2021-11-15 Bob Friesenhahn * coders/caption.c (ReadCAPTIONImage): Set draw_info to NULL upon deallocation. Fixes an assertion reported by Michael Melcher via the graphicsmagick-bugs list on November 11, 2021. 2021-11-05 Bob Friesenhahn * coders/jp2.c (initialize_jasper): For JasPer 3.0.0 and later, use resource-limited memory allocators. JasPer 3.0.0 is not yet released at this time. 2021-11-04 Bob Friesenhahn * coders/gif.c (ReadGIFImage): Handle GIF files where the 'opaque' index matches the number of colors by producing an extra colormap entry of transparent black. Fixes SourceForge issue 649 "Bug with gm identify" where the test case produces the error "Invalid colormap index (index 128 >= 128 colors, /tmp/broken.gif)". * magick/enum_strings.c (StringToDisposeType): New utility function to convert a string to a DisposeType. (DisposeTypeToString) New utility function to convert a DisposeType to a string. * coders/msl.c (MSLEndElement): Ignore imbalanced group closure. Fixes oss-fuzz 40680 "graphicsmagick:coder_MSL_fuzzer: Heap-buffer-overflow in MSLEndElement". 2021-11-03 Bob Friesenhahn * coders/tiff.c (ReadTIFFImage): Make sure that loops using TIFFReadScanline(), etc, do quit upon first reported error. Fixes oss-fuzz 39167 "graphicsmagick:coder_BIGTIFF_fuzzer: Use-of-uninitialized-value in DisassociateAlphaRegion", as well as other such cases. * coders/png.c (png_get_data): On a short read, assure that the remainder of the buffer is initialized just in case subsequent code accesses it. * coders/msl.c (MSLStartElement): Assure that 'msl_info->attributes[n]' is not NULL before attempting to use it. This is assumed to eliminate oss-fuzz 40226 "graphicsmagick:coder_MSL_fuzzer: ASSERT: image != (Image *) NULL". 2021-11-02 Bob Friesenhahn * coders/msl.c (MSLStartElement): Return immediately if there is already an error or the image is NULL. Do not discard exceptions when calling functions which return a new image. Try even harder to shut down the libxml2 parser. Fixes SourceForge issue 652 "SEGV in gm at coders/msl.c:883". 2021-10-31 Bob Friesenhahn * magick/widget.c (MagickXPreferencesWidget): Eliminate compilation warning about 'strlen' argument missing terminating nul. 2021-10-24 Fojtik Jaroslav * magick/wpg.c: ObjectID>=0x8000 automatically switches double precision on. 2021-09-18 Fojtik Jaroslav * PerlMagick/t/wmf/JPGinside.emf: Add test file: EMF that embedds JPG. 2021-09-17 Bob Friesenhahn * magick/blob.c (WriteBlob): Use appropriate handle for bzip2. Patch by Sam James . 2021-08-26 Bob Friesenhahn * coders/jp2.c (initialize_jasper): Make minimal use of new JasPer function jas_initialize() in order to avoid severe problems with jas_init(). * configure.ac: Detect new JasPer function jas_initialize(). 2021-08-14 Bob Friesenhahn * coders/msl.c (MSLError): Call xmlStopParser() rather than setting parser instate = XML_PARSER_EOF. * coders/svg.c (SVGError): Call xmlStopParser() rather than setting parser instate = XML_PARSER_EOF. 2021-07-21 Bob Friesenhahn * coders/pdf.c (WritePDFImage): Use appropriate memory deallocator for memory returned by StringToList(). Fixes SourceForge issue 646 "Assertion failed using -label with PDF". * coders/webp.c (ReadWEBPImage): Add full error checking when retrieving embedded profiles. * magick/profile.c (SetImageProfile): Do not try to store a zero-sized profile. * coders/webp.c (ReadWEBPImage): Enforce that embedded profiles provided by libWebP are not zero-sized. This problem was brought to our attention by Shane Bishop on the graphicsmagick-help mailing list. 2021-07-18 Bob Friesenhahn * Makefile.am: Add support for using an external 'graphicsmagick_snapshot_copy' script to copy files for the 'snapshot' target. This provides local control over how files are copied and where they are copied to. * coders/msl.c (MSLStartElement): Use macros to simplify validations and reduce repeated code fragments. Add validations for image size and pixels present where applicable. Fixes oss-fuzz 36224 "graphicsmagick:coder_MSL_fuzzer: Timeout in coder_MSL_fuzzer". * magick/transform.c (RollImage): Assert that image rows and columns are not zero. 2021-07-16 Bob Friesenhahn * coders/jp2.c (initialize_jasper): Update for the latest version of the evolving jas_init_custom() interface provided by the mdadams-callbacks branch. 2021-07-05 Bob Friesenhahn * coders/jp2.c: Assure that the designated decoder is used rather than using autodetection and possibly using a different decoder than intended. Added experimental support for JasPer HAVE_JAS_INIT_CUSTOM feature, but leave disabled by default. Fix a stream manager bug noticed with the madams-callbacks branch of JasPer. 2021-06-27 Bob Friesenhahn * coders/msl.c (ProcessMSLScript): Fix possible use of freed memory. Fixes oss-fuzz 35621 "graphicsmagick:coder_MSL_fuzzer: ASSERT: image->signature == MagickSignature". * fuzzing/oss-fuzz-build.sh: Disable reading and writing of gzip/bzip files since we don't have a viable solution for formats which require an uncompressed file as input. 2021-06-26 Bob Friesenhahn * coders/pcx.c (ReadPCXImage): Fix problem that 16-colors are used rather than 256-colors given sample file provided. Resolves SourceForge patch #65 "PCX file not read correctly". Patch is by Sam Yang. * coders/jp2.c (ReadJP2Image): Pass "max_samples" option to Jasper to try to limit the amount of memory it may allocate while opening a file. Addresses oss-fuzz 35265 "graphicsmagick:coder_PGX_fuzzer: Out-of-memory in coder_PGX_fuzzer". 2021-06-22 Bob Friesenhahn * coders/webp.c (ReadWEBPImage): Use SetImagePixelsEx() rather than GetImagePixelsEx() in reader. Patch by Tobias Mark via SourceForge patch #66 "Minor improvment webp". 2021-06-12 Bob Friesenhahn * coders/svg.c (GetTransformTokens): Fix massive over-allocation of string due to use of AcquireString() on entire remaining text buffer. Addresses oss-fuzz 35171 "graphicsmagick:coder_SVG_fuzzer: Out-of-memory in coder_SVG_fuzzer". (GetTransformTokens): Apply an arbitrary limit on number of tokens to avoid DOS. (GetStyleTokens): Fix massive over-allocation of string due to use of AcquireString() on entire remaining text buffer. (GetStyleTokens): Don't use strlcpy() to copy token because it scans full text. (GetTransformTokens): Don't use strlcpy() to copy token because it scans full text. 2021-06-05 Bob Friesenhahn * coders/msl.c (MSLStartElement): Use resource-managed memory allocator for msl_info->group_info and assure that memory is cleared so that empty group does not result in use of uninitialized data. Addresses oss-fuzz 34869 "graphicsmagick:coder_MSL_fuzzer: Use-of-uninitialized-value in MSLEndElement". * magick/memory.c (_MagickReallocateResourceLimitedMemory): Round up allocation size on small reallocs in order to lessen the number of actual reallocs. 2021-05-31 Bob Friesenhahn * coders/svg.c (SVGComment): Re-implement comment callback to be based on the managed-memory allocator and avoid excessive use of strlen(). (SVGCharacters): Re-implement characters callback to to be based on the managed-memory allocator and avoid excessive use of strlen(). Addresses oss-fuzz 34168 "graphicsmagick:coder_SVGZ_fuzzer: Timeout in coder_SVGZ_fuzzer". * magick/memory.c (_MagickResourceLimitedMemoryGetSizeAttribute): New private function to retrieve various integral size values from the managed-memory allocator regarding a specified allocation. * magick/utility.c (MagickStripString): New function to replace 'Strip' which is now deprecated. This version returns the string length. 2021-05-10 Bob Friesenhahn * Magick++/lib/Magick++/{Drawable.h, STL.h}: Use _MSVC_LANG in addition to __cplusplus when testing for C++'17 since the Microsoft C++ compiler only properly defines __cplusplus if the /Zc:__cplusplus switch was provided. 2021-05-09 Bob Friesenhahn * Magick++/lib/Magick++/STL.h: Support compiling with C++'98 through C++'17. * Magick++/lib/Magick++/Drawable.h: Support compiling with C++'98 through C++'17. 2021-05-02 Bob Friesenhahn * magick/command.c (CompareImageCommand): If user has not indicated a 'matte' preference, then include the opacity channel in the compare if either image has a matte channel. Addresses SourceForge issue #642 "Result of command "gm compare" depends on order of images". 2021-04-25 Bob Friesenhahn * magick/compare.c (IsImagesEqual): Eliminate hard "ImageOpacityDiffers" error when matte channel flag differs between the images being compared. Instead of throwing a hard error, treat the opacity channel of the image as opaque if the matte flag is not set. 2021-04-24 Bob Friesenhahn * coders/jpeg.c: It is apparently now undefined behavior to assign the return value from setjmp() to a variable. Remove recently added code which is now doing that. Much thanks to Chris Gravely for noticing this. 2021-04-19 Bob Friesenhahn * coders/jpeg.c (ReadJPEGImage): Error cases depending on ThrowReaderException() were now leaking client data memory. Replace such cases with customized ThrowJPEGReaderException() which assures that it is freed. (WriteJPEGImage): Error cases depending on ThrowWriterException() were now client data memory. Replace such cases with customized ThrowJPEGWriterException() which assures that it is freed. 2021-04-18 Bob Friesenhahn * coders/jpeg.c: Restructure client data so it is allocated on the heap rather than the stack. Happens to fix SourceForge issue 641 "SIGSEGV thrown performing longjmp in jpeg.c". 2021-04-10 Bob Friesenhahn * coders/png.c (ReadOnePNGImage): Assure that null ping_trans_alpha pointer is not dereferenced. Addresses oss-fuzz 33119 "graphicsmagick:coder_MNG_fuzzer: Null-dereference READ in ReadOnePNGImage". * magick/profile.c (SetImageProfile): Use the resource-limited memory allocator to allocate embedded profiles. * magick/map.c (MagickMapCopyResourceLimitedString): New private function to copy a resource-limited string. (MagickMapDeallocateResourceLimitedString): New private function to deallocate a resource-limited string. (MagickMapCopyResourceLimitedBlob): New private function to copy a resource-limited blob. (MagickMapDeallocateResourceLimitedBlob): New private function to deallocate a resource-limited blob. 2021-04-06 Bob Friesenhahn * coders/svg.c (GetStyleTokens): Limit the number of style tokens. Addresses oss-fuzz 32921 "graphicsmagick:coder_SVG_fuzzer: Out-of-memory in coder_SVG_fuzzer". (SVGComment): Only capture first comment rather than concatenating all comments. Addresses oss-fuzz 32944 "graphicsmagick:coder_SVGZ_fuzzer: Timeout in coder_SVGZ_fuzzer". 2021-04-02 Bob Friesenhahn * coders/msl.c (MSLReference): Fix memory leak when parser node is null. Addresses oss-fuzz 32713 "graphicsmagick:coder_MSL_fuzzer: Direct-leak in xmlNewReference". 2021-04-01 Bob Friesenhahn * coders/png.c (ReadOnePNGImage): Avoid use of null ping_trans_color. Fixes oss-fuzz 32666 "graphicsmagick:coder_MNG_fuzzer: Null-dereference READ in ReadOnePNGImage". 2021-03-29 Bob Friesenhahn * coders/msl.c (WriteMSLImage): Add OpenBlob()/CloseBlob() which seems necessary to avoid memory leak in ImageToBlob(). Hopefully will fix oss-fuzz 32575 "graphicsmagick:coder_MSL_fuzzer: Direct-leak in MagickMalloc". 2021-03-26 Bob Friesenhahn * coders/jp2.c (RegisterJP2Image): Report JasPer library version. * coders/msl.c (ProcessMSLScript): Free msl_image upon reader failure. Should fix oss-fuzz 32479 "graphicsmagick:coder_MSL_fuzzer: Indirect-leak in MagickMalloc". 2021-03-24 Bob Friesenhahn * PerlMagick/Makefile.am (check-perl): Nullify the check-perl target when PerlMagick is enabled and shared libraries are used. This is because a dynamic GraphicsMagick needs to be formally installed before PerlMagick can be tested. * coders/jp2.c (ReadJP2Image): Support both old and new ways to determine if JasPer codec support is available. * coders/msl.c (ProcessMSLScript): Another attempt to properly fix oss-fuzz 32263 "graphicsmagick:coder_MSL_fuzzer: Heap-use-after-free in ProcessMSLScript" without causing new problems. 2021-03-23 Bob Friesenhahn * coders/msl.c (ProcessMSLScript): Fix oss-fuzz 32263 "graphicsmagick:coder_MSL_fuzzer: Heap-use-after-free in ProcessMSLScript". 2021-03-18 Bob Friesenhahn * Magick++/lib/Image.cpp (Magick::Image::write): Due to the design of ImageToBlob(), it is possible for data to be returned although an exception was thrown. Deposit it in the Blob so that it will be freed. May finish fixing oss-fuzz 31965 "graphicsmagick:coder_MSL_fuzzer: Indirect-leak in MagickMalloc". 2021-03-17 Bob Friesenhahn * coders/msl.c (ProcessMSLScript): Attempt to address leak of "msl_image". May fix oss-fuzz 31965 "graphicsmagick:coder_MSL_fuzzer: Indirect-leak in MagickMalloc". 2021-03-13 Bob Friesenhahn * coders/dcm.c (DCM_ReadNonNativeImages): Enforce that image depth is in the supported range of 1-16. Embedded PGX was observed to cause JasPer to report a component depth of 20 bits. Fixes oss-fuzz issue 31373 "graphicsmagick:coder_DCM_fuzzer: Heap-buffer-overflow in DCM_SetupRescaleMap". 2021-03-10 Bob Friesenhahn * coders/svg.c (SVGError): Force xml parser input state to XML_PARSER_EOF state upon error to abort parsing. * coders/msl.c (MSLError): Force xml parser input state to XML_PARSER_EOF state upon error to abort parsing. Fixes oss-fuzz 31401 "graphicsmagick:coder_MSL_fuzzer: Timeout in coder_MSL_fuzzer". 2021-03-08 Bob Friesenhahn * coders/msl.c (ProcessMSLScript): Replicate clean-up actions which should already be done by MSLPopImage(). Trying to address oss-fuzz 31259 "graphicsmagick:coder_MSL_fuzzer: Direct-leak in MagickMalloc", which I have not been able to reproduce. * magick/tsd.c (MagickTsdKeyDelete): Fix memory leak of key values array at exit when use of pthread or WIN32 TSD APIs is disabled. 2021-03-07 Bob Friesenhahn * coders/msl.c (MSLStartElement): Consistently verify that attributes are non-NULL before calling TranslateText(). Fixes oss-fuzz 31779 "graphicsmagick:coder_MSL_fuzzer: ASSERT: image != (Image *) NULL". * README.txt: Add mention of libdeflate library, since it is an optional dependency of the next libtiff release, and might be required to link if libtiff itself depends on it. * configure.ac (MAGICK_DEP_LIBS): Liblzma is a libtiff dependency. GraphicsMagick does not directly use liblzma. Do not include liblzma as direct dependency for the modules build. 2021-03-04 Bob Friesenhahn * coders/svg.c (ProcessStyleClassDefs): Fix non-terminal execution while traversing "active" list based on a patch by Gregory J Wolfe. Addresses oss-fuzz 31663 "graphicsmagick:coder_SVGZ_fuzzer: Timeout in coder_SVGZ_fuzzer". 2021-03-02 Bob Friesenhahn * coders/svg.c (ProcessStyleClassDefs): Corrected fix for oss-fuzz 31234 "graphicsmagick:coder_SVG_fuzzer: Direct-leak in MagickMalloc" based on a patch by Gregory J Wolfe. 2021-02-28 Bob Friesenhahn * configure.ac: Add tests for Jasper jp2_decode(), jpc_decode(), and pgx_decode(). * coders/jp2.c (ReadJP2Image): Call jp2_decode(), jpc_decode(), or pgx_decode(), directly. Using jas_image_decode() makes us subject to Jasper's own format determination, which may include file formats we don't want to support via Jasper. * fuzzing/oss-fuzz-build.sh: Disable support for Jasper codecs we don't want or need. 2021-02-27 Bob Friesenhahn * coders/msl.c (MSLStartElement): Fix assertion in TranslateText() when there are no attributes available. Addresses oss-fuzz 31307 "graphicsmagick:coder_MSL_fuzzer: ASSERT: image != (Image *) NULL". * coders/svg.c (ProcessStyleClassDefs): Fix memory leak upon malformed class name list. Addresses oss-fuzz 31234 "graphicsmagick:coder_SVG_fuzzer: Direct-leak in MagickMalloc". (ProcessStyleClassDefs): Fix non-terminal loop and huge memory allocation caused by self-referential list. Not sure if implementation is as intended, but it does not crash. Addresses oss-fuzz 31391 "graphicsmagick:coder_SVG_fuzzer: Out-of-memory in coder_SVG_fuzzer". (SVGReference): Fix memory leak when parser node is null. Addresses oss-fuzz 31286 "graphicsmagick:coder_SVGZ_fuzzer: Direct-leak in xmlNewReference". 2021-02-25 Bob Friesenhahn * coders/msl.c (MSLCDataBlock): Fix leak of value from xmlNewCDataBlock(). Addresses oss-fuzz 31400 "graphicsmagick:coder_MSL_fuzzer: Direct-leak in xmlNewCDataBlock". 2021-02-22 Bob Friesenhahn * coders/svg.c (ProcessStyleClassDefs): Fix non-terminal loop caused by a self-referential list which results in huge memory usage. Addresses oss-fuzz 31238 "graphicsmagick:coder_SVG_fuzzer: Out-of-memory in coder_SVG_fuzzer". 2021-02-21 Bob Friesenhahn * coders/svg.c (SVGStartElement): Reject impossibly small bounds and view_box width or height. Addresses oss-fuzz 31224 "graphicsmagick:coder_SVG_fuzzer: Divide-by-zero in SVGStartElement". * coders/msl.c (MSLPushImage): Only clone attributes if not null. Should address oss-fuzz 31205 "graphicsmagick:coder_MSL_fuzzer: ASSERT: image != (Image *) NULL". * coders/jp2.c (ReadJP2Image): Validate that actual file header does appear to be a supported format regardless of 'magick' being forced. Jasper appears to dispatch to other libraries if it detects a known format it supports and then the program exits if there is a problem. Fixes oss-fuzz 31200 "graphicsmagick:coder_JPC_fuzzer: Unexpected-exit in error_exit". 2021-02-20 Bob Friesenhahn * magick/nt_base.c (NTGhostscriptFind,NTGhostscriptGetString): Handle Ghostscript point versions added after 9.52. Fixes SourceForge issue #636 'Failed to find Ghostscript' with Ghostscript version 9.53.0+. * fuzzing/oss-fuzz-build.sh: Patch by Paul Kehrer to incorporate Jasper and libxml2 into the oss-fuzz build. 2021-02-14 Bob Friesenhahn * VisualMagick/All/All.vcproj.in: Fixes by sourcer42 for the problem that Visual Studio is not able to load the All project if the project supports the x64 target. 2021-02-12 Bob Friesenhahn * www/Hg.rst: Document new redundant Mercurial server at OSDN, "https://hg.osdn.net/view/graphicsmagick/GM". 2021-02-07 Bob Friesenhahn * Add explicit cast to float where implicit casts to float from double were occurring. * magick/utility.c (MagickDoubleToLong): Guard against LONG_MAX not directly representable as a double. 2021-02-06 Bob Friesenhahn * magick/utility.c (TranslateTextEx): If image resolution is impossibly small, then report the default resolution of 72 DPI, or the equivalent in centimeters if units is in pixels-per-centimeter. Addresses SourceForge bug #396 "dpi not retrived (no default value)". I do have some misgivings about this solution since it is lying about the actual value. Not all usages of raster images have an associated physical reality and thus resolution is not necessarily relevant. 2021-02-04 Bob Friesenhahn * coders/tiff.c, coders/ps2.c, coders/ps3.c: Libtiff versions beyond 20201219 want to use types from stdint.h. 2021-01-31 Bob Friesenhahn * magick/monitor.c (MagickMonitorActive): Need to export this function for use by modules. 2021-01-30 Bob Friesenhahn * VisualMagick/bin: Remove hp2xx.exe, mpeg2dec.exe, and mpeg2enc.exe. There is no value to distributing these pre-built and flimsy executables in the source package. * filters/analyze.c (AnalyzeImage): Add OpenMP speed-ups. 2021-01-29 Bob Friesenhahn * filters/analyze.c (AnalyzeImage): Tidy the structure of the code a bit. * magick/module.c (ExecuteModuleProcess): Add error reporting for the case that the expected symbol is not resolved. 2021-01-23 Bob Friesenhahn * configure.ac: Remove updates to use recommended forms of AC_INIT and AM_INIT_AUTOMAKE. There were too many annoying side-effects to daily development from these changes. Perhaps they will be re-visited if solutions for Autotools regeneration issues are found. 2021-01-19 Bob Friesenhahn * magick/render.c (InverseAffineMatrix): Avoid possible division by zero or absurdly extreme scaling in InverseAffineMatrix(). Fixes oss-fuzz 28293 "Divide-by-zero - InverseAffineMatrix". 2021-01-13 Bob Friesenhahn * configure.ac (CONFIG_STATUS_DEPENDENCIES): Regenerate configure.ac if ChangeLog or version.sh is updated. 2021-01-10 Bob Friesenhahn * coders/pdf.c (WritePDFImage): Converting a TIF to a PDF set the page MediaBox to the TIFF dimensions in pixels while the CropBox is set in local context dimensions. The latter is correct, the former is not. Set the MediaBox to the proper dimension in local context. Should be the same in this context. Patch by Hubert Figuiere and retrieved from SourceForge patch #64 "Incorrect MediaBox in PDF export". * magick/pixel_cache.c: Memory cache implementation of pixel cache now uses resource limited memory allocator. It was previously resource limited, but by using the resource allocation APIs directly. 2021-01-09 Bob Friesenhahn * coders/tiff.c: Remove unintended double-charging for memory resource. Remove explicit memset where possible. 2021-01-07 Bob Friesenhahn * coders/gif.c (ReadGIFImage): Fix memory leak of global_colormap if realloc of memory for comment fails. Fixes oss-fuzz 29316 "Direct-leak in MagickMalloc". * coders/meta.c (ReadMETAImage): Fix double-free if blob buffer was reallocated after being attached to blob. Fixes oss-fuzz 29193 "Heap-double-free in MagickFree". 2021-01-06 Bob Friesenhahn * configure.ac: Updates to use recommended forms of AC_INIT and AM_INIT_AUTOMAKE. This was/is painful due to how development snapshot versioning is handled. The version string produced for the snapshot version will now contain the snapshot date. Effort has been made to avoid other impacts due to AC_INIT's enforcements for how version information is used. 2021-01-02 Bob Friesenhahn * PerlMagick/Magick.xs: Remove GCC warnings which spewed out at increased warning levels. * magick/magick_types.h.in: Hide definitions not intended for the rest of the world under "if defined(MAGICK_IMPLEMENTATION)". 2021-01-01 Bob Friesenhahn * configure.ac: Skip library symbol tests for gdi32 since these fail with the MSYS2 w64-i686 compiler and well as i686 Cygwin. The failures caused a build regression for i686 MSYS2/Cygwin. * Copyright.txt: Copyright year updates and ChangeLog rotation for the new year.