File ImageMagick-CVE-2018-16329.patch of Package ImageMagick
Index: ImageMagick-6.8.8-1/magick/property.c
===================================================================
--- ImageMagick-6.8.8-1.orig/magick/property.c 2018-09-03 15:43:42.918380405 +0200
+++ ImageMagick-6.8.8-1/magick/property.c 2018-09-03 15:43:45.874395798 +0200
@@ -2236,6 +2236,16 @@ MagickExport const char *GetImagePropert
% o key: the key.
%
*/
+
+#define WarnNoImageReturn(format,arg) \
+ if (image == (Image *) NULL ) { \
+ return((const char *) NULL); \
+ }
+#define WarnNoImageInfoReturn(format,arg) \
+ if (image_info == (ImageInfo *) NULL ) { \
+ return((const char *) NULL); \
+ }
+
static const char *GetMagickPropertyLetter(const ImageInfo *image_info,
Image *image,const char letter)
{
@@ -2253,6 +2263,7 @@ static const char *GetMagickPropertyLett
{
case 'b': /* image size read in - in bytes */
{
+ WarnNoImageReturn("\"%%%c\"",letter);
(void) FormatLocaleString(value,MaxTextExtent,"%.20g",(double)
((MagickOffsetType) image->extent));
if (image->extent != (MagickSizeType) ((size_t) image->extent))
@@ -2262,6 +2273,7 @@ static const char *GetMagickPropertyLett
}
case 'c': /* image comment property - empty string by default */
{
+ WarnNoImageReturn("\"%%%c\"",letter);
string=GetImageProperty(image,"comment");
if (string == (const char *) NULL)
string="";
@@ -2269,21 +2281,25 @@ static const char *GetMagickPropertyLett
}
case 'd': /* Directory component of filename */
{
+ WarnNoImageReturn("\"%%%c\"",letter);
GetPathComponent(image->magick_filename,HeadPath,value);
break;
}
case 'e': /* Filename extension (suffix) of image file */
{
+ WarnNoImageReturn("\"%%%c\"",letter);
GetPathComponent(image->magick_filename,ExtensionPath,value);
break;
}
case 'f': /* Filename without directory component */
{
+ WarnNoImageReturn("\"%%%c\"",letter);
GetPathComponent(image->magick_filename,TailPath,value);
break;
}
case 'g': /* Image geometry, canvas and offset %Wx%H+%X+%Y */
{
+ WarnNoImageReturn("\"%%%c\"",letter);
(void) FormatLocaleString(value,MaxTextExtent,"%.20gx%.20g%+.20g%+.20g",
(double) image->page.width,(double) image->page.height,
(double) image->page.x,(double) image->page.y);
@@ -2291,17 +2307,20 @@ static const char *GetMagickPropertyLett
}
case 'h': /* Image height (current) */
{
+ WarnNoImageReturn("\"%%%c\"",letter);
(void) FormatLocaleString(value,MaxTextExtent,"%.20g",(double)
(image->rows != 0 ? image->rows : image->magick_rows));
break;
}
case 'i': /* Filename last used for image (read or write) */
{
+ WarnNoImageReturn("\"%%%c\"",letter);
string=image->filename;
break;
}
case 'k': /* Number of unique colors */
{
+ WarnNoImageReturn("\"%%%c\"",letter);
/* FUTURE: ensure this does not generate the formated comment! */
(void) FormatLocaleString(value,MaxTextExtent,"%.20g",(double)
GetNumberColors(image,(FILE *) NULL,&image->exception));
@@ -2309,6 +2328,7 @@ static const char *GetMagickPropertyLett
}
case 'l': /* Image label property - empty string by default */
{
+ WarnNoImageReturn("\"%%%c\"",letter);
string=GetImageProperty(image,"label");
if (string == (const char *) NULL)
string="";
@@ -2316,28 +2336,33 @@ static const char *GetMagickPropertyLett
}
case 'm': /* Image format (file magick) */
{
+ WarnNoImageReturn("\"%%%c\"",letter);
string=image->magick;
break;
}
case 'n': /* Number of images in the list. */
{
+ WarnNoImageReturn("\"%%%c\"",letter);
(void) FormatLocaleString(value,MaxTextExtent,"%.20g",(double)
GetImageListLength(image));
break;
}
case 'o': /* Output Filename - for delegate use only */
{
+ WarnNoImageInfoReturn("\"%%%c\"",letter);
string=image_info->filename;
break;
}
case 'p': /* Image index in current image list -- As 'n' OBSOLETE */
{
+ WarnNoImageReturn("\"%%%c\"",letter);
(void) FormatLocaleString(value,MaxTextExtent,"%.20g",(double)
GetImageIndexInList(image));
break;
}
case 'q': /* Quantum depth of image in memory */
{
+ WarnNoImageReturn("\"%%%c\"",letter);
(void) FormatLocaleString(value,MaxTextExtent,"%.20g",(double)
MAGICKCORE_QUANTUM_DEPTH);
break;
@@ -2347,6 +2372,7 @@ static const char *GetMagickPropertyLett
ColorspaceType
colorspace;
+ WarnNoImageReturn("\"%%%c\"",letter);
colorspace=image->colorspace;
if (IsGrayImage(image,&image->exception) != MagickFalse)
colorspace=GRAYColorspace;
@@ -2358,56 +2384,61 @@ static const char *GetMagickPropertyLett
}
case 's': /* Image scene number */
{
- if (image_info->number_scenes != 0)
- (void) FormatLocaleString(value,MaxTextExtent,"%.20g",(double)
- image_info->scene);
- else
- (void) FormatLocaleString(value,MaxTextExtent,"%.20g",(double)
- image->scene);
+ WarnNoImageReturn("\"%%%c\"",letter);
+ (void) FormatLocaleString(value,MaxTextExtent,"%.20g",(double)
+ image->scene);
break;
}
case 't': /* Base filename without directory or extention */
{
+ WarnNoImageInfoReturn("\"%%%c\"",letter);
GetPathComponent(image->magick_filename,BasePath,value);
break;
}
case 'u': /* Unique filename */
{
+ WarnNoImageInfoReturn("\"%%%c\"",letter);
string=image_info->unique;
break;
}
case 'w': /* Image width (current) */
{
+ WarnNoImageReturn("\"%%%c\"",letter);
(void) FormatLocaleString(value,MaxTextExtent,"%.20g",(double)
(image->columns != 0 ? image->columns : image->magick_columns));
break;
}
case 'x': /* Image horizontal resolution */
{
+ WarnNoImageReturn("\"%%%c\"",letter);
(void) FormatLocaleString(value,MaxTextExtent,"%.20g",
fabs(image->x_resolution) > MagickEpsilon ? image->x_resolution : 72.0);
break;
}
case 'y': /* Image vertical resolution */
{
+ WarnNoImageReturn("\"%%%c\"",letter);
(void) FormatLocaleString(value,MaxTextExtent,"%.20g",
fabs(image->y_resolution) > MagickEpsilon ? image->y_resolution : 72.0);
break;
}
case 'z': /* Image depth as read in */
{
+ WarnNoImageReturn("\"%%%c\"",letter);
(void) FormatLocaleString(value,MaxTextExtent,"%.20g",(double)
image->depth);
break;
}
case 'A': /* Image alpha channel */
{
+ WarnNoImageReturn("\"%%%c\"",letter);
(void) FormatLocaleString(value,MaxTextExtent,"%s",
CommandOptionToMnemonic(MagickBooleanOptions,(ssize_t) image->matte));
break;
}
case 'C': /* Image compression method. */
{
+ WarnNoImageReturn("\"%%%c\"",letter);
(void) FormatLocaleString(value,MaxTextExtent,"%s",
CommandOptionToMnemonic(MagickCompressOptions,(ssize_t)
image->compression));
@@ -2415,47 +2446,55 @@ static const char *GetMagickPropertyLett
}
case 'D': /* Image dispose method. */
{
+ WarnNoImageReturn("\"%%%c\"",letter);
(void) FormatLocaleString(value,MaxTextExtent,"%s",
CommandOptionToMnemonic(MagickDisposeOptions,(ssize_t) image->dispose));
break;
}
case 'G': /* Image size as geometry = "%wx%h" */
{
+ WarnNoImageReturn("\"%%%c\"",letter);
(void) FormatLocaleString(value,MaxTextExtent,"%.20gx%.20g",(double)
image->magick_columns,(double) image->magick_rows);
break;
}
case 'H': /* layer canvas height */
{
+ WarnNoImageReturn("\"%%%c\"",letter);
(void) FormatLocaleString(value,MaxTextExtent,"%.20g",(double)
image->page.height);
break;
}
case 'M': /* Magick filename - filename given incl. coder & read mods */
{
+ WarnNoImageReturn("\"%%%c\"",letter);
string=image->magick_filename;
break;
}
case 'O': /* layer canvas offset with sign = "+%X+%Y" */
{
+ WarnNoImageReturn("\"%%%c\"",letter);
(void) FormatLocaleString(value,MaxTextExtent,"%+ld%+ld",(long)
image->page.x,(long) image->page.y);
break;
}
case 'P': /* layer canvas page size = "%Wx%H" */
{
+ WarnNoImageReturn("\"%%%c\"",letter);
(void) FormatLocaleString(value,MaxTextExtent,"%.20gx%.20g",(double)
image->page.width,(double) image->page.height);
break;
}
case 'Q': /* image compression quality */
{
+ WarnNoImageReturn("\"%%%c\"",letter);
(void) FormatLocaleString(value,MaxTextExtent,"%.20g",(double)
(image->quality == 0 ? 92 : image->quality));
break;
}
case 'S': /* Image scenes ???? */
{
+ WarnNoImageInfoReturn("\"%%%c\"",letter);
if (image_info->number_scenes == 0)
string="2147483647";
else
@@ -2465,12 +2504,14 @@ static const char *GetMagickPropertyLett
}
case 'T': /* image time delay for animations */
{
+ WarnNoImageReturn("\"%%%c\"",letter);
(void) FormatLocaleString(value,MaxTextExtent,"%.20g",(double)
image->delay);
break;
}
case 'U': /* Image resolution units. */
{
+ WarnNoImageReturn("\"%%%c\"",letter);
(void) FormatLocaleString(value,MaxTextExtent,"%s",
CommandOptionToMnemonic(MagickResolutionOptions,(ssize_t)
image->units));
@@ -2478,24 +2519,28 @@ static const char *GetMagickPropertyLett
}
case 'W': /* layer canvas width */
{
+ WarnNoImageReturn("\"%%%c\"",letter);
(void) FormatLocaleString(value,MaxTextExtent,"%.20g",(double)
image->page.width);
break;
}
case 'X': /* layer canvas X offset */
{
+ WarnNoImageReturn("\"%%%c\"",letter);
(void) FormatLocaleString(value,MaxTextExtent,"%+.20g",(double)
image->page.x);
break;
}
case 'Y': /* layer canvas Y offset */
{
+ WarnNoImageReturn("\"%%%c\"",letter);
(void) FormatLocaleString(value,MaxTextExtent,"%+.20g",(double)
image->page.y);
break;
}
case 'Z': /* Zero filename ??? */
{
+ WarnNoImageInfoReturn("\"%%%c\"",letter);
string=image_info->zero;
break;
}
@@ -2504,6 +2549,7 @@ static const char *GetMagickPropertyLett
RectangleInfo
page;
+ WarnNoImageReturn("\"%%%c\"",letter);
page=GetImageBoundingBox(image,&image->exception);
(void) FormatLocaleString(value,MaxTextExtent,"%.20gx%.20g%+.20g%+.20g",
(double) page.width,(double) page.height,(double) page.x,(double)
@@ -2512,6 +2558,7 @@ static const char *GetMagickPropertyLett
}
case '#': /* Image signature */
{
+ WarnNoImageReturn("\"%%%c\"",letter);
(void) SignatureImage(image);
string=GetImageProperty(image,"signature");
break;
@@ -2526,6 +2573,7 @@ static const char *GetMagickPropertyLett
string=value;
if (string != (char *) NULL)
{
+ WarnNoImageReturn("\"%%%c\"",letter);
(void) SetImageArtifact(image,"get-property",string);
return(GetImageArtifact(image,"get-property"));
}
@@ -2542,6 +2590,7 @@ MagickExport const char *GetMagickProper
*string;
assert(property[0] != '\0');
+ assert(image != (Image *) NULL || image_info != (ImageInfo *) NULL );
if (property[1] == '\0') /* single letter property request */
return(GetMagickPropertyLetter(image_info,image,*property));
*value='\0'; /* formatted string */
@@ -2553,11 +2602,13 @@ MagickExport const char *GetMagickProper
if ((LocaleCompare("base",property) == 0) ||
(LocaleCompare("basename",property) == 0) )
{
+ WarnNoImageReturn("\"%%[%s]\"",property);
GetPathComponent(image->magick_filename,BasePath,value);
break;
}
if (LocaleCompare("bit-depth",property) == 0)
{
+ WarnNoImageReturn("\"%%[%s]\"",property);
(void) FormatLocaleString(value,MaxTextExtent,"%.20g",(double)
GetImageDepth(image, &image->exception));
break;
@@ -2571,6 +2622,7 @@ MagickExport const char *GetMagickProper
/*
Image channels.
*/
+ WarnNoImageReturn("\"%%[%s]\"",property);
(void) FormatLocaleString(value,MaxTextExtent,"%s",
CommandOptionToMnemonic(MagickColorspaceOptions,(ssize_t)
image->colorspace));
@@ -2584,6 +2636,7 @@ MagickExport const char *GetMagickProper
/*
Image storage class and colorspace.
*/
+ WarnNoImageReturn("\"%%[%s]\"",property);
string=CommandOptionToMnemonic(MagickColorspaceOptions,(ssize_t)
image->colorspace);
break;
@@ -2599,12 +2652,14 @@ MagickExport const char *GetMagickProper
{
if (LocaleCompare("depth",property) == 0)
{
+ WarnNoImageReturn("\"%%[%s]\"",property);
(void) FormatLocaleString(value,MaxTextExtent,"%.20g",(double)
image->depth);
break;
}
if (LocaleCompare("directory",property) == 0)
{
+ WarnNoImageReturn("\"%%[%s]\"",property);
GetPathComponent(image->magick_filename,HeadPath,value);
break;
}
@@ -2614,6 +2669,7 @@ MagickExport const char *GetMagickProper
{
if (LocaleCompare("extension",property) == 0)
{
+ WarnNoImageReturn("\"%%[%s]\"",property);
GetPathComponent(image->magick_filename,ExtensionPath,value);
break;
}
@@ -2623,6 +2679,7 @@ MagickExport const char *GetMagickProper
{
if (LocaleCompare("gamma",property) == 0)
{
+ WarnNoImageReturn("\"%%[%s]\"",property);
(void) FormatLocaleString(value,MaxTextExtent,"%.*g",
GetMagickPrecision(),image->gamma);
break;
@@ -2630,6 +2687,7 @@ MagickExport const char *GetMagickProper
if ((image_info != (ImageInfo *) NULL) &&
(LocaleCompare("group",property) == 0))
{
+ WarnNoImageInfoReturn("\"%%%c\"",property);
(void) FormatLocaleString(value,MaxTextExtent,"0x%lx",(unsigned long)
image_info->group);
break;
@@ -2640,6 +2698,7 @@ MagickExport const char *GetMagickProper
{
if (LocaleCompare("height",property) == 0)
{
+ WarnNoImageReturn("\"%%[%s]\"",property);
(void) FormatLocaleString(value,MaxTextExtent,"%.20g",
image->magick_rows != 0 ? (double) image->magick_rows : 256.0);
break;
@@ -2650,6 +2709,7 @@ MagickExport const char *GetMagickProper
{
if (LocaleCompare("input",property) == 0)
{
+ WarnNoImageReturn("\"%%[%s]\"",property);
string=image->filename;
break;
}
@@ -2663,6 +2723,7 @@ MagickExport const char *GetMagickProper
kurtosis,
skewness;
+ WarnNoImageReturn("\"%%[%s]\"",property);
(void) GetImageChannelKurtosis(image,image_info->channel,&kurtosis,
&skewness,&image->exception);
(void) FormatLocaleString(value,MaxTextExtent,"%.*g",
@@ -2675,6 +2736,7 @@ MagickExport const char *GetMagickProper
{
if (LocaleCompare("magick",property) == 0)
{
+ WarnNoImageReturn("\"%%[%s]\"",property);
string=image->magick;
break;
}
@@ -2685,6 +2747,7 @@ MagickExport const char *GetMagickProper
maximum,
minimum;
+ WarnNoImageReturn("\"%%[%s]\"",property);
(void) GetImageChannelRange(image,image_info->channel,&minimum,
&maximum,&image->exception);
(void) FormatLocaleString(value,MaxTextExtent,"%.*g",
@@ -2697,6 +2760,7 @@ MagickExport const char *GetMagickProper
mean,
standard_deviation;
+ WarnNoImageReturn("\"%%[%s]\"",property);
