Hello community,
here is the log from the commit of package GraphicsMagick for openSUSE:Factory checked in at 2014-01-13 12:01:18
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/GraphicsMagick (Old)
and /work/SRC/openSUSE:Factory/.GraphicsMagick.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "GraphicsMagick"
Changes:
--------
--- /work/SRC/openSUSE:Factory/GraphicsMagick/GraphicsMagick.changes 2013-07-16 15:29:54.000000000 +0200
+++ /work/SRC/openSUSE:Factory/.GraphicsMagick.new/GraphicsMagick.changes 2014-01-13 12:01:21.000000000 +0100
@@ -1,0 +2,12 @@
+Thu Jan 2 09:43:18 UTC 2014 - pgajdos@suse.com
+
+- updated to 1.3.19:
+ * EPT: Fix crash observed when Ghostscript fails to produce useful
+ output. This was particularly noticeable when Ghostscript was not
+ installed. This crash could be used to cause denial of service.
+ * PNG: With libpng 1.6.X, avoid a crash while copying a PNG with a
+ "known incorrect ICC profile". This crash could be used to cause
+ denial of service.
+ * etc. see NEWS.txt
+
+-------------------------------------------------------------------
Old:
----
GraphicsMagick-1.3.18-debian-fixed.patch
GraphicsMagick-1.3.18-include.patch
GraphicsMagick-1.3.18.tar.bz2
New:
----
GraphicsMagick-1.3.19.tar.bz2
GraphicsMagick-debian-fixed.patch
GraphicsMagick-include.patch
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ GraphicsMagick.spec ++++++
--- /var/tmp/diff_new_pack.CqX9kX/_old 2014-01-13 12:01:22.000000000 +0100
+++ /var/tmp/diff_new_pack.CqX9kX/_new 2014-01-13 12:01:22.000000000 +0100
@@ -1,7 +1,7 @@
#
# spec file for package GraphicsMagick
#
-# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -37,16 +37,15 @@
Summary: Viewer and Converter for Images
License: MIT
Group: Productivity/Graphics/Convertors
-Version: 1.3.18
+Version: 1.3.19
Release: 0
-#Source: ftp://ftp.GraphicsMagick.org/pub/%{name}/%{base_version}/%{name}-%{version}.tar.bz2
-Source: %{name}-%{version}.tar.bz2
+Source: ftp://ftp.GraphicsMagick.org/pub/%{name}/%{base_version}/%{name}-%{version}.tar.bz2
# following typemap file is needed for building PerlMagick with perl 5.16;
# should be present in Graphics Magick 1.4.0
Source1: typemap
Patch0: %{name}-perl-link.patch
-Patch2: %{name}-%{version}-debian-fixed.patch
-Patch10: %{name}-%{version}-include.patch
+Patch2: %{name}-debian-fixed.patch
+Patch10: %{name}-include.patch
Url: http://www.GraphicsMagick.org/
Requires: xorg-x11-fonts
BuildRoot: %{_tmppath}/%{name}-%{version}-build
++++++ GraphicsMagick-1.3.18.tar.bz2 -> GraphicsMagick-1.3.19.tar.bz2 ++++++
/work/SRC/openSUSE:Factory/GraphicsMagick/GraphicsMagick-1.3.18.tar.bz2 /work/SRC/openSUSE:Factory/.GraphicsMagick.new/GraphicsMagick-1.3.19.tar.bz2 differ: char 11, line 1
++++++ GraphicsMagick-debian-fixed.patch ++++++
Index: GraphicsMagick-1.3.18/magick/delegate.c
===================================================================
--- GraphicsMagick-1.3.18.orig/magick/delegate.c
+++ GraphicsMagick-1.3.18/magick/delegate.c
@@ -539,7 +539,10 @@ MagickExport unsigned int InvokeDelegate
char
*command,
**commands,
- filename[MaxTextExtent];
+ linkedname[MaxTextExtent],
+ linkedinfoname[MaxTextExtent],
+ filename[MaxTextExtent],
+ safechars[]="abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.,-_+ /";
const DelegateInfo
*delegate_info;
@@ -559,6 +562,10 @@ MagickExport unsigned int InvokeDelegate
assert(image != (Image *) NULL);
assert(image->signature == MagickSignature);
temporary_image_filename=(*image->filename == '\0');
+ linkedname[0]='\0';
+ linkedname[MaxTextExtent-1]='\0';
+ linkedinfoname[0]='\0';
+ linkedinfoname[MaxTextExtent-1]='\0';
if (temporary_image_filename)
{
/* Allocate a temporary filename if image is unnamed. */
@@ -568,12 +575,24 @@ MagickExport unsigned int InvokeDelegate
return(False);
}
}
+ else if (strspn(image->filename, safechars) != strlen(image->filename))
+ {
+ strncpy(linkedname,image->filename,MaxTextExtent-1);
+ if (!AcquireTemporarySymlink(image->filename,linkedname))
+ {
+ (void) ThrowException(exception,FileOpenError,UnableToCreateTemporaryFile,image->filename);
+ return (False);
+ }
+ }
+
(void) strlcpy(filename,image->filename,MaxTextExtent);
delegate_info=GetDelegateInfo(decode,encode,exception);
if (delegate_info == (DelegateInfo *) NULL)
{
if (temporary_image_filename)
(void) LiberateTemporaryFile(image->filename);
+ if (*linkedname)
+ strncpy(image->filename,linkedname,MaxTextExtent-1);
(void) ThrowException(exception,DelegateError,NoTagFound,
decode ? decode : encode);
return(False);
@@ -594,6 +613,18 @@ MagickExport unsigned int InvokeDelegate
}
image_info->temporary=True;
}
+ else if (strspn(image_info->filename, safechars) != strlen(image_info->filename))
+ {
+ strncpy(linkedinfoname,image_info->filename,MaxTextExtent-1);
+ if (!AcquireTemporarySymlink(image_info->filename,linkedinfoname))
+ {
+ if (temporary_image_filename)
+ LiberateTemporaryFile(image->filename);
+ (void) ThrowException(exception,FileOpenError,UnableToCreateTemporaryFile,image_info->filename);
+ return(False);
+ }
+ temporary_image_filename=True;
+ }
if (delegate_info->mode != 0)
if ((decode && (delegate_info->encode != (char *) NULL)) ||
@@ -617,6 +648,13 @@ MagickExport unsigned int InvokeDelegate
{
if (temporary_image_filename)
(void) LiberateTemporaryFile(image->filename);
+ if (*linkedname)
+ strncpy(image->filename,linkedname,MaxTextExtent-1);
+ if (*linkedinfoname)
+ {
+ LiberateTemporaryFile(linkedinfoname);
+ strncpy(image_info->filename,linkedinfoname,MaxTextExtent-1);
+ }
(void) ThrowException(exception,FileOpenError,UnableToCreateTemporaryFile,image_info->unique);
return(False);
}
@@ -625,6 +663,13 @@ MagickExport unsigned int InvokeDelegate
{
if (temporary_image_filename)
(void) LiberateTemporaryFile(image->filename);
+ if (*linkedname)
+ strncpy(image->filename,linkedname,MaxTextExtent-1);
+ if (*linkedinfoname)
+ {
+ LiberateTemporaryFile(linkedinfoname);
+ strncpy(image_info->filename,linkedinfoname,MaxTextExtent-1);
+ }
(void) LiberateTemporaryFile(image_info->unique);
(void) ThrowException(exception,FileOpenError,UnableToCreateTemporaryFile,image_info->zero);
return(False);
@@ -638,6 +683,13 @@ MagickExport unsigned int InvokeDelegate
(void) LiberateTemporaryFile(image_info->zero);
if (temporary_image_filename)
(void) LiberateTemporaryFile(image->filename);
+ if (*linkedname)
+ strncpy(image->filename,linkedname,MaxTextExtent-1);
+ if (*linkedinfoname)
+ {
+ LiberateTemporaryFile(linkedinfoname);
+ strncpy(image_info->filename,linkedinfoname,MaxTextExtent-1);
+ }
(void) ThrowException(exception,DelegateError,DelegateFailed,
decode ? decode : encode);
return(False);
@@ -663,6 +715,13 @@ MagickExport unsigned int InvokeDelegate
(void) LiberateTemporaryFile(image_info->zero);
if (temporary_image_filename)
(void) LiberateTemporaryFile(image->filename);
+ if (*linkedname)
+ strncpy(image->filename,linkedname,MaxTextExtent-1);
+ if (*linkedinfoname)
+ {
+ LiberateTemporaryFile(linkedinfoname);
+ strncpy(image_info->filename,linkedinfoname,MaxTextExtent-1);
+ }
DestroyImageInfo(clone_info);
(void) ThrowException(exception,DelegateError,DelegateFailed,
decode ? decode : encode);
@@ -684,6 +743,13 @@ MagickExport unsigned int InvokeDelegate
{
if (temporary_image_filename)
(void) LiberateTemporaryFile(image->filename);
+ if (*linkedname)
+ strncpy(image->filename,linkedname,MaxTextExtent-1);
+ if (*linkedinfoname)
+ {
+ LiberateTemporaryFile(linkedinfoname);
+ strncpy(image_info->filename,linkedinfoname,MaxTextExtent-1);
+ }
(void) ThrowException(exception,ResourceLimitError,MemoryAllocationFailed,decode ? decode : encode);
return(False);
}
@@ -810,6 +876,13 @@ MagickExport unsigned int InvokeDelegate
error_exit:
if (temporary_image_filename)
(void) LiberateTemporaryFile(image->filename);
+ if (*linkedname)
+ strncpy(image->filename,linkedname,MaxTextExtent-1);
+ if (*linkedinfoname)
+ {
+ LiberateTemporaryFile(linkedinfoname);
+ strncpy(image_info->filename,linkedinfoname,MaxTextExtent-1);
+ }
for ( ; commands[i] != (char *) NULL; i++)
MagickFreeMemory(commands[i]);
MagickFreeMemory(commands);
Index: GraphicsMagick-1.3.18/magick/symbols.h
===================================================================
--- GraphicsMagick-1.3.18.orig/magick/symbols.h
+++ GraphicsMagick-1.3.18/magick/symbols.h
@@ -43,6 +43,7 @@
#define AcquireTemporaryFileDescriptor GmAcquireTemporaryFileDescriptor
#define AcquireTemporaryFileName GmAcquireTemporaryFileName
#define AcquireTemporaryFileStream GmAcquireTemporaryFileStream
+#define AcquireTemporarySymlink GmAcquireTemporarySymlink
#define AdaptiveThresholdImage GmAdaptiveThresholdImage
#define AddDefinition GmAddDefinition
#define AddDefinitions GmAddDefinitions
Index: GraphicsMagick-1.3.18/magick/tempfile.c
===================================================================
--- GraphicsMagick-1.3.18.orig/magick/tempfile.c
+++ GraphicsMagick-1.3.18/magick/tempfile.c
@@ -192,6 +192,93 @@ MagickExport MagickPassFail AcquireTempo
% %
% %
% %
++ A c q u i r e T e m p o r a r y S y m l i n k %
+% %
+% %
+% %
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+%
+% AcquireTemporarySymlink replaces the contents of the string buffer pointed
+% to by filename with the unique name of a symbolic link. True is returned
+% if a symlink waas created, or False is returned if there is a failure.
+% The allocated symlink should be recovered via the LiberateTemporaryFile()
+% function once it is no longer required.
+%
+% The format of the AcquireTemporarySymlink method is:
+%
+% unsigned int AcquireTemporarySymlink(char *linkname, const char *name,
+% ExceptionInfo *exception)
+%
+% A description of each parameter follows.
+%
+% o linkname: Specifies a pointer to an array of characters that must be
+% MaxTextExtent characters of size. The unique
+% name of the symlink is returned in this array.
+% o name: Specifies a file name the symlink should point to.
+*/
+MagickExport unsigned int AcquireTemporarySymlink(char *linkname, const char *name)
+{
+ char
+ *tempdir,
+ tempname[MaxTextExtent];
+
+ int
+ fd,
+ tries;
+
+ assert(linkname != (char *)NULL);
+ linkname[0]='\0';
+ tempname[MaxTextExtent-1]='\0';
+
+ tempdir=getenv("MAGICK_TMPDIR");
+#if defined(POSIX)
+ if (!tempdir)
+ tempdir=getenv("TMPDIR");
+#endif /* POSIX */
+#if defined(WIN32)
+ if (!tempdir)
+ tempdir=getenv("TMP");
+ if (!tempdir)
+ tempdir=getenv("TEMP");
+#endif /* WIN32 */
+#if defined(P_tmpdir)
+ if (!tempdir)
+ tempdir=P_tmpdir;
+#endif
+
+ for (tries=0; tries < 15; tries++)
+ {
+ strncpy(tempname,"gmXXXXXX",MaxTextExtent-1);
+ ComposeTemporaryFileName(tempname);
+ strncpy(linkname,tempdir,MaxTextExtent-1);
+ if (tempdir[strlen(tempdir)-1] != DirectorySeparator[0])
+ strncat(linkname,DirectorySeparator,MaxTextExtent-1);
+ strncat(linkname,tempname,MaxTextExtent-1);
+ if (*name == '/')
+ fd=symlink(name, linkname);
+ else
+ {
+ char cname[MaxTextExtent];
+ if (!getcwd(cname,(size_t)MaxTextExtent))
+ return (False);
+ strncat(cname,DirectorySeparator,MaxTextExtent-1);
+ strncat(cname,name,MaxTextExtent-1);
+ fd=symlink(cname,linkname);
+ }
+ if (fd != -1)
+ {
+ AddTemporaryFileToList(linkname);
+ return (True);
+ }
+ }
+ return (False);
+}
+
+/*
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+% %
+% %
+% %
+ A c q u i r e T e m p o r a r y F i l e D e s c r i p t o r %
% %
% %
Index: GraphicsMagick-1.3.18/magick/tempfile.h
===================================================================
--- GraphicsMagick-1.3.18.orig/magick/tempfile.h
+++ GraphicsMagick-1.3.18/magick/tempfile.h
@@ -24,6 +24,7 @@ typedef enum
MagickExport MagickPassFail
AcquireTemporaryFileName(char *filename),
+ AcquireTemporarySymlink(char *linkname, const char *name),
LiberateTemporaryFile(char *filename);
MagickExport int
Index: GraphicsMagick-1.3.18/magick/utility.c
===================================================================
--- GraphicsMagick-1.3.18.orig/magick/utility.c
+++ GraphicsMagick-1.3.18/magick/utility.c
@@ -1253,6 +1253,72 @@ MagickExport void FormatString(char *str
% %
% %
% %
+% F o r m a t S t r i n g N u m e r i c %
+% %
+% %
+% %
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+%
+% Method FormatStringNumeric formats output for a single numeric argument.
+% It takes into account that the format string given might be untrusted
+% user input, and returns a pointer to the formatted string.
+%
+% The format of the FormatStringNumeric method is:
+%
+% char * FormatStringNumeric(char *string,const char *format,int value)
+%
+% A description of each parameter follows.
+%
+% o format: A string describing the format to use to write the numeric
+% argument. Only the first numeric format identifier is replaced.
+%
+% o value: Numeric value to substitute into format string.
+%
+%
+*/
+MagickExport char *FormatStringNumeric(const char *format,int value)
+{
+ char
+ *p,
+ *string;
+
+ string = NULL;
+
+ (void) CloneString(&string, format);
+
+ for (p=strchr(format,'%'); p != (char *) NULL; p=strchr(p+1,'%'))
+ {
+ char
+ *q;
+
+ q=(char *) p+1;
+ if (*q == '0')
+ (void) strtol(q,&q,10);
+ if ((*q == '%') || (*q == 'd') || (*q == 'o') || (*q == 'x'))
+ {
+ char
+ c;
+
+ q++;
+ c=*q;
+ *q='\0';
+ (void) snprintf(string+(p-format),MaxTextExtent-(p-format),p,value);
+ *q=c;
+ (void) ConcatenateString(&string,q);
+ if (*(q-1) == '%')
+ p++;
+ else
+ break;
+ }
+ }
+ return string;
+}
+
+/*
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+% %
+% %
+% %
% G e t E x e c u t i o n P a t h %
% %
% %
Index: GraphicsMagick-1.3.18/magick/utility.h
===================================================================
--- GraphicsMagick-1.3.18.orig/magick/utility.h
+++ GraphicsMagick-1.3.18/magick/utility.h
@@ -72,6 +72,7 @@ extern MagickExport char
*AllocateString(const char *),
*Base64Encode(const unsigned char *,const size_t,size_t *),
*EscapeString(const char *,const char),
+ *FormatStringNumeric(const char *,int),
*GetPageGeometry(const char *),
**ListFiles(const char *,const char *,long *),
**StringToArgv(const char *,int *),
++++++ GraphicsMagick-include.patch ++++++
Index: Magick++/lib/Geometry.cpp
===================================================================
--- Magick++/lib/Geometry.cpp.orig
+++ Magick++/lib/Geometry.cpp
@@ -10,6 +10,7 @@
#include "Magick++/Include.h"
#include <string>
+#include <cstring>
#include