12020-12-26 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 2 3 - version.sh: Updates in preparation for the 1.3.36 release. 4 5 - bootstrap: Fix config.guess and config.sub download URLs. 6 72020-12-25 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 8 9 - design/pixel-cache.dot: Fix reported syntax errors. 10 11 - coders/mpc.c (ReadMPCImage): Report correct exception reason. 12 13 - coders/miff.c (ReadMIFFImage): Arbitrarily limit the number of 14 header keywords to avoid DOS attempts. 15 (ReadMIFFImage): Finish updates to use resource-limited memory 16 allocator. 17 (WriteMIFFImage): Finish updates to use resource-limited memory 18 allocator. 19 20 - coders/mpc.c (ReadMPCImage): Arbitrarily limit the number of 21 header keywords to avoid DOS attempts. Fixes oss-fuzz 28956 22 "Timeout - coder\_MPC\_fuzzer". 23 242020-12-24 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 25 26 - magick/render.c (AffineEdge): Use MagickDoubleToLong(); 27 28 - magick/utility.c (MagickDoubleToLong): New private function to 29 convert a 'double' to a 'long' with the minimum amount of harm. 30 31 - magick/segment.c (Classify): Remove variables from function 32 global scope that don't need outer scope. 33 34 - coders/jp2.c: JasPer changed its jas\_stream\_ops\_t callback 35 interfaces in releases 2.0.19 and 2.0.20. Revert to providing the 36 older interfaces by default, but use a 37 MAGICK\_JP2\_NEW\_STREAM\_INTERFACE pre-processor definition to 38 support selecting the new interfaces. We don't know how to 39 usefully tell the JasPer version at compile time! Luckily, using 40 the older interfaces only causes a compiler warning rather than a 41 run-time issue. 42 43 - coders/mac.c (ReadMACImage): Use size\_t type for 'ldblk' to 44 avoid possible overflow. 45 462020-12-23 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 47 48 - NEWS.txt: Update the news to the date December 23, 2020. 49 502020-12-22 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 51 52 - magick/image.c (AllocateImage): Satisfy conditions for 53 DestroyImage() as soon as possible and use it for clean-up on 54 error. Added more error checks. 55 (CloneImage): Satisfy conditions for DestroyImage() as soon as 56 possible and use it for clean-up on error. Don't attempt to copy 57 colormap if colors is zero. Added more error checks. 58 (DestroyImage): Assure that we can destroy a partially-constructed 59 Image. 60 61 - magick/effect.c (BlurImage): Fix null pointer dereference if 62 image failed to be created. 63 (DespeckleImage): Fix null pointer dereference if image failed to 64 be created. 65 (EnhanceImage): Fix null pointer dereference if image failed to be 66 created. 67 (GaussianBlurImage): Fix null pointer dereference if image failed 68 to be created. 69 (MedianFilterImage): Fix null pointer dereference if image failed 70 to be created. 71 (MotionBlurImage): Fix null pointer dereference if image failed to 72 be created. 73 (ReduceNoiseImage): Fix null pointer dereference if image failed to 74 be created. 75 (ShadeImage): Fix null pointer dereference if image failed to be 76 created. 77 (SharpenImage): Fix null pointer dereference if image failed to be 78 created. 79 (SpreadImage): Fix null pointer dereference if image failed to be 80 created. 81 822020-12-21 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 83 84 - coders/jp2.c (BlobWrite): Update Jasper stream OPs callback 85 function signatures to exactly match latest jas\_stream\_ops\_t 86 definition. This avoids an annoying warning when using Jasper 87 2.0.23 but now causes annoying warnings when using 2.0.12 or 88 1.900.1. There does not appear to be a useful way to determine the 89 Jasper numeric version (only a C string is available) from its 90 header files. 91 92 - magick/decorate.c (FrameImage): Skip attempting to render top or 93 bottom of ornamental border if its height is zero. 94 95 - magick/image.c (CloneImage): Set image signature right away in 96 case it needs to be destroyed while it is being constructed. 97 98 - wand/drawtest.c (main): MagickGetFilename() allocates a new 99 string so make sure to free it. 100 101 - tests/constitute.c (main): Destroy ExceptionInfo to avoid memory 102 leak if an exception was thrown. 103 104 - magick/effect.c (EdgeImage): Fix null pointer dereference if 105 edge image failed to be created. 106 107 - magick/compress.c (HuffmanEncode2Image): Fix error handling 108 issues. 109 110 - magick/command.c (CompareImageCommand): Fix memory leaks when an 111 input image failed to be read. 112 (CompositeImageCommand): Fix memory leaks when an input image 113 failed to be read. 114 115 - coders/fax.c (WriteFAXImage): Fix error handling. 116 117 - coders/mpc.c (ReadMPCImage): Use correct deallocator for page 118 geometry. Fixes oss-fuzz 28853 "Heap-buffer-overflow READ {\*} - 119 \_MagickReallocateResourceLimitedMemory". 120 1212020-12-20 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 122 123 - coders/yuv.c: Use resource-limited memory allocator. 124 125 - coders/xwd.c: Use resource-limited memory allocator. 126 127 - coders/xpm.c: Use resource-limited memory allocator. 128 129 - coders/xcf.c: Use resource-limited memory allocator. 130 131 - coders/xbm.c: Use resource-limited memory allocator. 132 133 - coders/wpg.c: Use resource-limited memory allocator. 134 135 - coders/viff.c: Use resource-limited memory allocator. 136 137 - coders/vicar.c: Use resource-limited memory allocator. 138 139 - coders/uil.c: Use resource-limited memory allocator. 140 141 - coders/txt.c: Use resource-limited memory allocator. 142 143 - coders/topol.c: Use resource-limited memory allocator. 144 145 - coders/tim.c: Use resource-limited memory allocator. 146 147 - coders/tiff.c: Use resource-limited memory allocator. 148 149 - coders/tga.c: Use resource-limited memory allocator. 150 151 - coders/sun.c: Use resource-limited memory allocator. 152 153 - coders/sgi.c: Use resource-limited memory allocator. 154 155 - coders/sfw.c: Use resource-limited memory allocator. 156 157 - coders/rle.c: Use resource-limited memory allocator. 158 159 - coders/rla.c: Use resource-limited memory allocator. 160 161 - coders/rgb.c: Use resource-limited memory allocator. 162 163 - coders/psd.c: Use resource-limited memory allocator. 164 165 - coders/ps3.c: Use resource-limited memory allocator. 