[prev in list] [next in list] [prev in thread] [next in thread]
List: graphicsmagick-commit
Subject: [GM-commit] GraphicsMagick: blob.c: Add casts to fix undefined behavior in l...
From: GraphicsMagick Commits <graphicsmagick-commit () lists ! sourceforge ! net>
Date: 2017-07-10 13:39:49
Message-ID: mailman.22183.1499694000.17807.graphicsmagick-commit () lists ! sourceforge ! net
[Download RAW message or body]
changeset fc663136df95 in /hg/GraphicsMagick
details: http://hg.GraphicsMagick.org/hg/GraphicsMagick?cmd=changeset;node=fc663136df95
summary: blob.c: Add casts to fix undefined behavior in left shifts.
diffstat:
ChangeLog | 6 ++++
VisualMagick/installer/inc/version.isx | 4 +-
magick/blob.c | 48 +++++++++++++++++-----------------
magick/version.h | 4 +-
www/Changelog.html | 15 ++++++++++
5 files changed, 49 insertions(+), 28 deletions(-)
diffs (175 lines):
diff -r 653a3d55168b -r fc663136df95 ChangeLog
--- a/ChangeLog Mon Jul 10 07:58:27 2017 -0400
+++ b/ChangeLog Mon Jul 10 08:39:46 2017 -0500
@@ -1,3 +1,9 @@
+2017-07-10 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
+
+ * magick/blob.c: Add casts to fix undefined behavior in left
+ shifts. Issue was reported by Agostino Sarubbo via email on Mon,
+ 10 Jul 2017.
+
2017-07-09 Glenn Randers-Pehrson <glennrp@simple.dallas.tx.us>
* coders/png.c (ReadOneJngImage): Ignore out-of-bounds MOVE
diff -r 653a3d55168b -r fc663136df95 VisualMagick/installer/inc/version.isx
--- a/VisualMagick/installer/inc/version.isx Mon Jul 10 07:58:27 2017 -0400
+++ b/VisualMagick/installer/inc/version.isx Mon Jul 10 08:39:46 2017 -0500
@@ -10,5 +10,5 @@
#define public MagickPackageName "GraphicsMagick"
#define public MagickPackageVersion "1.4"
-#define public MagickPackageVersionAddendum ".020170708"
-#define public MagickPackageReleaseDate "snapshot-20170708"
+#define public MagickPackageVersionAddendum ".020170710"
+#define public MagickPackageReleaseDate "snapshot-20170710"
diff -r 653a3d55168b -r fc663136df95 magick/blob.c
--- a/magick/blob.c Mon Jul 10 07:58:27 2017 -0400
+++ b/magick/blob.c Mon Jul 10 08:39:46 2017 -0500
@@ -1,5 +1,5 @@
/*
-% Copyright (C) 2003 - 2016 GraphicsMagick Group
+% Copyright (C) 2003 - 2017 GraphicsMagick Group
% Copyright (C) 2002 ImageMagick Studio
% Copyright 1991-1999 E. I. du Pont de Nemours and Company
%
@@ -3320,10 +3320,10 @@
if (ReadBlob(image,4,buffer) != 4)
return(0U);
- value=buffer[3] << 24;
- value|=buffer[2] << 16;
- value|=buffer[1] << 8;
- value|=buffer[0];
+ value=(magick_uint32_t) buffer[3] << 24;
+ value|=(magick_uint32_t) buffer[2] << 16;
+ value|=(magick_uint32_t) buffer[1] << 8;
+ value|=(magick_uint32_t) buffer[0];
return(value & 0xffffffff);
}
�
@@ -3370,10 +3370,10 @@
if (ReadBlob(image,4,buffer) != 4)
return(0U);
- value.uint32=buffer[3] << 24;
- value.uint32|=buffer[2] << 16;
- value.uint32|=buffer[1] << 8;
- value.uint32|=buffer[0];
+ value.uint32=(magick_uint32_t) buffer[3] << 24;
+ value.uint32|=(magick_uint32_t) buffer[2] << 16;
+ value.uint32|=(magick_uint32_t) buffer[1] << 8;
+ value.uint32|=(magick_uint32_t) buffer[0];
value.uint32&=0xffffffff;
return value.int32;
}
@@ -3473,8 +3473,8 @@
if (ReadBlob(image,2,buffer) != 2)
return(0U);
- value=buffer[1] << 8;
- value|=buffer[0];
+ value=(magick_uint16_t) buffer[1] << 8;
+ value|=(magick_uint16_t) buffer[0];
return(value & 0xffff);
}
�
@@ -3521,8 +3521,8 @@
if (ReadBlob(image,2,buffer) != 2)
return(0U);
- value.uint16=buffer[1] << 8;
- value.uint16|=buffer[0];
+ value.uint16=(magick_uint16_t) buffer[1] << 8;
+ value.uint16|=(magick_uint16_t) buffer[0];
value.uint16&=0xffff;
return value.int16;
}
@@ -3874,9 +3874,9 @@
if (ReadBlob(image,4,buffer) != 4)
return(0U);
- value=buffer[0] << 24;
- value|=buffer[1] << 16;
- value|=buffer[2] << 8;
+ value=(magick_uint32_t) buffer[0] << 24;
+ value|=(magick_uint32_t) buffer[1] << 16;
+ value|=(magick_uint32_t) buffer[2] << 8;
value|=buffer[3];
return(value & 0xffffffff);
}
@@ -3925,10 +3925,10 @@
if (ReadBlob(image,4,buffer) != 4)
return(0);
- value.uint32=buffer[0] << 24;
- value.uint32|=buffer[1] << 16;
- value.uint32|=buffer[2] << 8;
- value.uint32|=buffer[3];
+ value.uint32=(magick_uint32_t) buffer[0] << 24;
+ value.uint32|=(magick_uint32_t) buffer[1] << 16;
+ value.uint32|=(magick_uint32_t) buffer[2] << 8;
+ value.uint32|=(magick_uint32_t) buffer[3];
value.uint32&=0xffffffff;
return value.int32;
}
@@ -3976,8 +3976,8 @@
if (ReadBlob(image,2,buffer) != 2)
return(0U);
- value=buffer[0] << 8;
- value|=buffer[1];
+ value=(magick_uint16_t) buffer[0] << 8;
+ value|=(magick_uint16_t) buffer[1];
return(value & 0xffff);
}
�
@@ -4024,8 +4024,8 @@
if (ReadBlob(image,2,buffer) != 2)
return(0U);
- value.uint16=buffer[0] << 8;
- value.uint16|=buffer[1];
+ value.uint16=(magick_uint16_t) buffer[0] << 8;
+ value.uint16|=(magick_uint16_t) buffer[1];
value.uint16&=0xffff;
return value.int16;
}
diff -r 653a3d55168b -r fc663136df95 magick/version.h
--- a/magick/version.h Mon Jul 10 07:58:27 2017 -0400
+++ b/magick/version.h Mon Jul 10 08:39:46 2017 -0500
@@ -38,8 +38,8 @@
#define MagickLibVersion 0x191600
#define MagickLibVersionText "1.4"
#define MagickLibVersionNumber 19,16,0
-#define MagickChangeDate "20170708"
-#define MagickReleaseDate "snapshot-20170708"
+#define MagickChangeDate "20170710"
+#define MagickReleaseDate "snapshot-20170710"
/*
The MagickLibInterfaceNewest and MagickLibInterfaceOldest defines
diff -r 653a3d55168b -r fc663136df95 www/Changelog.html
--- a/www/Changelog.html Mon Jul 10 07:58:27 2017 -0400
+++ b/www/Changelog.html Mon Jul 10 08:39:46 2017 -0500
@@ -35,6 +35,21 @@
<div class="document">
+<p>2017-07-10 Bob Friesenhahn <<a class="reference external" \
href="mailto:bfriesen%40simple.dallas.tx.us">bfriesen<span> \
4;</span>simple<span>.</span>dallas<span>.</span>tx<span>.</span>us</a>></p>
+<blockquote>
+<ul class="simple">
+<li>magick/blob.c: Add casts to fix undefined behavior in left
+shifts. Issue was reported by Agostino Sarubbo via email on Mon,
+10 Jul 2017.</li>
+</ul>
+</blockquote>
+<p>2017-07-09 Glenn Randers-Pehrson <<a class="reference external" \
href="mailto:glennrp%40simple.dallas.tx.us">glennrp<span>@ \
</span>simple<span>.</span>dallas<span>.</span>tx<span>.</span>us</a>></p>
+<blockquote>
+<ul class="simple">
+<li>coders/png.c (ReadOneJngImage): Ignore out-of-bounds MOVE
+and CLIP object_id's.</li>
+</ul>
+</blockquote>
<p>2017-07-08 Glenn Randers-Pehrson <<a class="reference external" \
href="mailto:glennrp%40simple.dallas.tx.us">glennrp<span>@ \
</span>simple<span>.</span>dallas<span>.</span>tx<span>.</span>us</a>></p>
<blockquote>
<ul class="simple">
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Graphicsmagick-commit mailing list
Graphicsmagick-commit@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/graphicsmagick-commit
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic