[prev in list] [next in list] [prev in thread] [next in thread]
List: graphicsmagick-commit
Subject: [GM-commit] GraphicsMagick: MIFF and MPC, need to avoid leaking value alloca...
From: GraphicsMagick Commits <graphicsmagick-commit () lists ! sourceforge ! net>
Date: 2018-09-09 13:48:46
Message-ID: mailman.9899.1536500936.1387.graphicsmagick-commit () lists ! sourceforge ! net
[Download RAW message or body]
changeset a7cab7312da4 in /hg/GraphicsMagick
details: http://hg.GraphicsMagick.org/hg/GraphicsMagick?cmd=changeset;node=a7cab7312da4
summary: MIFF and MPC, need to avoid leaking value allocation (day-old bug). (Credit \
to OSS-Fuzz)
diffstat:
ChangeLog | 10 ++++++++++
VisualMagick/installer/inc/version.isx | 4 ++--
coders/miff.c | 12 ++++++------
coders/mpc.c | 12 ++++++------
magick/version.h | 4 ++--
www/Changelog.html | 11 +++++++++++
6 files changed, 37 insertions(+), 16 deletions(-)
diffs (149 lines):
diff -r 6a27fd297215 -r a7cab7312da4 ChangeLog
--- a/ChangeLog Sat Sep 08 13:01:01 2018 -0500
+++ b/ChangeLog Sun Sep 09 08:48:43 2018 -0500
@@ -1,3 +1,13 @@
+2018-09-09 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
+
+ * coders/miff.c (ReadMIFFImage): Fix leak of 'values' buffer due
+ to change made yesterday.
+
+ * coders/mpc.c (ReadMPCImage): Fix leak of 'values' buffer due to
+ change made yesterday. Fixes oss-fuzz 10277
+ "graphicsmagick/coder_MPC_fuzzer: Direct-leak in
+ ReadMPCImage". (Credit to OSS-Fuzz)
+
2018-09-08 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
* coders/miff.c (ReadMIFFImage): Support legacy keyword
diff -r 6a27fd297215 -r a7cab7312da4 VisualMagick/installer/inc/version.isx
--- a/VisualMagick/installer/inc/version.isx Sat Sep 08 13:01:01 2018 -0500
+++ b/VisualMagick/installer/inc/version.isx Sun Sep 09 08:48:43 2018 -0500
@@ -10,5 +10,5 @@
#define public MagickPackageName "GraphicsMagick"
#define public MagickPackageVersion "1.4"
-#define public MagickPackageVersionAddendum ".020180908"
-#define public MagickPackageReleaseDate "snapshot-20180908"
+#define public MagickPackageVersionAddendum ".020180909"
+#define public MagickPackageReleaseDate "snapshot-20180909"
diff -r 6a27fd297215 -r a7cab7312da4 coders/miff.c
--- a/coders/miff.c Sat Sep 08 13:01:01 2018 -0500
+++ b/coders/miff.c Sun Sep 09 08:48:43 2018 -0500
@@ -714,6 +714,8 @@
#define ThrowMIFFReaderException(code_,reason_,image_) \
do { \
+ MagickFreeMemory(comment); \
+ MagickFreeMemory(values); \
if (number_of_profiles > 0) \
{ \
unsigned int _index; \
@@ -794,6 +796,10 @@
unsigned int
number_of_profiles=0;
+ char
+ *comment = NULL,
+ *values = NULL;
+
#if defined(HasZLIB)
z_stream
zip_info;
@@ -839,9 +845,6 @@
if (c == '{')
{
- char
- *comment;
-
size_t
comment_length;
@@ -903,9 +906,6 @@
else
if (isalnum(c))
{
- char
- *values;
-
size_t
values_length;
diff -r 6a27fd297215 -r a7cab7312da4 coders/mpc.c
--- a/coders/mpc.c Sat Sep 08 13:01:01 2018 -0500
+++ b/coders/mpc.c Sun Sep 09 08:48:43 2018 -0500
@@ -128,6 +128,8 @@
#define ThrowMPCReaderException(code_,reason_,image_) \
do { \
+ MagickFreeMemory(comment); \
+ MagickFreeMemory(values); \
if (number_of_profiles > 0) \
{ \
unsigned int _index; \
@@ -177,6 +179,10 @@
unsigned int
number_of_profiles=0;
+ char
+ *comment = NULL,
+ *values = NULL;
+
/*
Open image file.
*/
@@ -226,9 +232,6 @@
if (c == '{')
{
- char
- *comment;
-
size_t
comment_length;
@@ -289,9 +292,6 @@
else
if (isalnum(c))
{
- char
- *values;
-
size_t
values_length;
diff -r 6a27fd297215 -r a7cab7312da4 magick/version.h
--- a/magick/version.h Sat Sep 08 13:01:01 2018 -0500
+++ b/magick/version.h Sun Sep 09 08:48:43 2018 -0500
@@ -38,8 +38,8 @@
#define MagickLibVersion 0x211801
#define MagickLibVersionText "1.4"
#define MagickLibVersionNumber 21,18,1
-#define MagickChangeDate "20180908"
-#define MagickReleaseDate "snapshot-20180908"
+#define MagickChangeDate "20180909"
+#define MagickReleaseDate "snapshot-20180909"
/*
The MagickLibInterfaceNewest and MagickLibInterfaceOldest defines
diff -r 6a27fd297215 -r a7cab7312da4 www/Changelog.html
--- a/www/Changelog.html Sat Sep 08 13:01:01 2018 -0500
+++ b/www/Changelog.html Sun Sep 09 08:48:43 2018 -0500
@@ -35,6 +35,17 @@
<div class="document">
+<p>2018-09-09 Bob Friesenhahn <<a class="reference external" \
href="mailto:bfriesen%40simple.dallas.tx.us">bfriesen<span> \
4;</span>simple<span>.</span>dallas<span>.</span>tx<span>.</span>us</a>></p>
+<blockquote>
+<ul class="simple">
+<li>coders/miff.c (ReadMIFFImage): Fix leak of 'values' buffer due
+to change made yesterday.</li>
+<li>coders/mpc.c (ReadMPCImage): Fix leak of 'values' buffer due to
+change made yesterday. Fixes oss-fuzz 10277
+"graphicsmagick/coder_MPC_fuzzer: Direct-leak in
+ReadMPCImage". (Credit to OSS-Fuzz)</li>
+</ul>
+</blockquote>
<p>2018-09-08 Bob Friesenhahn <<a class="reference external" \
href="mailto:bfriesen%40simple.dallas.tx.us">bfriesen<span> \
4;</span>simple<span>.</span>dallas<span>.</span>tx<span>.</span>us</a>></p>
<blockquote>
<ul class="simple">
_______________________________________________
Graphicsmagick-commit mailing list
Graphicsmagick-commit@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/graphicsmagick-commit
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic