Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package ImageMagick for openSUSE:Factory
checked in at 2025-08-06 14:31:34
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/ImageMagick (Old)
and /work/SRC/openSUSE:Factory/.ImageMagick.new.1085 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "ImageMagick"
Wed Aug 6 14:31:34 2025 rev:311 rq:1297742 version:7.1.2.0
Changes:
--------
--- /work/SRC/openSUSE:Factory/ImageMagick/ImageMagick.changes 2025-07-17
17:17:06.483618605 +0200
+++ /work/SRC/openSUSE:Factory/.ImageMagick.new.1085/ImageMagick.changes
2025-08-06 14:32:14.493395899 +0200
@@ -1,0 +2,8 @@
+Tue Aug 5 10:55:19 UTC 2025 - [email protected]
+
+- added patches [bsc#1247475]
+ + ImageMagick-filename-placeholder-regression-1.patch
+ + ImageMagick-filename-placeholder-regression-2.patch
+ + ImageMagick-filename-placeholder-regression-3.patch
+
+-------------------------------------------------------------------
New:
----
ImageMagick-filename-placeholder-regression-1.patch
ImageMagick-filename-placeholder-regression-2.patch
ImageMagick-filename-placeholder-regression-3.patch
----------(New B)----------
New:- added patches [bsc#1247475]
+ ImageMagick-filename-placeholder-regression-1.patch
+ ImageMagick-filename-placeholder-regression-2.patch
New: + ImageMagick-filename-placeholder-regression-1.patch
+ ImageMagick-filename-placeholder-regression-2.patch
+ ImageMagick-filename-placeholder-regression-3.patch
New: + ImageMagick-filename-placeholder-regression-2.patch
+ ImageMagick-filename-placeholder-regression-3.patch
----------(New E)----------
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ ImageMagick.spec ++++++
--- /var/tmp/diff_new_pack.ISPtlj/_old 2025-08-06 14:32:15.633443615 +0200
+++ /var/tmp/diff_new_pack.ISPtlj/_new 2025-08-06 14:32:15.637443783 +0200
@@ -1,7 +1,8 @@
#
# spec file for package ImageMagick
#
-# Copyright (c) 2025 SUSE LLC
+# Copyright (c) 2025 SUSE LLC and contributors
+# Copyright (c) 2025 SUSE LLC and contributors
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -30,7 +31,7 @@
%define libspec -7_Q%{quantum_depth}HDRI
%define config_dir IM-7
%define test_verbose 1
-# bsc#1088463
+# bsc#1088463, https://github.com/ImageMagick/ImageMagick/issues/8261
%define urw_base35_fonts 0
# do/don't pull djvulibre dependency
%bcond_without djvu
@@ -50,6 +51,10 @@
Patch0: ImageMagick-configuration-SUSE.patch
Patch2: ImageMagick-library-installable-in-parallel.patch
Patch5: ImageMagick-s390x-disable-tests.patch
+# bsc#1247475 (https://github.com/ImageMagick/ImageMagick/issues/8261)
+Patch6: ImageMagick-filename-placeholder-regression-1.patch
+Patch7: ImageMagick-filename-placeholder-regression-2.patch
+Patch8: ImageMagick-filename-placeholder-regression-3.patch
BuildRequires: chrpath
BuildRequires: dejavu-fonts
@@ -262,6 +267,9 @@
%ifarch s390x
%patch -P 5 -p1
%endif
+%patch -P 6 -p1
+%patch -P 7 -p1
+%patch -P 8 -p1
%build
# bsc#1088463
++++++ ImageMagick-filename-placeholder-regression-1.patch ++++++
>From 82550750ec8f79393b381c3ed349dd495bbab8a7 Mon Sep 17 00:00:00 2001
From: Cristy <[email protected]>
Date: Sat, 19 Jul 2025 13:40:30 -0400
Subject: [PATCH] https://github.com/ImageMagick/ImageMagick/issues/8261
---
MagickCore/image.c | 134 +++++++++++++++++++--------------------------
1 file changed, 55 insertions(+), 79 deletions(-)
diff --git a/MagickCore/image.c b/MagickCore/image.c
index b646df17041..2f859d14208 100644
--- a/MagickCore/image.c
+++ b/MagickCore/image.c
@@ -1651,34 +1651,41 @@ MagickExport size_t InterpretImageFilename(const
ImageInfo *image_info,
ExceptionInfo *exception)
{
char
- *q;
+ *p = filename,
+ pattern[MagickPathExtent];
const char
- *p;
-
- int
- c;
-
- MagickBooleanType
- canonical;
-
- ssize_t
- offset;
+ *cursor = format;
- canonical=MagickFalse;
- offset=0;
+ /*
+ Start with a copy of the format string.
+ */
(void) CopyMagickString(filename,format,MagickPathExtent);
if (IsStringTrue(GetImageOption(image_info,"filename:literal")) !=
MagickFalse)
return(strlen(filename));
- for (p=strchr(format,'%'); p != (char *) NULL; p=strchr(p+1,'%'))
+ while ((cursor=strchr(cursor,'%')) != (const char *) NULL)
{
- q=(char *) p+1;
- if (*q == '%')
+ const char
+ *q = cursor;
+
+ ssize_t
+ offset = (ssize_t) (cursor-format);
+
+ cursor++; /* move past '%' */
+ if (*cursor == '%')
{
- p++;
+ /*
+ Escaped %%.
+ */
+ cursor++;
continue;
}
- switch (*q)
+ /*
+ Skip padding digits like %03d.
+ */
+ if (*cursor == '0')
+ (void) strtol(cursor,(char **) &cursor,10);
+ switch (*cursor)
{
case 'd':
case 'o':
@@ -1687,93 +1694,62 @@ MagickExport size_t InterpretImageFilename(const
ImageInfo *image_info,
ssize_t
count;
- q++;
- c=(*q);
- *q='\0';
- count=FormatLocaleString(filename+(p-format-offset),(size_t)
- (MagickPathExtent-(p-format-offset)),p,value);
- if ((count <= 0) || (count > (MagickPathExtent-(p-format-offset))))
+ count=FormatLocaleString(pattern,sizeof(pattern),q,value);
+ if ((count <= 0) || (count >= MagickPathExtent))
return(0);
- offset+=(ssize_t) ((q-p)-count);
- *q=(char) c;
- (void) ConcatenateMagickString(filename,q,MagickPathExtent);
- canonical=MagickTrue;
- if (*(q-1) != '%')
- break;
- p++;
+ if ((offset+count) >= MagickPathExtent)
+ return(0);
+ (void) CopyMagickString(p+offset,pattern,(size_t) (MagickPathExtent-
+ offset));
+ cursor++;
break;
}
case '[':
{
- char
- pattern[MagickPathExtent];
-
const char
- *option;
+ *end = strchr(cursor,']'),
+ *option = (const char *) NULL;
- char
- *r;
-
- ssize_t
- i;
-
- ssize_t
- depth;
+ size_t
+ extent = (size_t) (end-cursor);
/*
- Image option.
+ Handle %[key:value];
*/
- if (strchr(p,']') == (char *) NULL)
+ if (end == (const char *) NULL)
break;
- depth=1;
- r=q+1;
- for (i=0; (i < (MagickPathExtent-1L)) && (*r != '\0'); i++)
- {
- if (*r == '[')
- depth++;
- if (*r == ']')
- depth--;
- if (depth <= 0)
- break;
- pattern[i]=(*r++);
- }
- pattern[i]='\0';
- if (LocaleNCompare(pattern,"filename:",9) != 0)
+ if (extent >= sizeof(pattern))
break;
- option=(const char *) NULL;
+ (void) CopyMagickString(pattern,cursor,extent);
+ pattern[extent]='\0';
if (image != (Image *) NULL)
option=GetImageProperty(image,pattern,exception);
- if ((option == (const char *) NULL) && (image != (Image *) NULL))
+ if ((option == (const char *) NULL) && (image != (Image *)NULL))
option=GetImageArtifact(image,pattern);
if ((option == (const char *) NULL) &&
(image_info != (ImageInfo *) NULL))
option=GetImageOption(image_info,pattern);
if (option == (const char *) NULL)
break;
- q--;
- c=(*q);
- *q='\0';
- (void) CopyMagickString(filename+(p-format-offset),option,(size_t)
- (MagickPathExtent-(p-format-offset)));
- offset+=(ssize_t) strlen(pattern)-(ssize_t) strlen(option)+3;
- *q=(char) c;
- (void) ConcatenateMagickString(filename,r+1,MagickPathExtent);
- canonical=MagickTrue;
- if (*(q-1) != '%')
- break;
- p++;
+ (void) CopyMagickString(p+offset,option,(size_t) (MagickPathExtent-
+ offset));
+ cursor=end+1;
break;
}
default:
break;
}
}
- if (canonical == MagickFalse)
- (void) CopyMagickString(filename,format,MagickPathExtent);
- else
- for (q=filename; *q != '\0'; q++)
- if ((*q == '%') && (*(q+1) == '%'))
- (void) CopyMagickString(q,q+1,(size_t)
(MagickPathExtent-(q-filename)));
+ for (p=filename; *p != '\0'; )
+ {
+ /*
+ Replace "%%" with "%".
