139 lines
5.1 KiB
Diff
139 lines
5.1 KiB
Diff
From d31c80d15a2c82fc1dd8e889e0f97b0219079a57 Mon Sep 17 00:00:00 2001
|
|
From: Dirk Lemstra <dirk@lemstra.org>
|
|
Date: Wed, 17 May 2023 23:33:30 +0200
|
|
Subject: [PATCH] Make sure options are properly quoted to resolve the issue
|
|
reported in #6338.
|
|
|
|
Link: https://github.com/ImageMagick/ImageMagick/commit/d31c80d15a2c82fc1dd8e889e0f97b0219079a57
|
|
|
|
---
|
|
MagickCore/delegate-private.h | 19 +++++++++++++++++++
|
|
coders/pdf.c | 14 +++-----------
|
|
coders/video.c | 24 ++++++++----------------
|
|
3 files changed, 30 insertions(+), 27 deletions(-)
|
|
|
|
diff --git a/MagickCore/delegate-private.h b/MagickCore/delegate-private.h
|
|
index 2851316dd6..2d9a8d42ac 100644
|
|
--- a/MagickCore/delegate-private.h
|
|
+++ b/MagickCore/delegate-private.h
|
|
@@ -18,6 +18,7 @@
|
|
#ifndef MAGICKCORE_DELEGATE_PRIVATE_H
|
|
#define MAGICKCORE_DELEGATE_PRIVATE_H
|
|
|
|
+#include "MagickCore/locale_.h"
|
|
#include "MagickCore/string_.h"
|
|
|
|
#if defined(MAGICKCORE_GS_DELEGATE)
|
|
@@ -110,6 +111,24 @@ static inline char *SanitizeDelegateString(const char *source)
|
|
return(sanitize_source);
|
|
}
|
|
|
|
+static inline void FormatSanitizedDelegateOption(char *string,
|
|
+ const size_t length,const char *windows_format,
|
|
+ const char *non_windows_format,const char *option)
|
|
+{
|
|
+ char
|
|
+ *sanitized_option;
|
|
+
|
|
+ sanitized_option=SanitizeDelegateString(option);
|
|
+#if defined(MAGICKCORE_WINDOWS_SUPPORT)
|
|
+ magick_unreferenced(non_windows_format);
|
|
+ (void) FormatLocaleString(string,length,windows_format,sanitized_option);
|
|
+#else
|
|
+ magick_unreferenced(windows_format);
|
|
+ (void) FormatLocaleString(string,length,non_windows_format,sanitized_option);
|
|
+#endif
|
|
+ sanitized_option=DestroyString(sanitized_option);
|
|
+}
|
|
+
|
|
extern MagickPrivate MagickBooleanType
|
|
DelegateComponentGenesis(void);
|
|
|
|
diff --git a/coders/pdf.c b/coders/pdf.c
|
|
index 926661e023..2cf36bf1e9 100644
|
|
--- a/coders/pdf.c
|
|
+++ b/coders/pdf.c
|
|
@@ -625,18 +625,10 @@ static Image *ReadPDFImage(const ImageInfo *image_info,ExceptionInfo *exception)
|
|
if (option != (char *) NULL)
|
|
{
|
|
char
|
|
- passphrase[MagickPathExtent],
|
|
- *sanitize_passphrase;
|
|
+ passphrase[MagickPathExtent];
|
|
|
|
- sanitize_passphrase=SanitizeDelegateString(option);
|
|
-#if defined(MAGICKCORE_WINDOWS_SUPPORT)
|
|
- (void) FormatLocaleString(passphrase,MagickPathExtent,
|
|
- "\"-sPDFPassword=%s\" ",sanitize_passphrase);
|
|
-#else
|
|
- (void) FormatLocaleString(passphrase,MagickPathExtent,
|
|
- "-sPDFPassword='%s' ",sanitize_passphrase);
|
|
-#endif
|
|
- sanitize_passphrase=DestroyString(sanitize_passphrase);
|
|
+ FormatSanitizedDelegateOption(passphrase,MagickPathExtent,
|
|
+ "\"-sPDFPassword=%s\" ","-sPDFPassword='%s' ",option);
|
|
(void) ConcatenateMagickString(options,passphrase,MagickPathExtent);
|
|
}
|
|
read_info=CloneImageInfo(image_info);
|
|
diff --git a/coders/video.c b/coders/video.c
|
|
index e7cfcc0d72..ab546448b2 100644
|
|
--- a/coders/video.c
|
|
+++ b/coders/video.c
|
|
@@ -217,8 +217,7 @@ static Image *ReadVIDEOImage(const ImageInfo *image_info,
|
|
message[MagickPathExtent];
|
|
|
|
char
|
|
- *options,
|
|
- *sanitized_option;
|
|
+ *options;
|
|
|
|
const char
|
|
*intermediate_format,
|
|
@@ -234,19 +233,15 @@ static Image *ReadVIDEOImage(const ImageInfo *image_info,
|
|
option=GetImageOption(image_info,"video:vsync");
|
|
if (option != (const char *) NULL)
|
|
{
|
|
- sanitized_option=SanitizeDelegateString(option);
|
|
- (void) FormatLocaleString(command,MagickPathExtent," -vsync %s",
|
|
- sanitized_option);
|
|
- DestroyString(sanitized_option);
|
|
+ FormatSanitizedDelegateOption(command,MagickPathExtent,
|
|
+ " -vsync \"%s\""," -vsync '%s'",option);
|
|
(void) ConcatenateMagickString(options,command,MagickPathExtent);
|
|
}
|
|
option=GetImageOption(image_info,"video:pixel-format");
|
|
if (option != (const char *) NULL)
|
|
{
|
|
- sanitized_option=SanitizeDelegateString(option);
|
|
- (void) FormatLocaleString(command,MagickPathExtent," -pix_fmt %s",
|
|
- sanitized_option);
|
|
- DestroyString(sanitized_option);
|
|
+ FormatSanitizedDelegateOption(command,MagickPathExtent,
|
|
+ " -pix_fmt \"%s\""," -pix_fmt '%s'",option);
|
|
(void) ConcatenateMagickString(options,command,MagickPathExtent);
|
|
}
|
|
else
|
|
@@ -685,8 +680,7 @@ static MagickBooleanType WriteVIDEOImage(const ImageInfo *image_info,
|
|
message[MagickPathExtent];
|
|
|
|
char
|
|
- *options,
|
|
- *sanitized_option;
|
|
+ *options;
|
|
|
|
const char
|
|
*option;
|
|
@@ -700,10 +694,8 @@ static MagickBooleanType WriteVIDEOImage(const ImageInfo *image_info,
|
|
option=GetImageOption(image_info,"video:pixel-format");
|
|
if (option != (const char *) NULL)
|
|
{
|
|
- sanitized_option=SanitizeDelegateString(option);
|
|
- (void) FormatLocaleString(command,MagickPathExtent," -pix_fmt %s",
|
|
- sanitized_option);
|
|
- DestroyString(sanitized_option);
|
|
+ FormatSanitizedDelegateOption(command,MagickPathExtent,
|
|
+ " -pix_fmt \"%s\""," -pix_fmt '%s'",option);
|
|
(void) ConcatenateMagickString(options,command,MagickPathExtent);
|
|
}
|
|
AcquireUniqueFilename(write_info->unique);
|