166 167 - coders/ps2.c: Use resource-limited memory allocator. 168 169 - coders/pnm.c: Use resource-limited memory allocator. 170 171 - coders/pdf.c: Use resource-limited memory allocator. 172 173 - coders/pdb.c: Use resource-limited memory allocator. 174 175 - coders/pcl.c: Use resource-limited memory allocator. 176 177 - coders/pcd.c: Use resource-limited memory allocator. 178 179 - coders/palm.c: Use resource-limited memory allocator. 180 181 - coders/mtv.c: Use resource-limited memory allocator. 182 183 - coders/mpc.c: Use resource-limited memory allocator. 184 185 - coders/meta.c: Use resource-limited memory allocator. 186 187 - coders/map.c: Use resource-limited memory allocator. 188 189 - coders/jpeg.c: Use resource-limited memory allocator. 190 191 - coders/jp2.c: Use resource-limited memory allocator. 192 193 - coders/jnx.c: Use resource-limited memory allocator. 194 195 - coders/icon.c: Use resource-limited memory allocator. 196 197 - coders/hrz.c: Use resource-limited memory allocator. 198 199 - coders/histogram.c: Use resource-limited memory allocator. 200 201 - coders/gray.c: Use resource-limited memory allocator. 202 203 - coders/fpx.c: Use resource-limited memory allocator. 204 205 - coders/emf.c: Use resource-limited memory allocator. 206 207 - coders/dpx.c: Use resource-limited memory allocator. 208 209 - coders/dps.c: Use resource-limited memory allocator. 210 211 - coders/dcm.c: Use resource-limited memory allocator. 212 213 - coders/cut.c: Use resource-limited memory allocator. 214 215 - coders/cmyk.c: Use resource-limited memory allocator. 216 217 - coders/cineon.c: Use resource-limited memory allocator. 218 219 - coders/avs.c: Use resource-limited memory allocator. 220 221 - coders/art.c: Use resource-limited memory allocator. 222 223 - coders/pcx.c: Use resource-limited memory allocator. 224 225 - coders/mac.c: Use resource-limited memory allocator. 226 227 - coders/pict.c: Use resource-limited memory allocator. 228 229 - magick/memory.c (\_MagickReallocateResourceLimitedMemory): Add a 230 'clear' parameter which indicates that freshly allocated memory 231 should be zeroed. Added "Cleared" versions of the private managed 232 memory macros and updated all managed memory macros to exclusively 233 use this function. 234 2352020-12-19 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 236 237 - Update Automake to 1.16.3 and bootstrap to pick up latest 238 config.guess and config.sub. 239 2402020-12-17 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 241 242 - coders/miff.c (ImportRLEPixels): Change from C assertion to 243 exception report. Fixes oss-fuzz 28703 "ASSERT · ((quantum\_type 244 == IndexQuantum) && (image->storage\_class ...". 245 (ReadMIFFImage): Read Gray DirectClass image as PseudoClass so it 246 has a colormap, and we have a RLE decode implementation for it. 247 2482020-12-15 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 249 250 - magick/paint.c (OpaqueImage): Changing the image storage class 251 is not required. 252 2532020-12-14 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 254 255 - magick/paint.c (OpaqueImage): Assure that image type is promoted 256 as required based on fill color. Fixes unexpected results 257 discovered by Stuart McDonagh and reported via the 258 graphicsmagick-help mailing list on December 14, 2020. 259 2602020-12-13 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 261 262 - magick/render.c (DrawImage): Set '[MVG]' image attribute at 263 appropriate places outside of DrawImage() since DrawImage() 264 sometimes recurses into itself, trashing the image attribute. One 265 example of recursion is in the text annotation code. 266 267 - coders/svg.c (ReadSVGImage): Properly support 'ping' mode so 268 'identify' works as expected. 269 270 - magick/render.c (InsertAttributeIntoInputStream): Provide a more 271 useful diagnostic for when a "use" or "class" argument id is not 272 defined. 273 2742020-12-12 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 275 276 - magick/render.c (DrawImage): Fix regression when parsing "mask" 277 which was added by changeset 16305:f33a0fb3d8e4 on July 15, 2020 278 since the last formal release. This impacts MVG and SVG. 279 2802020-12-08 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 281 282 - www/INSTALL-unix.rst: Document the '--disable-compressed-files' 283 configure option, which was added on July 15th. 284 2852020-12-06 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 286 287 - magick/magic.c: Don't send files which test positive for PCL to 288 the HPGL delegate, which is normally 'hp2xx'. Fixes SourceForge 289 bug 607 "Slow to convert HP PCL printer data". 290 2912020-12-05 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 292 293 - magick/render.c (DrawImage): Use unique image attribute space 294 for MVG symbols. Fixes oss-fuzz 28111 "Timeout - 295 coder\_MVG\_fuzzer", oss-fuzz 28170 "Stack-overflow - DrawImage", 296 and oss-fuzz 28292 "Integer-overflow - DrawPolygonPrimitive". 297 2982020-12-04 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 299 300 - magick/render.c (DrawImage): Verify that affine scaling factors 301 are not zero. Fixes oss-fuzz 28293 "Divide-by-zero - 302 InverseAffineMatrix". 303 (DrawPolygonPrimitive): Thread error status check was at wrong 304 scope, resulting in code executing when it should have quit. 305 3062020-12-03 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 307 308 - magick/magick\_types.h.in: Stop trying to define PTRDIFF\_MAX. 309 3102020-11-29 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 311 312 - magick/magick\_types.h.in: Provide PTRDIFF\_MAX for Visual Studio 313 if it is missing. 314 315 - fuzzing/oss-fuzz-build.sh: Disable old JPEG support in libtiff. 316 317 - coders/mat.c (ReadMATImage): Use resource-limited memory 318 allocator. 319 (WriteMATLABImage): Use resource-limited memory allocator. 320 3212020-11-28 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 322 323 - NEWS.txt: Update the news to the date November 28, 2020. 324 325 - coders/png.c (ReadOneJNGImage): Verify and enforce 326 Alpha\_compression\_method values. Request that color and alpha 327 decoders return just one frame. Force decoder format to disable 328 auto-detection. Assume that coder messed up and might have 329 returned more than one frame. Fixes oss-fuzz 28013 "Indirect-leak 330 . MagickMalloc". 331 332 - magick/memory-private.h (MagickReallocateResourceLimitedMemory): 333 Fix typo in macro definition which resulted in a memory 334 reallocation leak! 335 336 - Magick++/lib/Magick++/Drawable.h: Decided to continue using 337 std::unary\_function if C++ version is less than C++'17 since 338 otherwise it may be changing an interface. 339 3402020-11-27 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 341 342 - coders/gif.c (ReadGIFImage): Use resource-limited memory 343 allocator when reading the comment extension. 344 345 - Magick++/lib/Magick++/Drawable.h: Remove inheritance from 346 std::unary\_function, which was removed in C++'17. 347 348 - coders/webp.c (ReadWEBPImage): Use resource-limited memory 349 allocator. 350 (WriteWEBPImage): Use resource-limited memory allocator. 351 352 - coders/jbig.c (WriteJBIGImage): Use resource-limited memory 353 allocator. 354 355 - coders/fits.c (ReadFITSImage): Use resource-limited memory 356 allocator. 357 (WriteFITSImage): Use resource-limited memory allocator. 358 359 - coders/dib.c (ReadDIBImage): Use resource-limited memory 360 allocator. 361 (WriteDIBImage): Use resource-limited memory allocator. 362 363 - coders/bmp.c (ReadBMPImage): Use resource-limited memory 364 allocator. 365 (WriteBMPImage): Use resource-limited memory allocator. 366 3672020-11-26 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 368 369 - coders/tiff.c (ReadTIFFImage): Improve RGBATiledMethod progress 370 monitor so it reports more steps. 371 (ReadTIFFImage): Improve TiledMethod progress monitor so it 372 reports more steps. 373 374 - fuzzing/utils.cc (class MagickState): Enable tracing of 375 exception events in order to help discover the origin of errors. 376 If too much output comes out, then this will be removed. 377 378 - magick/render.c (ConvertPathToPolygon): Attempt to fix leak of 379 'points' on memory allocation failure. 380 3812020-11-25 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 382 383 - magick/render.c (ConvertPathToPolygon): Make sure not to leak 384 points from added Edge. Fixes oss-fuzz 27608 "Direct-leak in 385 \_MagickReallocateResourceLimitedMemory". 386 (DrawDashPolygon): Place an aribrary limit on stroke dash polygon 387 unit maximum length in order to avoid possibly rendering 388 "forever". Addresses oss-fuzz 24236 "Timeout in 389 coder\_MVG\_fuzzer". 390 3912020-11-23 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 392 393 - magick/render.c (DrawPolygonPrimitive): Try to minimize the 394 impact of too many threads due to replicated data until such time 395 as the data structures can be re-designed to directly support 396 threading. 397 3982020-11-21 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 399 400 - www/Hg.rst: Describe how to clone the repository from 401 SourceForge using the ssh protocol rather than https. 402 403 - coders/ps.c (WritePSImage): Fix problem when writing PseudoClass 404 image with a colormap larger than two entries as bilevel. 405 Previous implementation was assuming that the colormap would only 406 include two entries for a monochrome image, but many entries may 407 exist in the colormap which were never used. Fixes SourceForge 408 issue #635 "gm convert failure from .pgm to .eps". 409 4102020-11-20 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 411 412 - fuzzing/utils.cc (class MagickState): Set DiskResource limit to 413 zero so that pixel cache won't spill over to using temporary 414 files. 415 4162020-11-16 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 417 418 - NEWS.txt: Update the news to the date November 16, 2020. 419 4202020-11-15 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 421 422 - coders/svg.c (ReadSVGImage): Fix memory leak due to CDATA block, 423 and some other possible small leaks. 424 425 - magick/magick.c (InitializeMagickEx): Set C pre-processor 426 definition USE\_GLIBC\_MTRACE to 1 in order to enable Linux mtrace 427 support. 428 429 - magick/render.c (ConvertPathToPolygon): Fix memory leak upon 430 memory reallocation failure. Addresses oss-fuzz 27351 431 "Direct-leak in \_MagickReallocateResourceLimitedMemory". 432 433 - magick/memory.c (\_MagickReallocateResourceLimitedMemory): Return 434 pointer to the allocation similar to realloc() and do not 435 automatically free existing memory upon allocation failure. 436 4372020-11-08 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 438 439 - common.shi.in: Apply some resource limits while running the test 440 suite. 441 (Q8\_MEMORY\_LIMIT): Set the test suite memory limit to 128MB for 442 Q8, or 256MB for Q16, or 512MB for the Q32 build. 443 (MAGICK\_LIMIT\_DISK): Set the test suite disk space limit to 0 to 444 avoid spilling over into disk files when the memory limit runs 445 out. 446 447 - coders/miff.c (WriteMIFFImage): Update to use resource-limit 448 respecting memory allocators. 449 4502020-11-07 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 451 452 - coders/miff.c (ReadMIFFImage): Update to use resource-limit 453 respecting memory allocators. 454 455 - magick/render.c (DrawImage): Update to use resource-limit 456 respecting memory allocators. 457 458 - magick/memory.c (\_MagickReallocateResourceLimitedMemory): Add 459 new private interfaces for allocating private memory while 460 respecting resource limits. 461 4622020-10-25 Bob Friesenhahn <bfriesen@bobsdell> 463 464 - magick/render.c (DrawImage): Reject pattern image with a 465 dimension of zero. Fixes oss-fuzz issue 26382 466 "graphicsmagick:coder\_MVG\_fuzzer: Floating-point-exception in 467 DrawPrimitive". 468 4692020-10-15 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 470 471 - magick/constitute.c (ConstituteImage): Set image depth 472 appropriately based on the storage size specified by StorageType 473 and QuantumDepth. 474 4752020-10-11 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 476 477 - magick/render.c (DrawPrimitive): Use DestroyImageList() to 478 destroy composite\_image since it may be a list. Fixes oss-fuzz 479 25247 "Indirect-leak in MagickMalloc". 480 (DrawPrimitive): Add ImageInfo properties to request only 481 returning the first frame if the in-line image is a list. Also, 482 add a missing DestroyImageList() request if multiple-frames were 483 returned. 484 485 - magick/transform.c (TransformImage): Use ReplaceImageInList() 486 replace transformed image in list. 487 488 - magick/list.c (ReplaceImageInList): Remove previous and next 489 references from removed image before destroying it. 490 491 - magick/render.c (DrawClipPath): Remove break statement so that 492 added clip-mask image is initialized properly and rendered-on as 493 expected. Thanks to László Böszörményi for reporting this problem 494 prior to release. 495 4962020-10-03 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 497 498 - configure.ac (AC\_PROG\_CC\_STDC): AC\_PROG\_CC\_STDC is no longer 499 required since AC\_PROG\_CC now provides its useful function. 500 AC\_PROG\_CC\_STDC is marked as obsolete after Autoconf 2.69. 501 Quote all arguments to m4 macros. 502 5032020-09-28 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 504 505 - configure.ac: Update syntax to avoid using deprecated syntax 506 according to Autoconf 2.69. 507 5082020-09-21 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 509 510 - coders/webp.c (ReadWEBPImage): Use SetImageProfile() rather than 511 AppendImageProfile(). 512 5132020-09-20 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 514 515 - wand/magick\_wand.c (MagickSetSamplingFactors): Correct 516 formatting of sampling factors string. Fixes SourceForge issue 517 633 "MagickSetSamplingFactors() API mismatch - comma separated 518 values instead of 1x1 ". 519 5202020-09-14 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 521 522 - magick/render.c (DrawPrimitive): Improve error checking related 523 to ImagePrimitive. 524 525 - magick/resize.c (ResizeImage): If CloneImage() of resize\_image 526 to source\_image fails then free source\_image allocation before 527 returning in order to prevent memory leak. 528 529 - magick/image.c (CloneImage): Free clone\_image allocation if 530 ImgExtra allocation fails in order to prevent memory leak. Fixes 531 oss-fuzz 25342 "Indirect-leak in MagickMalloc". 532 (SetImageOpacity): SetImageOpacity() now returns error status 533 since it is possible for it to fail. 534 5352020-09-13 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 536 537 - coders/tiff.c (ReadTIFFImage): Ignore corrupt whitepoint and 538 primary chromaticities tags. Fixes oss-fuzz issue 25507 539 "Divide-by-zero in DoubleToRational". The divide by zero is 540 actually in libtiff, but the bad values from the input file were 541 propagated through GraphicsMagick. 542 5432020-09-09 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 544 545 - magick/analyze.c (GetImageBoundingBox): Use solution proposed by 546 Troy Patteson to solve SourceForge issue 345 "MagickTrimImage with 547 extreme fuzz can produce image with negative width". 548 5492020-08-16 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 550 551 - coders/tiff.c (ReadTIFFImage): Apply the same resource limits to 552 TIFF tile sizes as apply to the image itself. Fixes oss-fuzz 553 issues 24523 "Timeout in coder\_TIFF\_fuzzer" and 24810 "Timeout in 554 coder\_PTIF\_fuzzer". 555 5562020-08-13 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 557 558 - configure.ac: Add --without-gdi32 configure option to support 559 disabling use of the Microsoft Windows gdi32 library if it is not 560 wanted. 561 5622020-08-12 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 563 564 - configure.ac: Remove the assumption that a native Windows build 565 means that Ghostscript may be available so that MinGW tests which 566 depend on Ghostcript are attributed proper XFAIL status by the 567 test suite. 568 5692020-08-10 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 570 571 - magick/magick.c (MagickCondSignal): Explicitly initialize 'oact' 572 prior to calling sigaction() in order to attempt to surmount 573 apparent oss-fuzz framework issue. 574 5752020-08-09 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 576 577 - magick/delegate.c, magick/magick.c, magick/nt\_base.c: Fix 578 compilation errors under MinGW when Ghostscript support is 579 disabled. 580 5812020-08-08 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 582 583 - magick/nt\_base.c: Fix compilation issue noticed under MinGW. 584 585 - magick/render.c (DrawImage): Handle the case that 586 ExtractTokensBetweenPushPop() can return NULL. Fixes oss-fuzz 587 24659 "Null-dereference READ in DrawImage". 588 589 - magick/magick.c (MagickCondSignal): Re-implement to handle the 590 case where a new-style 'siginfo' signal handler was previously 591 registered, as well as the legacy type. This may address oss-fuzz 592 24690 "Use-of-uninitialized-value in MagickCondSignal". 593 5942020-07-26 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 595 596 - wand/drawtest.c: Use structured error handling and report all 597 output to stderr so it does not screw up TAP tests. 598 599 - magick/render.c (DTOLONG\_MIN): Correct 32-bit definition of 600 DTOLONG\_MIN. 601 602 - wand/wandtests.tap: Wand drawtest requires FreeType. 603 604 - NEWS.txt: Update with changes up to 2020-07-26. 605 606 - VisualMagick/magick/magick\_config.h.in (HasGS): Default HasGS to 607 enabled. 608 609 - configure.ac: Add a --without-gs configure option to disable 610 reading PS, EPS, and PDF formats via an external Ghostscript 611 delegate program. This is intended as an absolute security 612 measure for sites that want to be assured to avoid executing 613 Ghostscript even though it is installed on the system. Removal of 614 PS and PDF reading support breaks reading other formats which are 615 handled by executing an external program to first convert to PS or 616 PDF formats. 617 618 - magick/delegate.c (InvokePostscriptDelegate): Use HasGS to 619 enable use of the Ghostscript delegate. Change the existing 620 legacy HasGS ifdefs to HasGSLIB. 621 6222020-07-23 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 623 624 - coders/tiff.c (WriteTIFFImage): Fix compilation error when 625 COMPRESSION\_WEBP is not defined. 626 6272020-07-20 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 628 629 - configure.ac: Fix enableval syntax for 630 --disable-compressed-files. 631 6322020-07-19 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 633 634 - magick/command.c (CompareImageCommand): Merge changeset by 635 谢致邦 (XIE Zhibang) which adds 'matte' support to the compare 636 command. However, substantially reduce the amount of changes 637 by avoiding adding a new public function. Documentation 638 regarding how 'compare' uses this option is also added. 