(void) GetImageChannelMean(image,image_info->channel,&mean,
&standard_deviation,&image->exception);
(void) FormatLocaleString(value,MaxTextExtent,"%.*g",
@@ -2710,6 +2774,7 @@ MagickExport const char *GetMagickProper
maximum,
minimum;
+ WarnNoImageReturn("\"%%[%s]\"",property);
(void) GetImageChannelRange(image,image_info->channel,&minimum,
&maximum,&image->exception);
(void) FormatLocaleString(value,MaxTextExtent,"%.*g",
@@ -2725,6 +2790,7 @@ MagickExport const char *GetMagickProper
MagickBooleanType
opaque;
+ WarnNoImageReturn("\"%%[%s]\"",property);
opaque=IsOpaqueImage(image,&image->exception);
(void) CopyMagickString(value,opaque != MagickFalse ? "true" :
"false",MaxTextExtent);
@@ -2732,6 +2798,7 @@ MagickExport const char *GetMagickProper
}
if (LocaleCompare("orientation",property) == 0)
{
+ WarnNoImageReturn("\"%%[%s]\"",property);
string=CommandOptionToMnemonic(MagickOrientationOptions,(ssize_t)
image->orientation);
break;
@@ -2739,6 +2806,7 @@ MagickExport const char *GetMagickProper
if ((image_info != (ImageInfo *) NULL) &&
(LocaleCompare("output",property) == 0))
{
+ WarnNoImageInfoReturn("\"%%%c\"",property);
(void) CopyMagickString(value,image_info->filename,MaxTextExtent);
break;
}
@@ -2748,6 +2816,7 @@ MagickExport const char *GetMagickProper
{
if (LocaleCompare("page",property) == 0)
{
+ WarnNoImageReturn("\"%%%c\"",property);
(void) FormatLocaleString(value,MaxTextExtent,"%.20g",(double)
GetImageIndexInList(image)+1);
break;
@@ -2766,6 +2835,7 @@ MagickExport const char *GetMagickProper
cmsHPROFILE
icc_profile;
+ WarnNoImageReturn("\"%%%c\"",property);
profile=GetImageProfile(image,property+8);
if (profile == (StringInfo *) NULL)
break;
@@ -2789,6 +2859,7 @@ MagickExport const char *GetMagickProper
const char
*name;
+ WarnNoImageReturn("\"%%%c\"",property);
ResetImageProfileIterator(image);
name=GetNextImageProfile(image);
if (name != (char *) NULL)
@@ -2810,12 +2881,14 @@ MagickExport const char *GetMagickProper
{
if (LocaleCompare("resolution.x",property) == 0)
{
+ WarnNoImageReturn("\"%%[%s]\"",property);
(void) FormatLocaleString(value,MaxTextExtent,"%g",
image->x_resolution);
break;
}
if (LocaleCompare("resolution.y",property) == 0)
{
+ WarnNoImageReturn("\"%%[%s]\"",property);
(void) FormatLocaleString(value,MaxTextExtent,"%g",
image->y_resolution);
break;
@@ -2831,12 +2904,16 @@ MagickExport const char *GetMagickProper
(void) FormatLocaleString(value,MaxTextExtent,"%.20g",(double)
image_info->scene);
else
+ {
+ WarnNoImageReturn("\"%%[%s]\"",property);
(void) FormatLocaleString(value,MaxTextExtent,"%.20g",(double)
image->scene);
+ }
break;
}
if (LocaleCompare("scenes",property) == 0)
{
+ WarnNoImageReturn("\"%%[%s]\"",property);
(void) FormatLocaleString(value,MaxTextExtent,"%.20g",(double)
GetImageListLength(image));
break;
@@ -2846,6 +2923,7 @@ MagickExport const char *GetMagickProper
char
format[MaxTextExtent];
+ WarnNoImageReturn("\"%%[%s]\"",property);
(void) FormatMagickSize(GetBlobSize(image),MagickFalse,format);
(void) FormatLocaleString(value,MaxTextExtent,"%sB",format);
break;
@@ -2856,6 +2934,8 @@ MagickExport const char *GetMagickProper
kurtosis,
skewness;
+ WarnNoImageReturn("\"%%[%s]\"",property);
+ WarnNoImageInfoReturn("\"%%[%s]\"",property);
(void) GetImageChannelKurtosis(image,image_info->channel,&kurtosis,
&skewness,&image->exception);
(void) FormatLocaleString(value,MaxTextExtent,"%.*g",
@@ -2869,6 +2949,8 @@ MagickExport const char *GetMagickProper
mean,
standard_deviation;
+ WarnNoImageReturn("\"%%[%s]\"",property);
+ WarnNoImageInfoReturn("\"%%[%s]\"",property);
(void) GetImageChannelMean(image,image_info->channel,&mean,
&standard_deviation,&image->exception);
(void) FormatLocaleString(value,MaxTextExtent,"%.*g",
@@ -2881,6 +2963,7 @@ MagickExport const char *GetMagickProper
{
if (LocaleCompare("type",property) == 0)
{
+ WarnNoImageReturn("\"%%[%s]\"",property);
string=CommandOptionToMnemonic(MagickTypeOptions,(ssize_t)
GetImageType(image,&image->exception));
break;
@@ -2892,6 +2975,7 @@ MagickExport const char *GetMagickProper
if ((image_info != (ImageInfo *) NULL) &&
(LocaleCompare("unique",property) == 0))
{
+ WarnNoImageInfoReturn("\"%%[%s]\"",property);
string=image_info->unique;
break;
}
@@ -2900,6 +2984,7 @@ MagickExport const char *GetMagickProper
/*
Image resolution units.
*/
+ WarnNoImageReturn("\"%%[%s]\"",property);
string=CommandOptionToMnemonic(MagickResolutionOptions,(ssize_t)
image->units);
break;
@@ -2919,6 +3004,7 @@ MagickExport const char *GetMagickProper
{
if (LocaleCompare("width",property) == 0)
{
+ WarnNoImageReturn("\"%%[%s]\"",property);
(void) FormatLocaleString(value,MaxTextExtent,"%.20g",(double)
(image->magick_columns != 0 ? image->magick_columns : 256));
break;
@@ -2930,6 +3016,7 @@ MagickExport const char *GetMagickProper
if ((LocaleCompare("xresolution",property) == 0) ||
(LocaleCompare("x-resolution",property) == 0) )
{
+ WarnNoImageReturn("\"%%[%s]\"",property);
(void) FormatLocaleString(value,MaxTextExtent,"%.20g",
image->x_resolution);
break;
@@ -2941,6 +3028,7 @@ MagickExport const char *GetMagickProper
if ((LocaleCompare("yresolution",property) == 0) ||
(LocaleCompare("y-resolution",property) == 0) )
{
+ WarnNoImageReturn("\"%%[%s]\"",property);
(void) FormatLocaleString(value,MaxTextExtent,"%.20g",
image->y_resolution);
break;
@@ -2952,6 +3040,7 @@ MagickExport const char *GetMagickProper
if ((image_info != (ImageInfo *) NULL) &&
(LocaleCompare("zero",property) == 0))
{
+ WarnNoImageInfoReturn("\"%%[%s]\"",property);
string=image_info->zero;
break;
}
@@ -2962,6 +3051,7 @@ MagickExport const char *GetMagickProper
string=value;
if (string != (char *) NULL)
{
+ WarnNoImageInfoReturn("\"%%[%s]\"",property);
(void) SetImageArtifact(image,"get-property", string);
return(GetImageArtifact(image,"get-property"));
}
