagick-6.8.8-1/coders/pdf.c =================================================================== --- ImageMagick-6.8.8-1.orig/coders/pdf.c +++ ImageMagick-6.8.8-1/coders/pdf.c @@ -1439,9 +1439,9 @@ RestoreMSCWarning (void) ParseMetaGeometry(page_geometry,&geometry.x,&geometry.y, &geometry.width,&geometry.height); scale.x=(double) (geometry.width*delta.x)/resolution.x; - geometry.width=(size_t) floor(scale.x+0.5); + geometry.width=CastDoubleToUnsigned(scale.x+0.5); scale.y=(double) (geometry.height*delta.y)/resolution.y; - geometry.height=(size_t) floor(scale.y+0.5); + geometry.height=CastDoubleToUnsigned(scale.y+0.5); (void) ParseAbsoluteGeometry(page_geometry,&media_info); (void) ParseGravityGeometry(image,page_geometry,&page_info, &image->exception); Index: ImageMagick-6.8.8-1/coders/ps.c =================================================================== --- ImageMagick-6.8.8-1.orig/coders/ps.c +++ ImageMagick-6.8.8-1/coders/ps.c @@ -1509,9 +1509,9 @@ static MagickBooleanType WritePSImage(co (void) ParseMetaGeometry(page_geometry,&geometry.x,&geometry.y, &geometry.width,&geometry.height); scale.x=(double) (geometry.width*delta.x)/resolution.x; - geometry.width=(size_t) floor(scale.x+0.5); + geometry.width=CastDoubleToUnsigned(scale.x+0.5); scale.y=(double) (geometry.height*delta.y)/resolution.y; - geometry.height=(size_t) floor(scale.y+0.5); + geometry.height=CastDoubleToUnsigned(scale.y+0.5); (void) ParseAbsoluteGeometry(page_geometry,&media_info); (void) ParseGravityGeometry(image,page_geometry,&page_info, &image->exception); Index: ImageMagick-6.8.8-1/coders/ps2.c =================================================================== --- ImageMagick-6.8.8-1.orig/coders/ps2.c +++ ImageMagick-6.8.8-1/coders/ps2.c @@ -536,9 +536,9 @@ static MagickBooleanType WritePS2Image(c (void) ParseMetaGeometry(page_geometry,&geometry.x,&geometry.y, &geometry.width,&geometry.height); scale.x=(double) (geometry.width*delta.x)/resolution.x; - geometry.width=(size_t) floor(scale.x+0.5); + geometry.width=CastDoubleToUnsigned(scale.x+0.5); scale.y=(double) (geometry.height*delta.y)/resolution.y; - geometry.height=(size_t) floor(scale.y+0.5); + geometry.height=CastDoubleToUnsigned(scale.y+0.5); (void) ParseAbsoluteGeometry(page_geometry,&media_info); (void) ParseGravityGeometry(image,page_geometry,&page_info, &image->exception); Index: ImageMagick-6.8.8-1/coders/ps3.c =================================================================== --- ImageMagick-6.8.8-1.orig/coders/ps3.c +++ ImageMagick-6.8.8-1/coders/ps3.c @@ -972,9 +972,9 @@ static MagickBooleanType WritePS3Image(c (void) ParseMetaGeometry(page_geometry,&geometry.x,&geometry.y, &geometry.width,&geometry.height); scale.x=(double) (geometry.width*delta.x)/resolution.x; - geometry.width=(size_t) floor(scale.x+0.5); + geometry.width=CastDoubleToUnsigned(scale.x+0.5); scale.y=(double) (geometry.height*delta.y)/resolution.y; - geometry.height=(size_t) floor(scale.y+0.5); + geometry.height=CastDoubleToUnsigned(scale.y+0.5); (void) ParseAbsoluteGeometry(page_geometry,&media_info); (void) ParseGravityGeometry(image,page_geometry,&page_info, &image->exception); Index: ImageMagick-6.8.8-1/coders/svg.c =================================================================== --- ImageMagick-6.8.8-1.orig/coders/svg.c +++ ImageMagick-6.8.8-1/coders/svg.c @@ -2178,8 +2178,8 @@ static void SVGStartElement(void *contex if ((svg_info->view_box.width == 0.0) || (svg_info->view_box.height == 0.0)) svg_info->view_box=svg_info->bounds; - svg_info->width=(size_t) floor(svg_info->bounds.width+0.5); - svg_info->height=(size_t) floor(svg_info->bounds.height+0.5); + svg_info->width=CastDoubleToUnsigned(svg_info->bounds.width+0.5); + svg_info->height=CastDoubleToUnsigned(svg_info->bounds.height+0.5); (void) FormatLocaleFile(svg_info->file,"viewbox 0 0 %.20g %.20g\n", (double) svg_info->width,(double) svg_info->height); sx=(double) svg_info->width/svg_info->view_box.width; Index: ImageMagick-6.8.8-1/magick/annotate.c =================================================================== --- ImageMagick-6.8.8-1.orig/magick/annotate.c +++ ImageMagick-6.8.8-1/magick/annotate.c @@ -590,7 +590,7 @@ MagickExport ssize_t FormatMagickCaption status=GetTypeMetrics(image,draw_info,metrics); if (status == MagickFalse) break; - width=(size_t) floor(metrics->width+draw_info->stroke_width+0.5); + width=CastDoubleToUnsigned(metrics->width+draw_info->stroke_width+0.5); if ((width <= image->columns) || (s == (char *) NULL)) continue; if ((s != (char *) NULL) && (GetUTFOctets(s) == 1)) @@ -642,7 +642,7 @@ MagickExport ssize_t FormatMagickCaption status=GetTypeMetrics(image,draw_info,metrics); if (status == MagickFalse) break; - width=(size_t) floor(metrics->width+draw_info->stroke_width+0.5); + width=CastDoubleToUnsigned(metrics->width+draw_info->stroke_width+0.5); if ((width <= image->columns) || (strcmp(text,draw_info->text) == 0)) continue; (void) strcpy(text,draw_info->text); Index: ImageMagick-6.8.8-1/magick/draw.c =================================================================== --- ImageMagick-6.8.8-1.orig/magick/draw.c +++ ImageMagick-6.8.8-1/magick/draw.c @@ -2567,12 +2567,12 @@ MagickExport MagickBooleanType DrawImage GetMagickToken(q,&q,token); if (*token == ',') GetMagickToken(q,&q,token); - bounds.width=(size_t) floor(StringToDouble(token, + bounds.width=CastDoubleToUnsigned(StringToDouble(token, (char **) NULL)+0.5); GetMagickToken(q,&q,token); if (*token == ',') GetMagickToken(q,&q,token); - bounds.height=(size_t) floor(StringToDouble(token, + bounds.height=CastDoubleToUnsigned(StringToDouble(token, (char **) NULL)+0.5); for (p=q; *q != '\0'; ) { @@ -2909,12 +2909,12 @@ MagickExport MagickBooleanType DrawImage GetMagickToken(q,&q,token); if (*token == ',') GetMagickToken(q,&q,token); - graphic_context[n]->viewbox.width=(size_t) floor(StringToDouble( + graphic_context[n]->viewbox.width=CastDoubleToUnsigned(StringToDouble( token,(char **) NULL)+0.5); GetMagickToken(q,&q,token); if (*token == ',') GetMagickToken(q,&q,token); - graphic_context[n]->viewbox.height=(size_t) floor(StringToDouble( + graphic_context[n]->viewbox.height=CastDoubleToUnsigned(StringToDouble( token,(char **) NULL)+0.5); break; } Index: ImageMagick-6.8.8-1/magick/geometry.c =================================================================== --- ImageMagick-6.8.8-1.orig/magick/geometry.c +++ ImageMagick-6.8.8-1/magick/geometry.c @@ -44,6 +44,7 @@ #include "magick/draw.h" #include "magick/exception.h" #include "magick/exception-private.h" +#include "magick/image-private.h" #include "magick/geometry.h" #include "magick/memory_.h" #include "magick/string_.h" @@ -1298,8 +1299,8 @@ MagickExport MagickStatusType ParseMetaG scale.y=geometry_info.sigma; if ((flags & SigmaValue) == 0) scale.y=scale.x; - *width=(size_t) floor(scale.x*former_width/100.0+0.5); - *height=(size_t) floor(scale.y*former_height/100.0+0.5); + *width=CastDoubleToUnsigned(scale.x*former_width/100.0+0.5); + *height=CastDoubleToUnsigned(scale.y*former_height/100.0+0.5); former_width=(*width); former_height=(*height); } Index: ImageMagick-6.8.8-1/magick/shear.c =================================================================== --- ImageMagick-6.8.8-1.orig/magick/shear.c +++ ImageMagick-6.8.8-1/magick/shear.c @@ -163,8 +163,8 @@ static MagickBooleanType CropToFitImage( } geometry.x=(ssize_t) ceil(min.x-0.5); geometry.y=(ssize_t) ceil(min.y-0.5); - geometry.width=(size_t) floor(max.x-min.x+0.5); - geometry.height=(size_t) floor(max.y-min.y+0.5); + geometry.width=CastDoubleToUnsigned(max.x-min.x+0.5); + geometry.height=CastDoubleToUnsigned(max.y-min.y+0.5); page=(*image)->page; (void) ParseAbsoluteGeometry("0x0+0+0",&(*image)->page); crop_image=CropImage(*image,&geometry,exception); Index: ImageMagick-6.8.8-1/magick/fx.c =================================================================== --- ImageMagick-6.8.8-1.orig/magick/fx.c +++ ImageMagick-6.8.8-1/magick/fx.c @@ -4291,7 +4291,8 @@ MagickExport Image *ShadowImage(const Im (void) SetImageColorspace(clone_image,sRGBColorspace); (void) SetImageVirtualPixelMethod(clone_image,EdgeVirtualPixelMethod); clone_image->compose=OverCompositeOp; - border_info.width=(size_t) floor(2.0*sigma+0.5); + border_info.width=CastDoubleToUnsigned(2.0*sigma+0.5); + border_info.height=CastDoubleToUnsigned(2.0*sigma+0.5); border_info.height=(size_t) floor(2.0*sigma+0.5); border_info.x=0; border_info.y=0; Index: ImageMagick-6.8.8-1/magick/image-private.h =================================================================== --- ImageMagick-6.8.8-1.orig/magick/image-private.h +++ ImageMagick-6.8.8-1/magick/image-private.h @@ -22,6 +22,10 @@ extern "C" { #endif +#include <errno.h> +#include <stdint.h> +#include <limits.h> + #define IsNaN(a) ((a) != (a) ? MagickTrue : MagickFalse) #define MagickPI 3.14159265358979323846264338327950288419716939937510 #define Magick2PI 6.28318530717958647692528676655900576839433879875020 @@ -30,6 +34,8 @@ extern "C" { #define MagickSQ1_2 0.70710678118654752440084436210484903928483593768847 #define MagickSQ2 1.41421356237309504880168872420969807856967187537695 #define MagickSQ2PI 2.50662827463100024161235523934010416269302368164062 +#define MAGICK_SIZE_MAX (SIZE_MAX) +#define MAGICK_SSIZE_MAX (SSIZE_MAX) #define UndefinedTicksPerSecond 100L #define UndefinedCompressionQuality 0UL @@ -51,6 +57,26 @@ extern MagickExport const char extern MagickExport const double DefaultResolution; +static inline size_t CastDoubleToUnsigned(const double x) +{ + if (IsNaN(x) != 0) + { + errno=ERANGE; + return(0); + } + if (floor(x) > ((double) MAGICK_SSIZE_MAX-1)) + { + errno=ERANGE; + return((size_t) MAGICK_SIZE_MAX); + } + if (ceil(x) < 0.0) + { + errno=ERANGE; + return(0); + } + return((size_t) x); +} + static inline double DegreesToRadians(const double degrees) { return((double) (MagickPI*degrees/180.0));
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor