+2023-04-08 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
+
+ * coders/mpc.c (ReadMPCImage): If an attribute appears multiple
+ times in the MPC header, only set it once.
+
+ * coders/miff.c (ReadMIFFImage): If an attribute appears multiple
+ times in the MIFF header, only set it once.
+
+ * magick/attribute.c (SetImageAttribute): Fix bounds issue when
+ concatenating string (SourceForge issue #706 test case 'bug11');
+
2023-01-14 Bob Friesenhahn <bfriesen@simple.dallas.tx.us>
* version.sh: Updated for 1.3.40 release.
#define ReadMIFFMaxKeyWordCount 256 /* Arbitrary limit on keywords in one MIFF frame */
+/*
+ Ignore attempts to set the same attribute multiple times.
+*/
+static MagickPassFail
+SetNewImageAttribute(Image *image,const char *key,const char *value)
+{
+ MagickPassFail
+ status;
+
+ if (GetImageAttribute(image,key) == (const ImageAttribute *) NULL)
+ status = SetImageAttribute(image,key,value);
+ else
+ status = MagickFail;
+
+ return status;
+};
+
static Image *ReadMIFFImage(const ImageInfo *image_info,
ExceptionInfo *exception)
{
image);
*p='\0';
(void) LogMagickEvent(CoderEvent,GetMagickModule(),"Comment: \"%s\"", comment);
- (void) SetImageAttribute(image,"comment",comment);
+ (void) SetNewImageAttribute(image,"comment",comment);
comment_count++;
MagickFreeResourceLimitedMemory(comment);
c=ReadBlobByte(image);
exception);
break;
}
- (void) SetImageAttribute(image,keyword,
+ (void) SetNewImageAttribute(image,keyword,
*values == '{' ? values+1 : values);
break;
}
image->columns= MagickAtoL(values);
break;
}
- (void) SetImageAttribute(image,keyword,
+ (void) SetNewImageAttribute(image,keyword,
*values == '{' ? values+1 : values);
break;
}
image->dispose=PreviousDispose;
break;
}
- (void) SetImageAttribute(image,keyword,
+ (void) SetNewImageAttribute(image,keyword,
*values == '{' ? values+1 : values);
break;
}
&image->chromaticity.green_primary.y);
break;
}
- (void) SetImageAttribute(image,keyword,
+ (void) SetNewImageAttribute(image,keyword,
*values == '{' ? values+1 : values);
break;
}
image->iterations=MagickAtoL(values);
break;
}
- (void) SetImageAttribute(image,keyword,
+ (void) SetNewImageAttribute(image,keyword,
*values == '{' ? values+1 : values);
break;
}
(void) CloneString(&image->montage,values);
break;
}
- (void) SetImageAttribute(image,keyword,
+ (void) SetNewImageAttribute(image,keyword,
*values == '{' ? values+1 : values);
break;
}
image->orientation=StringToOrientationType(values);
break;
}
- (void) SetImageAttribute(image,keyword,
+ (void) SetNewImageAttribute(image,keyword,
*values == '{' ? values+1 : values);
break;
}
number_of_profiles++;
break;
}
- (void) SetImageAttribute(image,keyword,
+ (void) SetNewImageAttribute(image,keyword,
*values == '{' ? values+1 : values);
break;
}
image->rows= MagickAtoL(values);
break;
}
- (void) SetImageAttribute(image,keyword,
+ (void) SetNewImageAttribute(image,keyword,
*values == '{' ? values+1 : values);
break;
}
image->scene=MagickAtoL(values);
break;
}
- (void) SetImageAttribute(image,keyword,
+ (void) SetNewImageAttribute(image,keyword,
*values == '{' ? values+1 : values);
break;
}
image->units=PixelsPerCentimeterResolution;
break;
}
- (void) SetImageAttribute(image,keyword,
+ (void) SetNewImageAttribute(image,keyword,
*values == '{' ? values+1 : values);
break;
}
version=MagickAtoF(values);
break;
}
- (void) SetImageAttribute(image,keyword,
+ (void) SetNewImageAttribute(image,keyword,
*values == '{' ? values+1 : values);
break;
}
&image->chromaticity.white_point.y);
break;
}
- (void) SetImageAttribute(image,keyword,
+ (void) SetNewImageAttribute(image,keyword,
*values == '{' ? values+1 : values);
break;
}
default:
{
- (void) SetImageAttribute(image,keyword,
+ (void) SetNewImageAttribute(image,keyword,
*values == '{' ? values+1 : values);
break;
}
/*
-% Copyright (C) 2003-2022 GraphicsMagick Group
+% Copyright (C) 2003-2023 GraphicsMagick Group
% Copyright (C) 2002 ImageMagick Studio
%
% This program is covered by multiple licenses, which are described in
#define ReadMPCMaxKeyWordCount 256 /* Arbitrary limit on number of keywords in MPC frame */
+/*
+ Ignore attempts to set the same attribute multiple times.