+ */
+ if ((*p == '%') && (*(p+1) == '%'))
+ (void) memmove(p,p+1,strlen(p)); /* shift left */
+ else
+ p++;
+ }
return(strlen(filename));
}
�
++++++ ImageMagick-filename-placeholder-regression-2.patch ++++++
diff --git a/MagickCore/image.c b/MagickCore/image.c
index 2f859d14208..c19ac09f2b5 100644
--- a/MagickCore/image.c
+++ b/MagickCore/image.c
@@ -1733,6 +1733,8 @@ MagickExport size_t InterpretImageFilename(const
ImageInfo *image_info,
break;
(void) CopyMagickString(p+offset,option,(size_t) (MagickPathExtent-
offset));
+ (void) ConcatenateMagickString(p+offset+strlen(option),end+1,(size_t)
+ (MagickPathExtent-offset-strlen(option)-strlen(end)-1));
cursor=end+1;
break;
}
++++++ ImageMagick-filename-placeholder-regression-3.patch ++++++
>From 6c7c8d5866b9c0ce6cc76a741e05b9482716101e Mon Sep 17 00:00:00 2001
From: Cristy <[email protected]>
Date: Sat, 19 Jul 2025 16:07:21 -0400
Subject: [PATCH] more boundary checks
---
MagickCore/image.c | 35 ++++++++++++++++++++++-------------
1 file changed, 22 insertions(+), 13 deletions(-)
diff --git a/MagickCore/image.c b/MagickCore/image.c
index c19ac09f2b5..a1283ed5f19 100644
--- a/MagickCore/image.c
+++ b/MagickCore/image.c
@@ -1660,6 +1660,8 @@ MagickExport size_t InterpretImageFilename(const
ImageInfo *image_info,
/*
Start with a copy of the format string.
*/
+ assert(format != (const char *) NULL);
+ assert(filename != (char *) NULL);
(void) CopyMagickString(filename,format,MagickPathExtent);
if (IsStringTrue(GetImageOption(image_info,"filename:literal")) !=
MagickFalse)
return(strlen(filename));
@@ -1683,7 +1685,7 @@ MagickExport size_t InterpretImageFilename(const
ImageInfo *image_info,
/*
Skip padding digits like %03d.
*/
- if (*cursor == '0')
+ if (isdigit((int) ((unsigned char) *cursor)) != 0)
(void) strtol(cursor,(char **) &cursor,10);
switch (*cursor)
{
@@ -1695,9 +1697,8 @@ MagickExport size_t InterpretImageFilename(const
ImageInfo *image_info,
count;
count=FormatLocaleString(pattern,sizeof(pattern),q,value);
- if ((count <= 0) || (count >= MagickPathExtent))
- return(0);
- if ((offset+count) >= MagickPathExtent)
+ if ((count <= 0) || (count >= MagickPathExtent) ||
+ ((offset+count) >= MagickPathExtent))
return(0);
(void) CopyMagickString(p+offset,pattern,(size_t) (MagickPathExtent-
offset));
@@ -1711,7 +1712,9 @@ MagickExport size_t InterpretImageFilename(const
ImageInfo *image_info,
*option = (const char *) NULL;
size_t
- extent = (size_t) (end-cursor);
+ extent = (size_t) (end-cursor-1),
+ option_length,
+ tail_length;
/*
Handle %[key:value];
@@ -1720,21 +1723,27 @@ MagickExport size_t InterpretImageFilename(const
ImageInfo *image_info,
break;
if (extent >= sizeof(pattern))
break;
- (void) CopyMagickString(pattern,cursor,extent);
+ (void) CopyMagickString(pattern,cursor+1,extent+1);
pattern[extent]='\0';
if (image != (Image *) NULL)
- option=GetImageProperty(image,pattern,exception);
- if ((option == (const char *) NULL) && (image != (Image *)NULL))
- option=GetImageArtifact(image,pattern);
- if ((option == (const char *) NULL) &&
+ {
+ option=GetImageProperty(image,pattern,exception);
+ if (option == (const char *) NULL)
+ option=GetImageArtifact(image,pattern);
+ }
+ if ((option == (const char *) NULL) &&
(image_info != (ImageInfo *) NULL))
option=GetImageOption(image_info,pattern);
if (option == (const char *) NULL)
break;
+ option_length=strlen(option);
+ tail_length=strlen(end+1);
+ if ((offset+option_length+tail_length+1) > MagickPathExtent)
+ return(0);
(void) CopyMagickString(p+offset,option,(size_t) (MagickPathExtent-
offset));
- (void) ConcatenateMagickString(p+offset+strlen(option),end+1,(size_t)
- (MagickPathExtent-offset-strlen(option)-strlen(end)-1));
+ (void) ConcatenateMagickString(p+offset+option_length,end+1,(size_t) (
+ MagickPathExtent-offset-option_length-tail_length-1));
cursor=end+1;
break;
}
@@ -1748,7 +1757,7 @@ MagickExport size_t InterpretImageFilename(const
ImageInfo *image_info,
Replace "%%" with "%".
*/
if ((*p == '%') && (*(p+1) == '%'))
- (void) memmove(p,p+1,strlen(p)); /* shift left */
+ (void) memmove(p,p+1,strlen(p+1)+1); /* shift left */
else
p++;
}
