Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP1:GA
ImageMagick.18189
ImageMagick-CVE-2023-34151.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File ImageMagick-CVE-2023-34151.patch of Package ImageMagick.18189
Index: ImageMagick-7.0.7-34/MagickCore/annotate.c =================================================================== --- ImageMagick-7.0.7-34.orig/MagickCore/annotate.c +++ ImageMagick-7.0.7-34/MagickCore/annotate.c @@ -632,7 +632,7 @@ MagickExport ssize_t FormatMagickCaption status=GetTypeMetrics(image,draw_info,metrics,exception); if (status == MagickFalse) break; - width=(size_t) floor(metrics->width+draw_info->stroke_width+0.5); + width=CastDoubleToUnsigned(metrics->width+draw_info->stroke_width+0.5); if ((width <= image->columns) || (s == (char *) NULL)) continue; if ((s != (char *) NULL) && (GetUTFOctets(s) == 1)) @@ -684,7 +684,7 @@ MagickExport ssize_t FormatMagickCaption status=GetTypeMetrics(image,draw_info,metrics,exception); if (status == MagickFalse) break; - width=(size_t) floor(metrics->width+draw_info->stroke_width+0.5); + width=CastDoubleToUnsigned(metrics->width+draw_info->stroke_width+0.5); if ((width <= image->columns) || (strcmp(text,draw_info->text) == 0)) continue; (void) strcpy(text,draw_info->text); Index: ImageMagick-7.0.7-34/MagickCore/draw.c =================================================================== --- ImageMagick-7.0.7-34.orig/MagickCore/draw.c +++ ImageMagick-7.0.7-34/MagickCore/draw.c @@ -3262,7 +3262,7 @@ MagickExport MagickBooleanType DrawImage GetNextToken(q,&q,extent,token); if (*token == ',') GetNextToken(q,&q,extent,token); - bounds.height=(size_t) floor(StringToDouble(token,&next_token)+ + bounds.height=CastDoubleToUnsigned(StringToDouble(token,&next_token)+ 0.5); if (token == next_token) ThrowPointExpectedException(token,exception); Index: ImageMagick-7.0.7-34/MagickCore/geometry.c =================================================================== --- ImageMagick-7.0.7-34.orig/MagickCore/geometry.c +++ ImageMagick-7.0.7-34/MagickCore/geometry.c @@ -1385,8 +1385,8 @@ MagickExport MagickStatusType ParseMetaG scale.y=geometry_info.sigma; if ((percent_flags & SigmaValue) == 0) scale.y=scale.x; - *width=(size_t) MagickMax(floor(scale.x*former_width/100.0+0.5),1.0); - *height=(size_t) MagickMax(floor(scale.y*former_height/100.0+0.5),1.0); + *width=CastDoubleToUnsigned(MagickMax(floor(scale.x*former_width/100.0+0.5),1.0)); + *height=CastDoubleToUnsigned(MagickMax(floor(scale.y*former_height/100.0+0.5),1.0)); former_width=(*width); former_height=(*height); } @@ -1409,7 +1409,7 @@ MagickExport MagickStatusType ParseMetaG if (geometry_ratio >= image_ratio) { *width=former_width; - *height=(size_t) floor((double) (PerceptibleReciprocal( + *height=CastDoubleToUnsigned((double) (PerceptibleReciprocal( geometry_ratio)*former_height*image_ratio)+0.5); } else Index: ImageMagick-7.0.7-34/MagickCore/shear.c =================================================================== --- ImageMagick-7.0.7-34.orig/MagickCore/shear.c +++ ImageMagick-7.0.7-34/MagickCore/shear.c @@ -1753,9 +1753,9 @@ MagickExport Image *ShearRotateImage(con */ width=integral_image->columns; height=integral_image->rows; - bounds.width=(size_t) floor(fabs((double) height*shear.x)+width+0.5); - bounds.height=(size_t) floor(fabs((double) bounds.width*shear.y)+height+0.5); - shear_width=(size_t) floor(fabs((double) bounds.height*shear.x)+ + bounds.width=CastDoubleToUnsigned(fabs((double) height*shear.x)+width+0.5); + bounds.height=CastDoubleToUnsigned(fabs((double) bounds.width*shear.y)+height+0.5); + shear_width=CastDoubleToUnsigned(fabs((double) bounds.height*shear.x)+ bounds.width+0.5); bounds.x=(ssize_t) floor((double) ((shear_width > bounds.width) ? width : bounds.width-shear_width+2)/2.0+0.5); Index: ImageMagick-7.0.7-34/coders/caption.c =================================================================== --- ImageMagick-7.0.7-34.orig/coders/caption.c +++ ImageMagick-7.0.7-34/coders/caption.c @@ -153,7 +153,7 @@ static Image *ReadCAPTIONImage(const Ima return(DestroyImageList(image)); (void) SetImageProperty(image,"caption",caption,exception); draw_info=CloneDrawInfo(image_info,(DrawInfo *) NULL); - width=(size_t) floor(draw_info->pointsize*strlen(caption)+0.5); + width=CastDoubleToUnsigned(draw_info->pointsize*strlen(caption)+0.5); if (AcquireMagickResource(WidthResource,width) == MagickFalse) { caption=DestroyString(caption); @@ -238,8 +238,8 @@ static Image *ReadCAPTIONImage(const Ima status=GetMultilineTypeMetrics(image,draw_info,&metrics,exception); if (status == MagickFalse) break; - width=(size_t) floor(metrics.width+draw_info->stroke_width+0.5); - height=(size_t) floor(metrics.height+draw_info->stroke_width+0.5); + width=CastDoubleToUnsigned(metrics.width+draw_info->stroke_width+0.5); + height=CastDoubleToUnsigned(metrics.height+draw_info->stroke_width+0.5); if ((image->columns != 0) && (image->rows != 0)) { if ((width >= image->columns) && (height >= image->rows)) @@ -266,8 +266,8 @@ static Image *ReadCAPTIONImage(const Ima status=GetMultilineTypeMetrics(image,draw_info,&metrics,exception); if (status == MagickFalse) break; - width=(size_t) floor(metrics.width+draw_info->stroke_width+0.5); - height=(size_t) floor(metrics.height+draw_info->stroke_width+0.5); + width=CastDoubleToUnsigned(metrics.width+draw_info->stroke_width+0.5); + height=CastDoubleToUnsigned(metrics.height+draw_info->stroke_width+0.5); if ((image->columns != 0) && (image->rows != 0)) { if ((width < image->columns) && (height < image->rows)) Index: ImageMagick-7.0.7-34/coders/label.c =================================================================== --- ImageMagick-7.0.7-34.orig/coders/label.c +++ ImageMagick-7.0.7-34/coders/label.c @@ -130,7 +130,7 @@ static Image *ReadLABELImage(const Image return(DestroyImageList(image)); (void) SetImageProperty(image,"label",label,exception); draw_info=CloneDrawInfo(image_info,(DrawInfo *) NULL); - width=(size_t) floor(draw_info->pointsize*strlen(label)+0.5); + width=CastDoubleToUnsigned(draw_info->pointsize*strlen(label)+0.5); if (AcquireMagickResource(WidthResource,width) == MagickFalse) { label=DestroyString(label); @@ -171,8 +171,8 @@ static Image *ReadLABELImage(const Image status=GetMultilineTypeMetrics(image,draw_info,&metrics,exception); if (status == MagickFalse) break; - width=(size_t) floor(metrics.width+draw_info->stroke_width+0.5); - height=(size_t) floor(metrics.height+draw_info->stroke_width+0.5); + width=CastDoubleToUnsigned(metrics.width+draw_info->stroke_width+0.5); + height=CastDoubleToUnsigned(metrics.height+draw_info->stroke_width+0.5); if ((image->columns != 0) && (image->rows != 0)) { if ((width >= image->columns) && (height >= image->rows)) @@ -201,8 +201,8 @@ static Image *ReadLABELImage(const Image status=GetMultilineTypeMetrics(image,draw_info,&metrics,exception); if (status == MagickFalse) break; - width=(size_t) floor(metrics.width+draw_info->stroke_width+0.5); - height=(size_t) floor(metrics.height+draw_info->stroke_width+0.5); + width=CastDoubleToUnsigned(metrics.width+draw_info->stroke_width+0.5); + height=CastDoubleToUnsigned(metrics.height+draw_info->stroke_width+0.5); if ((image->columns != 0) && (image->rows != 