[prev in list] [next in list] [prev in thread] [next in thread]
List: graphicsmagick-commit
Subject: [GM-commit] GraphicsMagick: SGI: Check for EOF while reading file header
From: GraphicsMagick Commits <graphicsmagick-commit () lists ! sourceforge ! net>
Date: 2017-09-19 13:46:49
Message-ID: mailman.33308.1505828818.8691.graphicsmagick-commit () lists ! sourceforge ! net
[Download RAW message or body]
changeset 6c55efeb2904 in /hg/GraphicsMagick
details: http://hg.GraphicsMagick.org/hg/GraphicsMagick?cmd=changeset;node=6c55efeb2904
summary: SGI: Check for EOF while reading file header
diffstat:
ChangeLog | 6 ++++++
VisualMagick/installer/inc/version.isx | 4 ++--
coders/sgi.c | 16 +++++++++-------
magick/version.h | 4 ++--
www/Changelog.html | 8 ++++++++
5 files changed, 27 insertions(+), 11 deletions(-)
diffs (101 lines):
diff -r 787faf42625c -r 6c55efeb2904 ChangeLog
--- a/ChangeLog Sun Sep 17 16:41:51 2017 -0500
+++ b/ChangeLog Tue Sep 19 08:46:46 2017 -0500
@@ -1,3 +1,9 @@
+2017-09-19 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
+
+ * coders/sgi.c (ReadSGIImage): Check for EOF while reading SGI
+ file header. Issue was brought to our attention by Petr Gajdos
+ via email on Fri, 1 Sep 2017.
+
2017-09-17 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
* coders/tiff.c (ReadTIFFImage): Allow a single scanline, strip,
diff -r 787faf42625c -r 6c55efeb2904 VisualMagick/installer/inc/version.isx
--- a/VisualMagick/installer/inc/version.isx Sun Sep 17 16:41:51 2017 -0500
+++ b/VisualMagick/installer/inc/version.isx Tue Sep 19 08:46:46 2017 -0500
@@ -10,5 +10,5 @@
#define public MagickPackageName "GraphicsMagick"
#define public MagickPackageVersion "1.4"
-#define public MagickPackageVersionAddendum ".020170917"
-#define public MagickPackageReleaseDate "snapshot-20170917"
+#define public MagickPackageVersionAddendum ".020170919"
+#define public MagickPackageReleaseDate "snapshot-20170919"
diff -r 787faf42625c -r 6c55efeb2904 coders/sgi.c
--- a/coders/sgi.c Sun Sep 17 16:41:51 2017 -0500
+++ b/coders/sgi.c Tue Sep 19 08:46:46 2017 -0500
@@ -314,18 +314,14 @@
status=OpenBlob(image_info,image,ReadBinaryBlobMode,exception);
if (status == False)
ThrowReaderException(FileOpenError,UnableToOpenFile,image);
- /*
- Read SGI raster header.
- */
- iris_info.magic=ReadBlobMSBShort(image);
file_size=GetBlobSize(image);
do
{
/*
- Verify SGI identifier.
+ Read SGI raster header.
*/
- if (iris_info.magic != 0x01DA)
- ThrowReaderException(CorruptImageError,ImproperImageHeader,image);
+ (void) memset(&iris_info, 0, sizeof(iris_info));
+ iris_info.magic=ReadBlobMSBShort(image);
iris_info.storage=ReadBlobByte(image);
iris_info.bytes_per_pixel=ReadBlobByte(image) &0xF;
iris_info.dimension=ReadBlobMSBShort(image) & 0xFFFF;
@@ -344,6 +340,9 @@
(void) ReadBlob(image,(unsigned int) sizeof(iris_info.dummy2),
iris_info.dummy2);
+ if (EOFBlob(image))
+ ThrowReaderException(CorruptImageError,UnableToReadImageHeader,image);
+
(void) LogMagickEvent(CoderEvent,GetMagickModule(),
"IRIS Header:\n"
" MAGIC=%u\n"
@@ -375,6 +374,9 @@
/*
Validate image header and set image attributes.
*/
+ if (iris_info.magic != 0x01DA)
+ ThrowReaderException(CorruptImageError,ImproperImageHeader,image);
+
if (iris_info.storage == 0U)
{
/* Uncompressed */
diff -r 787faf42625c -r 6c55efeb2904 magick/version.h
--- a/magick/version.h Sun Sep 17 16:41:51 2017 -0500
+++ b/magick/version.h Tue Sep 19 08:46:46 2017 -0500
@@ -38,8 +38,8 @@
#define MagickLibVersion 0x191600
#define MagickLibVersionText "1.4"
#define MagickLibVersionNumber 19,16,0
-#define MagickChangeDate "20170917"
-#define MagickReleaseDate "snapshot-20170917"
+#define MagickChangeDate "20170919"
+#define MagickReleaseDate "snapshot-20170919"
/*
The MagickLibInterfaceNewest and MagickLibInterfaceOldest defines
diff -r 787faf42625c -r 6c55efeb2904 www/Changelog.html
--- a/www/Changelog.html Sun Sep 17 16:41:51 2017 -0500
+++ b/www/Changelog.html Tue Sep 19 08:46:46 2017 -0500
@@ -35,6 +35,14 @@
<div class="document">
+<p>2017-09-19 Bob Friesenhahn <<a class="reference external" \
href="mailto:bfriesen%40simple.dallas.tx.us">bfriesen<span> \
4;</span>simple<span>.</span>dallas<span>.</span>tx<span>.</span>us</a>></p>
+<blockquote>
+<ul class="simple">
+<li>coders/sgi.c (ReadSGIImage): Check for EOF while reading SGI
+file header. Issue was brought to our attention by Petr Gajdos
+via email on Fri, 1 Sep 2017.</li>
+</ul>
+</blockquote>
<p>2017-09-17 Bob Friesenhahn <<a class="reference external" \
href="mailto:bfriesen%40simple.dallas.tx.us">bfriesen<span> \
4;</span>simple<span>.</span>dallas<span>.</span>tx<span>.</span>us</a>></p>
<blockquote>
<ul class="simple">
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Graphicsmagick-commit mailing list
Graphicsmagick-commit@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/graphicsmagick-commit
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic