packages/ImageMagick
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix CVE-2021-20241 CVE-2021-20243

Browse Source
This commit is contained in:
wangxiao65 2021-03-16 09:08:08 +08:00
parent 1e8478ee6d
commit 0fd5083b26
2 changed files with 69 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

64
CVE-2021-20241-CVE-2021-20243.patch Normal file
View File

@ -0,0 +1,64 @@
From 53cb91b3e7bf95d0e372cbc745e0055ac6054745 Mon Sep 17 00:00:00 2001
From: Cristy <mikayla-grace@urban-warrior.org>
Date: Wed, 3 Feb 2021 15:30:39 -0500
Subject: [PATCH] https://github.com/ImageMagick/ImageMagick/pull/3177
---
coders/dcm.c | 12 ++++++------
coders/jp2.c | 6 ++++--
magick/resize.c | 2 +-
3 files changed, 11 insertions(+), 9 deletions(-)
diff --git a/coders/dcm.c b/coders/dcm.c
index d274ad54c..29eed9618 100644
--- a/coders/dcm.c
+++ b/coders/dcm.c
@@ -2982,12 +2982,12 @@ static MagickBooleanType ReadDCMPixels(Image *image,DCMInfo *info,
}
else
{
- SetPixelRed(q,(((size_t) pixel.red) |
- (((size_t) GetPixelRed(q)) << 8)));
- SetPixelGreen(q,(((size_t) pixel.green) |
- (((size_t) GetPixelGreen(q)) << 8)));
- SetPixelBlue(q,(((size_t) pixel.blue) |
- (((size_t) GetPixelBlue(q)) << 8)));
+ SetPixelRed(q,(Quantum) (((ssize_t) pixel.red) |
+ (((ssize_t) GetPixelRed(q)) << 8)));
+ SetPixelGreen(q,(Quantum) (((ssize_t) pixel.green) |
+ (((ssize_t) GetPixelGreen(q)) << 8)));
+ SetPixelBlue(q,(Quantum) (((ssize_t) pixel.blue) |
+ (((ssize_t) GetPixelBlue(q)) << 8)));
}
q++;
}
diff --git a/coders/jp2.c b/coders/jp2.c
index 0354f8298..7dd0f1332 100644
--- a/coders/jp2.c
+++ b/coders/jp2.c
@@ -1047,8 +1047,10 @@ static MagickBooleanType WriteJP2Image(const ImageInfo *image_info,Image *image)
scale=(double) (((size_t) 1UL << jp2_image->comps[i].prec)-1)/
QuantumRange;
- q=jp2_image->comps[i].data+(y/jp2_image->comps[i].dy*
- image->columns/jp2_image->comps[i].dx+x/jp2_image->comps[i].dx);
+ q=jp2_image->comps[i].data+(ssize_t) (y*PerceptibleReciprocal(
+ jp2_image->comps[i].dy)*image->columns*PerceptibleReciprocal(
+ jp2_image->comps[i].dx)+x*PerceptibleReciprocal(
+ jp2_image->comps[i].dx));
switch (i)
{
case 0:
diff --git a/magick/resize.c b/magick/resize.c
index fe662c144..1f3e16928 100644
--- a/magick/resize.c
+++ b/magick/resize.c
@@ -1612,7 +1612,7 @@ MagickExport MagickRealType GetResizeFilterWeight(
*/
assert(resize_filter != (ResizeFilter *) NULL);
assert(resize_filter->signature == MagickCoreSignature);
- x_blur=fabs((double) x)/resize_filter->blur; /* X offset with blur scaling */
+ x_blur=fabs((double) x)*PerceptibleReciprocal(resize_filter->blur); /* X offset with blur scaling */
if ((resize_filter->window_support < MagickEpsilon) ||
(resize_filter->window == Box))
scale=1.0; /* Point or Box Filter -- avoid division by zero */

6
ImageMagick.spec
View File

@ -1,7 +1,7 @@
Name: ImageMagick
Epoch: 1
Version: 6.9.10.67
Release: 15
Release: 16
Summary: Create, edit, compose, or convert bitmap images
License: ImageMagick and MIT
Url: http://www.imagemagick.org/
@ -41,6 +41,7 @@ Patch0031: CVE-2020-27768.patch
Patch0032: CVE-2020-27750.patch
Patch0033: CVE-2020-25665.patch
Patch0034: CVE-2020-25674.patch
Patch0035: CVE-2021-20241-CVE-2021-20243.patch
BuildRequires: bzip2-devel freetype-devel libjpeg-devel libpng-devel perl-generators
BuildRequires: libtiff-devel giflib-devel zlib-devel perl-devel >= 5.8.1 jbigkit-devel
@ -197,6 +198,9 @@ rm PerlMagick/demo/Generic.ttf
%{_libdir}/pkgconfig/ImageMagick++*
%changelog
* Tue Mar 16 2021 wangxiao <wangxiao65@huawei.com> - 6.9.10.67-16
- Fix CVE-2021-20241 CVE-2021-20243
* Mon Mar 8 2021 zhanghua <zhanghua40@huawei.com> - 6.9.10.67-15
- Fix CVE-2020-27750 CVE-2020-25665 CVE-2020-25674