0)) { if ((width < image->columns) && (height < image->rows)) Index: ImageMagick-7.0.7-34/coders/pcl.c =================================================================== --- ImageMagick-7.0.7-34.orig/coders/pcl.c +++ ImageMagick-7.0.7-34/coders/pcl.c @@ -343,8 +343,8 @@ static Image *ReadPCLImage(const ImageIn options=AcquireString(""); (void) FormatLocaleString(density,MagickPathExtent,"%gx%g", image->resolution.x,image->resolution.y); - page.width=(size_t) floor(page.width*image->resolution.x/delta.x+0.5); - page.height=(size_t) floor(page.height*image->resolution.y/delta.y+0.5); + page.width=CastDoubleToUnsigned(page.width*image->resolution.x/delta.x+0.5); + page.height=CastDoubleToUnsigned(page.height*image->resolution.y/delta.y+0.5); (void) FormatLocaleString(options,MagickPathExtent,"-g%.20gx%.20g ",(double) page.width,(double) page.height); image=DestroyImage(image); Index: ImageMagick-7.0.7-34/coders/pdf.c =================================================================== --- ImageMagick-7.0.7-34.orig/coders/pdf.c +++ ImageMagick-7.0.7-34/coders/pdf.c @@ -1660,9 +1660,9 @@ RestoreMSCWarning (void) ParseMetaGeometry(page_geometry,&geometry.x,&geometry.y, &geometry.width,&geometry.height); scale.x=(double) (geometry.width*delta.x)/resolution.x; - geometry.width=(size_t) floor(scale.x+0.5); + geometry.width=CastDoubleToUnsigned(scale.x+0.5); scale.y=(double) (geometry.height*delta.y)/resolution.y; - geometry.height=(size_t) floor(scale.y+0.5); + geometry.height=CastDoubleToUnsigned(scale.y+0.5); (void) ParseAbsoluteGeometry(page_geometry,&media_info); (void) ParseGravityGeometry(image,page_geometry,&page_info,exception); if (image->gravity != UndefinedGravity) Index: ImageMagick-7.0.7-34/coders/ps.c =================================================================== --- ImageMagick-7.0.7-34.orig/coders/ps.c +++ ImageMagick-7.0.7-34/coders/ps.c @@ -1638,9 +1638,9 @@ static MagickBooleanType WritePSImage(co (void) ParseMetaGeometry(page_geometry,&geometry.x,&geometry.y, &geometry.width,&geometry.height); scale.x=(double) (geometry.width*delta.x)/resolution.x; - geometry.width=(size_t) floor(scale.x+0.5); + geometry.width=CastDoubleToUnsigned(scale.x+0.5); scale.y=(double) (geometry.height*delta.y)/resolution.y; - geometry.height=(size_t) floor(scale.y+0.5); + geometry.height=CastDoubleToUnsigned(scale.y+0.5); (void) ParseAbsoluteGeometry(page_geometry,&media_info); (void) ParseGravityGeometry(image,page_geometry,&page_info,exception); if (image->gravity != UndefinedGravity) Index: ImageMagick-7.0.7-34/coders/ps2.c =================================================================== --- ImageMagick-7.0.7-34.orig/coders/ps2.c +++ ImageMagick-7.0.7-34/coders/ps2.c @@ -537,9 +537,9 @@ static MagickBooleanType WritePS2Image(c (void) ParseMetaGeometry(page_geometry,&geometry.x,&geometry.y, &geometry.width,&geometry.height); scale.x=(double) (geometry.width*delta.x)/resolution.x; - geometry.width=(size_t) floor(scale.x+0.5); + geometry.width=CastDoubleToUnsigned(scale.x+0.5); scale.y=(double) (geometry.height*delta.y)/resolution.y; - geometry.height=(size_t) floor(scale.y+0.5); + geometry.height=CastDoubleToUnsigned(scale.y+0.5); (void) ParseAbsoluteGeometry(page_geometry,&media_info); (void) ParseGravityGeometry(image,page_geometry,&page_info,exception); if (image->gravity != UndefinedGravity) Index: ImageMagick-7.0.7-34/coders/ps3.c =================================================================== --- ImageMagick-7.0.7-34.orig/coders/ps3.c +++ ImageMagick-7.0.7-34/coders/ps3.c @@ -983,9 +983,9 @@ static MagickBooleanType WritePS3Image(c (void) ParseMetaGeometry(page_geometry,&geometry.x,&geometry.y, &geometry.width,&geometry.height); scale.x=(double) (geometry.width*delta.x)/resolution.x; - geometry.width=(size_t) floor(scale.x+0.5); + geometry.width=CastDoubleToUnsigned(scale.x+0.5); scale.y=(double) (geometry.height*delta.y)/resolution.y; - geometry.height=(size_t) floor(scale.y+0.5); + geometry.height=CastDoubleToUnsigned(scale.y+0.5); (void) ParseAbsoluteGeometry(page_geometry,&media_info); (void) ParseGravityGeometry(image,page_geometry,&page_info,exception); if (image->gravity != UndefinedGravity) Index: ImageMagick-7.0.7-34/coders/svg.c =================================================================== --- ImageMagick-7.0.7-34.orig/coders/svg.c +++ ImageMagick-7.0.7-34/coders/svg.c @@ -2301,10 +2301,10 @@ static void SVGStartElement(void *contex svg_info->view_box=svg_info->bounds; svg_info->width=0; if (svg_info->bounds.width > 0.0) - svg_info->width=(size_t) floor(svg_info->bounds.width+0.5); + svg_info->width=CastDoubleToUnsigned(svg_info->bounds.width+0.5); svg_info->height=0; if (svg_info->bounds.height > 0.0) - svg_info->height=(size_t) floor(svg_info->bounds.height+0.5); + svg_info->height=CastDoubleToUnsigned(svg_info->bounds.height+0.5); (void) FormatLocaleFile(svg_info->file,"viewbox 0 0 %.20g %.20g\n", (double) svg_info->width,(double) svg_info->height); sx=(double) svg_info->width/svg_info->view_box.width; Index: ImageMagick-7.0.7-34/MagickCore/image-private.h =================================================================== --- ImageMagick-7.0.7-34.orig/MagickCore/image-private.h +++ ImageMagick-7.0.7-34/MagickCore/image-private.h @@ -22,6 +22,10 @@ extern "C" { #endif +#include <errno.h> +#include <stdint.h> +#include <limits.h> + #define MagickAbsoluteValue(x) ((x) < 0 ? -(x) : (x)) #define MagickMax(x,y) (((x) > (y)) ? (x) : (y)) #define MagickMin(x,y) (((x) < (y)) ? (x) : (y)) @@ -32,6 +36,8 @@ extern "C" { #define MagickSQ1_2 0.70710678118654752440084436210484903928483593768847 #define MagickSQ2 1.41421356237309504880168872420969807856967187537695 #define MagickSQ2PI 2.50662827463100024161235523934010416269302368164062 +#define MAGICK_SIZE_MAX (SIZE_MAX) +#define MAGICK_SSIZE_MAX (SSIZE_MAX) #define UndefinedTicksPerSecond 100L #define UndefinedCompressionQuality 0UL @@ -53,6 +59,26 @@ extern MagickExport const char extern MagickExport const double DefaultResolution; +static inline size_t CastDoubleToUnsigned(const double x) +{ + if (IsNaN(x) != 0) + { + errno=ERANGE; + return(0); + } + if (floor(x) > ((double) MAGICK_SSIZE_MAX-1)) + { + errno=ERANGE; + return((size_t) MAGICK_SIZE_MAX); + } + if (ceil(x) < 0.0) + { + errno=ERANGE; + return(0); + } + return((size_t) x); +} + static inline double DegreesToRadians(const double degrees) { return((double) (MagickPI*degrees/180.0)); Index: ImageMagick-7.0.7-34/MagickCore/fx.c =================================================================== --- ImageMagick-7.0.7-34.orig/MagickCore/fx.c +++ ImageMagick-7.0.7-34/MagickCore/fx.c @@ -4382,8 +4382,8 @@ MagickExport Image *ShadowImage(const Im (void) SetImageColorspace(clone_image,sRGBColorspace,exception); (void) SetImageVirtualPixelMethod(clone_image,EdgeVirtualPixelMethod, exception); - border_info.width=(size_t) floor(2.0*sigma+0.5); - border_info.height=(size_t) floor(2.0*sigma+0.5); + border_info.width=CastDoubleToUnsigned(2.0*sigma+0.5); + border_info.height=CastDoubleToUnsigned(2.0*sigma+0.5); border_info.x=0; border_info.y=0; (void) QueryColorCompliance("none",AllCompliance,&clone_image->border_color,
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor