Hello.
In coders/gif.c (trunk), line 1140, memory is allocated for the gif
profile. Then it is resized, but never freed.
Also, handling of the "8bim" profile just below that is questionable.
Namely, the string "8bim" is copied to name just to be overwritten by
the generic fallback.
Patch for both issues is below.
--- coders/gif.c
+++ coders/gif.c
@@ -1153,15 +1153,15 @@
SetStringInfoDatum(profile,(const unsigned char *) info);
if (i8bim == MagickTrue)
(void) CopyMagickString(name,"8bim",sizeof(name));
- if (icc == MagickTrue)
+ else if (icc == MagickTrue)
(void) CopyMagickString(name,"icc",sizeof(name));
+ else if (iptc == MagickTrue)
+ (void) CopyMagickString(name,"iptc",sizeof(name));
else
- if (iptc == MagickTrue)
- (void) CopyMagickString(name,"iptc",sizeof(name));
- else
- (void) FormatMagickString(name,sizeof(name),"gif:%.11s",
+ (void) FormatMagickString(name,sizeof(name),"gif:%.11s",
header);
(void) SetImageProfile(image,name,profile);
+ info=RelinquishMagickMemory(info);
profile=DestroyStringInfo(profile);
(void) LogMagickEvent(CoderEvent,GetMagickModule(),
" profile name=%s",name);
--
Alexander E. Patrakov
_______________________________________________
Magick-developers mailing list
Magick-developers@imagemagick.org
http://studio.imagemagick.org/mailman/listinfo/magick-developers