+*/
+static MagickPassFail
+SetNewImageAttribute(Image *image,const char *key,const char *value)
+{
+ MagickPassFail
+ status;
+
+ if (GetImageAttribute(image,key) == (const ImageAttribute *) NULL)
+ status = SetImageAttribute(image,key,value);
+ else
+ status = MagickFail;
+
+ return status;
+};
+
static Image *ReadMPCImage(const ImageInfo *image_info,ExceptionInfo *exception)
{
char
ThrowMPCReaderException(ResourceLimitError,MemoryAllocationFailed,
image);
*p='\0';
- (void) SetImageAttribute(image,"comment",comment);
+ (void) SetNewImageAttribute(image,"comment",comment);
comment_count++;
MagickFreeResourceLimitedMemory(comment);
c=ReadBlobByte(image);
exception);
break;
}
- (void) SetImageAttribute(image,keyword,
+ (void) SetNewImageAttribute(image,keyword,
*values == '{' ? values+1 : values);
break;
}
image->columns= MagickAtoL(values);
break;
}
- (void) SetImageAttribute(image,keyword,
+ (void) SetNewImageAttribute(image,keyword,
*values == '{' ? values+1 : values);
break;
}
image->dispose=PreviousDispose;
break;
}
- (void) SetImageAttribute(image,keyword,
+ (void) SetNewImageAttribute(image,keyword,
*values == '{' ? values+1 : values);
break;
}
image->error.mean_error_per_pixel=MagickAtoF(values);
break;
}
- (void) SetImageAttribute(image,keyword,
+ (void) SetNewImageAttribute(image,keyword,
*values == '{' ? values+1 : values);
break;
}
&image->chromaticity.green_primary.y);
break;
}
- (void) SetImageAttribute(image,keyword,
+ (void) SetNewImageAttribute(image,keyword,
*values == '{' ? values+1 : values);
break;
}
image->iterations=MagickAtoL(values);
break;
}
- (void) SetImageAttribute(image,keyword,
+ (void) SetNewImageAttribute(image,keyword,
*values == '{' ? values+1 : values);
break;
}
(void) CloneString(&image->montage,values);
break;
}
- (void) SetImageAttribute(image,keyword,
+ (void) SetNewImageAttribute(image,keyword,
*values == '{' ? values+1 : values);
break;
}
image->orientation=StringToOrientationType(values);
break;
}
- (void) SetImageAttribute(image,keyword,
+ (void) SetNewImageAttribute(image,keyword,
*values == '{' ? values+1 : values);
break;
}
number_of_profiles++;
break;
}
- (void) SetImageAttribute(image,keyword,
+ (void) SetNewImageAttribute(image,keyword,
*values == '{' ? values+1 : values);
break;
}
quantum_depth=MagickAtoL(values);
break;
}
- (void) SetImageAttribute(image,keyword,
+ (void) SetNewImageAttribute(image,keyword,
*values == '{' ? values+1 : values);
break;
}
image->rows=MagickAtoL(values);
break;
}
- (void) SetImageAttribute(image,keyword,
+ (void) SetNewImageAttribute(image,keyword,
*values == '{' ? values+1 : values);
break;
}
image->scene=MagickAtoL(values);
break;
}
- (void) SetImageAttribute(image,keyword,
+ (void) SetNewImageAttribute(image,keyword,
*values == '{' ? values+1 : values);
break;
}
image->units=PixelsPerCentimeterResolution;
break;
}
- (void) SetImageAttribute(image,keyword,
+ (void) SetNewImageAttribute(image,keyword,
*values == '{' ? values+1 : values);
break;
}
&image->chromaticity.white_point.y);
break;
}
- (void) SetImageAttribute(image,keyword,
+ (void) SetNewImageAttribute(image,keyword,
*values == '{' ? values+1 : values);
break;
}
default:
{
- (void) SetImageAttribute(image,keyword,
+ (void) SetNewImageAttribute(image,keyword,
*values == '{' ? values+1 : values);
break;
}
/*
-% Copyright (C) 2003-2022 GraphicsMagick Group
+% Copyright (C) 2003-2023 GraphicsMagick Group
% Copyright (C) 2002 ImageMagick Studio
%
% This program is covered by multiple licenses, which are described in
else
{
/*
- Extend existing text string.
+ Extend existing text string. This functionality is deprecated!
*/
min_l=p->length+attribute->length+1;
for (realloc_l=2; realloc_l <= min_l; realloc_l *= 2)
{ /* nada */};
MagickReallocMemory(char *,p->value,realloc_l);
if (p->value != (char *) NULL)
- (void) strlcat(p->value+p->length,attribute->value,min_l);
- p->length += attribute->length;
+ {
+ (void) memcpy(p->value+p->length,attribute->value,min_l-p->length-1);
+ p->length += attribute->length;
+ p->value[p->length] = '\0';
+ }
DestroyImageAttribute(attribute);
}
if (p->value != (char *) NULL)
</div>
<div class="document">
+<p>2023-04-08 Bob Friesenhahn <<a class="reference external" href="mailto:bfriesen%40simple.dallas.tx.us">bfriesen<span>@</span>simple<span>.</span>dallas<span>.</span>tx<span>.</span>us</a>></p>
+<blockquote>
+<ul class="simple">
+<li><p>coders/mpc.c (ReadMPCImage): If an attribute appears multiple
+times in the MPC header, only set it once.</p></li>
+<li><p>coders/miff.c (ReadMIFFImage): If an attribute appears multiple
+times in the MIFF header, only set it once.</p></li>
+<li><p>magick/attribute.c (SetImageAttribute): Fix bounds issue when
+concatenating string (SourceForge issue #706 test case 'bug11');</p></li>
+</ul>
+</blockquote>
<p>2023-01-14 Bob Friesenhahn <<a class="reference external" href="mailto:bfriesen%40simple.dallas.tx.us">bfriesen<span>@</span>simple<span>.</span>dallas<span>.</span>tx<span>.</span>us</a>></p>
<blockquote>
<ul class="simple">
projects / graphicsmagick.git / commitdiff