639 640 - magick/command.c: Merge changeset by谢致邦 (XIE Zhibang) 641 regarding Some duplicate "verbose" should be "version". 642 643 - configure.ac, magick/blob.c: Merge changeset by Przemysław 644 Sobala regarding "Configure: add --with(out)-compressed-files 645 option". The configure option was changed to 646 --disable-compressed-files during the merge since it is more 647 appropriate. 648 6492020-07-15 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 650 651 - NEWS.txt: Update with changes up to 2020-07-15. 652 653 - magick/render.c (DrawImage): Improve error handling so errors 654 are returned when they should be. Fixes oss-fuzz 24117 655 "Stack-overflow in DrawImage" and oss-fuzz 24126 "Timeout in 656 coder\_MVG\_fuzzer". Restore the original behavior of 657 DrawClipPath() when there is no matching clip-path attribute. 658 6592020-07-12 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 660 661 - NEWS.txt: Update with changes up to 2020-07-12. 662 6632020-07-11 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 664 665 - magick/xwindow.c (MagickXVisualColormapSize): Fix UBSAN integer 666 overflow warning. 667 668 - magick/render.c (DrawClipPath): Report only a warning if there 669 is no clip mask. 670 (ExtractTokensBetweenPushPop): Verify that the expected/required 671 pop statement is indeed found. Fixes oss-fuzz 23498 "Timeout in 672 coder\_MVG\_fuzzer". 673 6742020-06-14 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 675 676 - magick/constitute.c (ReadImage): Improve error handling related 677 to ImageToFile(). 678 679 - magick/image.c (SetImageInfo): Improve error handling related to 680 ImageToFile(). 681 682 - coders/mat.c: Check MagickFindRawImageMinMax() return status. 683 684 - magick/constitute.c (MagickFindRawImageMinMax): Verify that the 685 original seek position was restored. 686 6872020-06-13 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 688 689 - magick/render.c (DrawImage): Apply stricter range limits when 690 converting a double to a long in order to avoid integer overflow. 691 Fixes oss-fuzz 23304 "Integer-overflow in DrawImage". 692 (DrawClipPath): If there is no matching clip-path attribute then 693 return an informative error. Fixes oss-fuzz 23187 "Stack-overflow 694 in DrawImage" which is actually a case of DrawImage() / 695 DrawClipPath() recursion. 696 6972020-06-06 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 698 699 - coders/wpg.c (UnpackWPGRaster): Fix oss-fuzz 23042 700 "Heap-buffer-overflow in ImportGrayQuantumType" and oss-fuzz 701 "Heap-buffer-overflow in InsertRow" which are both from the same 702 cause. 703 7042020-06-01 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 705 706 - magick/pixel\_cache.c (ClipCacheNexus): Change x and y variables 707 to unsigned type. 708 7092020-05-31 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 710 711 - coders/tiff.c (WriteTIFFImage): WebP compression only supports a 712 depth of 8. Fixes oss-fuzz 22560 "Use-of-uninitialized-value in 713 GammaToLinear". 714 7152020-05-30 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 716 717 - coders/wpg.c (ReadWPGImage): Terminate reading when a pixel 718 cache resource limit is hit rather than moving on to heap buffer 719 overflow. Fixes oss-fuzz 20045, 20318, 21956 720 721 - coders/png.c (ReadMNGImage): If the image width is 1, then X 722 magnification is done by by simple pixel replication. If the 723 image height is 1, then Y magnification is done by simple pixel 724 replication. Fixes oss-fuzz issue 19025 "Heap-buffer-overflow in 725 ReadMNGImage" and oss-fuzz issue 19026 "ASSERT: yy < (long) 726 large\_image->rows". It appears that CERT has assigned 727 CVE-2020-12672 for oss-fuzz issue 19025. Note that the heap 728 overwrite is only one byte. 729 7302020-05-01 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 731 732 - NEWS.txt: Update with changes up to 2020-04-23. 733 7342020-04-23 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 735 736 - coders/dpx.c (ReadDPXImage): Support dpx:swap-samples-read 737 define which behaves similar to dpx:swap-samples, but is only 738 applied when reading. This provides for use when there is both 739 reading and writing in the same operation. 740 (WriteDPXImage): Support dpx:swap-samples-write define which 741 behaves similar to dpx:swap-samples, but is only applied when 742 writing. This provides for use when there is both reading and 743 writing in the same operation. 744 7452020-04-18 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 746 747 - magick: Fix remaining GCC 10 warnings. 748 7492020-04-17 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 750 751 - magick/transform.c (GetImageMosaicDimensions): Mark function as pure. 752 753 - magick/effect.c (GetNonpeakMedianList): Mark function as pure. 754 755 - coders/fits.c (InsertRowHDU): Fix scary-sounding GCC 10 warning, 756 which is actually benign. 757 758 - config/config.sub: Update to latest config.sub 759 760 - config/config.guess: Update to latest config.guess. 761 762 - Makefile.am: Update to Automake 1.16.2 763 7642020-04-04 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 765 766 - coders/dpx.c (ReadRowSamples): Simplify 10-bit packed decoding. 767 (WriteRowSamples): Simplify 10-bit packed encoding. 768 769 - coders/locale.c (ReadConfigureFile): Ignore comment element if 770 it was not found or is too short. 771 772 - magick/pixel\_cache.c (ReadCacheIndexes): If SetNexus() has 773 previously failed to allocate the staging buffer and thus reported 774 an exception to the user, then ReadCacheIndexes() should report an 775 error rather than blundering into copying indexes data to a null 776 pointer. 777 778 - magick/effect.c (AdaptiveThresholdImage): Assure that we don't 779 attempt to write to output pixels if they have not been selected 780 yet. 781 782 - magick/utility.c (ExpandFilenames): Properly handle NULL 783 filelist and NULL filelist entries. 784 (GetGeometry): Assure that there is no one-character stack read 785 overflow when reading the geometry buffer. 786 7872020-03-29 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 788 789 - fuzzing/oss-fuzz-build.sh: Restore xz to oss-fuzz build due to 790 build problems getting worked out. 791 7922020-03-28 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 793 794 - fuzzing/oss-fuzz-build.sh (MAGICK\_LIBS): Remove mention of 795 liblzma.a in the oss-fuzz build until its build problems get 796 worked out. 797 7982020-03-27 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 799 800 - fuzzing/oss-fuzz-build.sh: Skip building xz in the oss-fuzz 801 build until its build problems get worked out. 802 8032020-03-25 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 804 805 - magick/log.c (InitializeLogInfoPost): Don't load log.mgk if 806 logging is already configured to use MethodOutput. 807 8082020-03-24 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 809 810 - magick/log.c (InitializeLogInfoPost): Mark that logging is 811 configured, regardless of if "log.mgk" was discovered. 812 8132020-03-23 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 814 815 - VisualMagick/magick/magick\_config.h.in: ProvideDllMain is now 816 disabled by default since it causes InitializeMagick() to be 817 invoked prior to when the program's main() routine is called, 818 thereby blocking configuration activities or use of 819 InitializeMagickEx(). With this change it is even more imperative 820 that InitializeMagick() be explicitly invoked by all programs 821 using GraphicsMagick. 822 823 - magick/log.c (LogMagickEventList): Always use/respect the 824 configured log format as might be obtained from "log.mgk" or 825 SetLogDefaultFormat(). 826 827 - magick/utility.c (MagickFormatString): Return the size of the 828 formatted string. 829 (MagickFormatStringList): Return the size of the formatted string. 830 (FormatString): Return the size of the formatted string. 831 (FormatStringList): Return the size of the formatted string. 832 8332020-03-22 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 834 835 - www/api/types.rst: Improved types documentation and added more 836 hyperlinks. 837 838 - scripts/format\_c\_api\_doc.py: Add hyperlinks for 'LogMethod' and 839 'LogOutputType' type documentation. 840 841 - Magick++/lib/Image.cpp (SetLogDefaultEventType): New C++ function to 842 forward to C interface. 843 (SetLogDefaultGenerations): New C++ function to forward to C 844 interface. 845 (SetLogDefaultLimit): New C++ function to forward to C interface. 846 (SetLogDefaultFormat(): New C++ function to forward to C 847 interface. 848 (SetLogDefaultLogMethod): New C++ function to forward to C 849 interface. 850 (SetLogDefaultFileName): New C++ function to forward to C 851 interface. 852 (SetLogDefaultOutputType): New C++ function to forward to C 853 interface. 854 855 - magick/log.c (SetLogDefaultEventType): New function to support 856 setting the default set of events which will result in a log 857 event. 858 (SetLogDefaultGenerations): New function to specify the maximum 859 number of log files maintain before circulating back to overwrite 860 the first name. 861 (SetLogDefaultLimit): New function to specify the maximum number 862 of logging events which may occur before creating a new log file. 863 (SetLogDefaultLogMethod): New function to provide a call-back 864 function to be invoked for each log event when the logging method 865 type is MethodOutput. 866 (SetLogDefaultOutputType): New function to set the logging output 867 destination. 868 (SetLogDefaultFormat): New function to provide the format of the 869 logging output. 870 (SetLogDefaultFileName): New function to provide the file name, 871 or file path, to be written to for each log event. 872 (InitializeLogInfo): If a default logging callback was provided 873 via SetLogDefaultLogMethod() then skip searching for "log.mgk". 874 In this case it is assumed that the API user has already changed 875 any other logging default which would have been updated by 876 "log.mgk" so it would be harmful to search for it, or read from 877 it. 878 8792020-03-10 Troy Patteson <troyp@ieee.org> 880 881 - coders/png.c (WriteOnePNGImage): Don't skip optional Exif 882 identifier code if it isn't present. 883 8842020-03-08 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 885 886 - magick/pixel\_cache.c (ModifyCache): Destroy clone\_image.cache if 887 ClonePixelCache() reports failure. Fixes oss-fuzz 20871 888 "graphicsmagick:coder\_MVG\_fuzzer: Direct-leak in 889 MagickMallocAligned". 890 891 - magick/log.c (LogMagickEventList): Prepare source module base 892 name more efficiently. Move MethodOutput implementation to the 893 front so it is not filtered by other active blocks. 894 (LogMagickEventList): Cache broken-down time structure in LogInfo 895 and recompute only when needed. 896 8972020-03-07 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 898 899 - magick/resize.c (HorizontalFilter): Improve tracing. 900 (VerticalFilter): Improve tracing. 901 (ResizeImage): Improve tracing. 902 903 - www/api/api.rst: Add functions from log.c and render.c. 904 905 - magick/log.c (DestroyLogInfo): DestroyLogInfo is no longer 906 marked MagickExport. 907 9082020-03-04 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 909 910 - magick/api.h: Add "magick/enum\_strings.h" to API headers. 911 Requested by Przemysław Sobala via posting to the 912 graphicsmagick-help mailing list on 2020-02-27. 913 914 - scripts/html\_fragments.py: Automatically generate HTML footer 915 content and include commented HTML fragment which may be 916 substituted with SF tracker for SourceForge web site. 917 9182020-02-23 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 919 920 - version.sh: Updates in preparation for the 1.3.35 release. 921 922 - www/INSTALL-windows.rst: Update Windows installation and build 923 documentation. 924 9252020-02-22 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 926 927 - NEWS.txt: Update with News since previous release. 928 929 - magick/magick.c (InitializeMagickSignalHandlers): This private 930 implementation function is now a static function as it should have 931 been. 932 (InitializeMagickEx): New function which may be used in place of 933 InitializeMagick() to initialize GraphicsMagick. This 934 initialization function returns an error status value, may update 935 a passed ExceptionInfo structure with error information, and 936 provides an options parameter which supports simple bit-flags to 937 tailor initialization. The signal handler registrations are 938 skipped if the MAGICK\_OPT\_NO\_SIGNAL\_HANDER flag is set in the 939 options. 940 9412020-02-19 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 942 943 - magick/magick.c (MagickToMime): Add a MIME translation for 944 "jpg". Issue reported by Pro Turm. 945 9462020-02-18 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 947 948 - www/INSTALL-windows.rst: Add quoting to avoid losing backslashes 949 in Windows paths. 950 9512020-02-16 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 952 953 - magick/common.h: Add missing unsupported handling for some 954 recently added GCC/Clang attributes. 955 956 - magick/: Move all remaining private implementation code in 957 public headers which is guarded by MAGICK\_IMPLEMENTATION into 958 private headers, which are never installed. 959 9602020-02-15 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 961 962 - coders/tiff.c (WriteTIFFImage): Evidence suggests that large 963 strip sizes improve performance by reducing the number of I/Os. 964 The defaults suggested by libtiff are way to small for today's 965 images and computers. Default TIFF strip sizes so that each 966 uncompressed strip consumes up to 1MiB of memory, or 4MiB for FAX 967 oriented codecs, or based on LZMA compression level when using 968 LZMA compression. The default size may be adjusted via the 969 TIFF\_BYTES\_PER\_STRIP preprocessor definition. 970 9712020-02-09 Fojtik Jaroslav <JaFojtik@seznam.cz> 972 973 - coders/wpg.c ZeroFillMissing data will never been triggered when 974 y>=image->rows. 975 9762020-02-09 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 977 978 - magick/render.c (DrawImage): Limit pattern dimensions by 979 LONG\_MAX rather than ULONG\_MAX since this seems more likely to 980 avoid arithmetic overflows later on. 981 9822020-02-09 Fojtik Jaroslav <JaFojtik@seznam.cz> 983 984 - coders/wpg.c Check for exception in image. 985 9862020-02-09 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 987 988 - magick/command.c (VersionCommand): Add Google perftools tcmalloc 989 to the available feature support. 990 991 - www/INSTALL-unix.rst: Include some information about building 992 with MSYS2. 993 994 - coders/png.c (ReadOnePNGImage): Eliminate compilation warnings 995 about signed/unsigned comparisons. 996 997 - magick/image.c: Remove private global string constants, and one 998 private global unsigned long constant, from the library ABI. 999 Since the global constants were declared via a private header and 1000 only used within the GraphicsMagick build, removing these does not 1001 impact the public ABI. The globals removed are BackgroundColor, 1002 BorderColor, DefaultTileFrame, DefaultTileGeometry, 1003 DefaultTileLabel, ForegroundColor, HighlightColor, MatteColor, 1004 PSDensityGeometry, PSPageGeometry, and DefaultCompressionQuality. 1005 10062020-02-08 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 1007 1008 - magick/render.c (DrawImage): Apply draconian pattern 1009 specification offset and dimension validations. Hopefully there 1010 is no impact to usability. If so please report it as a bug. 1011 Fixes oss-fuzz 20586 "graphicsmagick:coder\_MVG\_fuzzer: 1012 Integer-overflow in DrawPolygonPrimitive". 1013 1014 - coders/svg.c (ReadSVGImage): Fix dereference of NULL pointer 1015 when stopping image timer. 1016 10172020-02-06 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 1018 1019 - coders/pict.c (DecodeImage): Allocate extra scanline memory to 1020 allow small RLE overrun. Fixes oss-fuzz 20271 1021 "graphicsmagick:coder\_PICT\_fuzzer: Heap-buffer-overflow in 1022 ExpandBuffer" and 20272 "graphicsmagick:coder\_PICT\_fuzzer: 1023 Heap-buffer-overflow in DecodeImage". 1024 1025 - PerlMagick/t/wmf/read.t: Update WMF reference images. Relax 1026 test requirements for ski.wmf. 1027 1028 - locale/C.mgk: Correct error message associated with 1029 "UnsupportedNumberOfRows". Patch was submitted by Thorsten 1030 Alteholz via private email on 2020-02-05. 1031 10322020-02-04 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 1033 1034 - coders/topol.c: Include magick/magick\_endian.h. 1035 10362020-02-03 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 1037 1038 - magick, coders, wand: Added copious casts to avoid possible 1039 integer overflows in the Microsoft Windows 64-bit build, where 1040 sizeof(long) < sizeof(size\_t). 1041 10422020-01-26 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 1043 1044 - magick/render.h ("PrimitiveInfo"): Change PrimitiveInfo 1045 coordinates from type 'unsigned long' to 'size\_t'. 1046 10472020-01-24 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 1048 1049 - magick/gradient.c (GradientImage): Warnings reduction, plus note 1050 about incorrect diagonal gradients math. 1051 10522020-01-20 Fojtik Jaroslav <JaFojtik@seznam.cz> 1053 1054 - VisualMagick\configure\configure.cpp Option /arch:SSE2 is 1055 available only for 32 bit build. 1056 10572020-01-19 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 1058 1059 - coders/pcd.c (DecodeImage): Assure that pcd\_length gets 1060 initialized with something. 1061 1062 - Magick++/lib/Options.cpp (strokeDashArray): Add needless check 1063 for \_drawInfo->dash\_pattern null in order to make static analysis 1064 happy. 1065 1066 - magick/render.c (DestroyPolygonInfo): Make sure to not 1067 dereference a null edges pointer. 1068 1069 - coders/pdb.c (WritePDBImage): Make sure that null comment value 1070 is not dereferenced. 1071 1072 - coders/vid.c (ReadVIDImage): Make sure that 1073 ThrowVIDReaderException does not dereference a null pointer. 1074 1075 - magick/quantize.c (ClassifyImageColors): Fix error handling so a 1076 null pointer won't be consumed after a memory allocation failure. 1077 Changed the location of some variable declarations and added some 1078 comments. 1079 10802020-01-18 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 1081 1082 - coders/caption.c (ReadCAPTIONImage): Assure that metrics are 1083 initialized. 1084 1085 - magick/pixel\_cache.c (DestroyThreadViewSet): Check if views 1086 pointer is not null before destroying views. 1087 1088 - coders/xpm.c (ReadXPMImage): Properly detect the case where the 1089 XPM colormap is not fully initialized. 1090 1091 - coders/pict.c (DecodeImage): Fix heap buffer over-reads. Fixes 1092 oss-fuzz issue 20053 "graphicsmagick:coder\_PICT\_fuzzer: 1093 Heap-buffer-overflow in ExpandBuffer" and oss-fuzz issue 20048 1094 "graphicsmagick:coder\_PICT\_fuzzer: Heap-buffer-overflow in 1095 DecodeImage". Both of these oss-fuzz issues appeared due to 1096 recent changes since the last release. 1097 1098 - coders/meta.c (WriteMETAImage): Assure that 'iptc\_offset' is 1099 initialized and valid. 1100 1101 - coders/jpeg.c (ReadJPEGImage): Assure that evaluating the 1102 embedded profile length does not suffer from undefined behavior. 1103 11042020-01-12 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 1105 1106 - magick/render.c (DrawImage): Add more MVG parser validations. 1107 11082020-01-11 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 1109 1110 - coders/histogram.c (WriteHISTOGRAMImage): Histogram coder was 1111 relying on the previously removed '@' file inclusion feature to 1112 insert the histogram comment text. Write a PseudoClass MIFF image 1113 with RLE compression. Fixes SourceForge issue #622 "Histogram 1114 produces incorrect color table attribute ". 1115 1116 - magick/pixel\_cache.c (ModifyCache): Re-open the pixel cache if 1117 the cache rows/columns do not match the owning image rows/columns. 1118 1119 - magick/transform.c (TransformImage): TransformImage now returns 1120 a MagickPassFail return status value rather than void. 1121 1122 - coders/pict.c (ReadPICTImage): Fix some over-strict validations 1123 which were preventing some PICT files which were previously read 1124 successfully from being accepted. Fix problems which occurred when 1125 the clipping rectangle changed the image size. Improve reading 1126 embedded JPEG blobs. Now successfully reads all raster PICT files 1127 I have available. 1128 11292020-01-08 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 1130 1131 - coders/pict.c (ReadPICTImage): Be more strict about PICT 1132 rectangle by treating rectangle dimensions as if they are a 16-bit 1133 signed type and not allowing negative values. Avoid GCC warnings 1134 which sprung up similar to "warning: comparison is always false 1135 due to limited range of data type". 1136 11372020-01-05 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 1138 1139 - coders/sfw.c (ReadSFWImage): Restore a DestroyImage() statement 1140 which was accidentally deleted by recent edits. Fixes oss-fuzz 1141 "Issue 19819 in oss-fuzz: graphicsmagick:coder\_SFW\_fuzzer: 1142 Indirect-leak in AllocateImage". 1143 1144 - coders/png.c (WriteOneJNGImage): Detect when JPEG encoder has 1145 failed, and throw exception. Fix image dimension limit 1146 validations. Stop discarding exception report. Fixes SourceForge 1147 bug #621 "Assertion in WriteBlob at magick/blob.c:4937" which was 1148 reported by Suhwan Song. 1149 1150 - coders/pict.c (WritePICTImage): Eliminating small buffer overrun 1151 when run-length encoding pixels. Fixes SourceForge bug #620 1152 "heap-buffer-overflow in EncodeImage at coders/pict.c:1114" which 1153 was reported by Suhwan Song. 1154 1155 - coders/logo.c (ReadLOGOImage): PATTERN error handling was 1156 incomplete. Add appropriate error handling. 1157 (ReadLOGOImage): Switch to using ConstituteTextureImage() rather 1158 than TextureImage() since it is more appropriate for this purpose. 1159 (ReadLOGOImage): Oops! Accidental change of behavior. When size 1160 is not supplied, simply return the pattern image. 1161 11622020-01-04 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 1163 1164 - coders/\*.c (ReadFOOImage): Stop image timer just before 1165 returning from reader so that reported timings are correct when 1166 used in the future. 1167 11682020-01-03 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 1169 1170 - magick/timer.c (StartTimer): Expose previously existing 1171 StartTimer() function. 1172 (StopTimer): Expose previously existing StartTimer() function. 1173 1174 - magick/constitute.c (WriteImage): Don't over-write time-stamp 1175 when output is to INFO format. 1176 11772020-01-03 Fojtik Jaroslav <JaFojtik@seznam.cz> 1178 1179 - VisualMagick\configure\configure.exe: Should not depend on mfcr90.dll. 1180 It is too bad when end user cannot run this tool because of missing DLL. 1181 1182 - VisualMagick\configure\configure.cpp Make speed optimisation as default 1183 option. 1184 1185 - VisualMagick\configure\configure.vcproj Give different filename to debug 1186 build to avoid accidental committing debug build to repository. 1187 11882020-01-01 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> 1189 1190 - coders/dpx.c (GenerateDPXTimeStamp): Use reentrant localtime\_r() 1191 function if it is available. 1192 1193 - magick/log.c (LogMagickEventList): Use reentrant 1194 localtime\_r() function if it is available. 1195 1196 - coders/cineon.c (GenerateCineonTimeStamp): Use reentrant 1197 localtime\_r() function if it is available. 1198 1199 - coders/mat.c (WriteMATLABImage): Use reentrant localtime\_r() 1200 function if it is available. 1201 1202 - coders/pdf.c (WritePDFImage): Use reentrant localtime\_r() 1203 function if it is available. 1204 1205 - coders/ps.c (WritePSImage): Use reentrant ctime\_r() function 1206 if it is available. 1207 1208 - coders/ps2.c (WritePS2Image): Use reentrant ctime\_r() function 1209 if it is available. 1210 1211 - coders/ps3.c (WritePS3Image): Use reentrant ctime\_r() function 1212 if it is available. 1213 1214 - configure.ac: Test for getpwnam\_r(). 1215 1216 - magick/utility.c (ExpandFilename): Use reentrant getpwnam\_r() 1217 function if it is available. 1218 1219 - magick/magick.c (InitializeMagickSignalHandlers): Use the normal 1220 termination signal handler for SIGXCPU and SIGXFSZ so that ulimit 1221 or setrlimit(2) may be used to apply CPU (RLIMIT\_CPU) and output 1222 file size (RLIMIT\_FSIZE) limits with the normal cleanup, and 1223 without dumping core. Note that any output files currently being 1224 written may be truncated and files being written by external 1225 programs (e.g. Ghostscript) might be left behind unless they are 1226 to a temporary file assigned by GraphicsMagick. 1227 1228 - coders/xpm.c (ReadXPMImage): Promote a color-lookup 1229 warning to an error. 1230 1231 - coders/xc.c (ReadXCImage): Promote a color-lookup 1232 warning to an error. 1233 1234 - coders/null.c (ReadNULLImage): Promote a color-lookup 1235 warning to an error. 1236 1237 - Makefile.am: Rotate ChangeLogs for the new year. 1238 1239 - coders/gradient.c (ReadGRADIENTImage): Promote a color-lookup 1240 warning to an error. 1241