Package: libmagick++5 Version: 8:6.7.7.10-3.1 Severity: important Tags: upstream patch fixed-upstream
On some PNG images, ImageMagick fails with an assertion in the read method. This happens because ImageMagick does not determine the maximum number of threads in a uniform way. In my case, this broke a django web application, so this problem could be used to conduct a DoS attack in some environments. I have reported the problem upstream at http://www.imagemagick.org/discourse-server/viewtopic.php?f=23&t=21741 It turned out that the problem has been fixed after the release that's currently in Debian wheezy. Could this problem be fixed please for wheezy? Patch extracted from upstream SVN attached. -- System Information: Debian Release: wheezy/sid APT prefers testing APT policy: (900, 'testing'), (300, 'unstable'), (1, 'experimental') Architecture: i386 (x86_64) Kernel: Linux 3.2.0-3-amd64 (SMP w/2 CPU cores) Locale: LANG=de_AT.UTF-8, LC_CTYPE=de_AT.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages libmagick++5 depends on: ii libbz2-1.0 1.0.6-4 ii libc6 2.13-35 ii libfontconfig1 2.9.0-7 ii libfreetype6 2.4.9-1 ii libgcc1 1:4.7.1-2 ii libglib2.0-0 2.32.3-1 ii libgomp1 4.7.1-2 ii libice6 2:1.0.8-2 ii libjpeg8 8d-1 ii liblcms2-2 2.2+git20110628-2.2 ii liblqr-1-0 0.4.1-2 ii libltdl7 2.4.2-1.1 ii liblzma5 5.1.1alpha+20120614-1 ii libmagickcore5 8:6.7.7.10-3.1 ii libmagickwand5 8:6.7.7.10-3.1 ii libsm6 2:1.2.1-2 ii libstdc++6 4.7.1-2 ii libtiff4 3.9.6-7 ii libx11-6 2:1.5.0-1 ii libxext6 2:1.3.1-2 ii libxt6 1:1.1.3-1 ii multiarch-support 2.13-35 ii zlib1g 1:1.2.7.dfsg-13 libmagick++5 recommends no packages. libmagick++5 suggests no packages. -- no debconf information
Descripton: Cache-View: Fix number_threads value to prevent failing assertion number_threads was initialized to the wrong value as IM sometimes uses the OpenMP num_thread clause to set a thread number that could be higher than what OpenMP reports as the default maximum thread number. So number_threads could be smaller in some cases than a particular thread id, which caused the corresponding assertion to fail. This patch changes the initialization of number_threads to the function that's also used to determine the argument to the num_threads clause. Author: cristy Origin: upstream, http://trac.imagemagick.org/changeset?reponame=&new=8762%40ImageMagick%2Ftrunk%2FMagickCore%2Fcache-view.c&old=8759%40ImageMagick%2Ftrunk%2FMagickCore%2Fcache-view.c --- imagemagick-6.7.7.10.orig/magick/cache-view.c +++ imagemagick-6.7.7.10/magick/cache-view.c @@ -170,7 +170,7 @@ MagickExport CacheView *AcquireVirtualCa ThrowFatalException(ResourceLimitFatalError,"MemoryAllocationFailed"); (void) ResetMagickMemory(cache_view,0,sizeof(*cache_view)); cache_view->image=ReferenceImage((Image *) image); - cache_view->number_threads=GetOpenMPMaximumThreads(); + cache_view->number_threads=GetMagickResourceLimit(ThreadResource); cache_view->nexus_info=AcquirePixelCacheNexus(cache_view->number_threads); cache_view->virtual_pixel_method=GetImageVirtualPixelMethod(image); cache_view->debug=IsEventLogging();
