r19074 - in /branches/upstream/libimager-perl/current: Changes Imager.pm META.yml fills.c image.c lib/Imager/Draw.pod t/t20fill.t t/t40scale.t
gregoa at users.alioth.debian.org
gregoa at users.alioth.debian.org
Wed Apr 23 15:56:15 UTC 2008
Author: gregoa
Date: Wed Apr 23 15:56:14 2008
New Revision: 19074
URL: http://svn.debian.org/wsvn/?sc=1&rev=19074
Log:
[svn-upgrade] Integrating new upstream version, libimager-perl (0.64)
Modified:
branches/upstream/libimager-perl/current/Changes
branches/upstream/libimager-perl/current/Imager.pm
branches/upstream/libimager-perl/current/META.yml
branches/upstream/libimager-perl/current/fills.c
branches/upstream/libimager-perl/current/image.c
branches/upstream/libimager-perl/current/lib/Imager/Draw.pod
branches/upstream/libimager-perl/current/t/t20fill.t
branches/upstream/libimager-perl/current/t/t40scale.t
Modified: branches/upstream/libimager-perl/current/Changes
URL: http://svn.debian.org/wsvn/branches/upstream/libimager-perl/current/Changes?rev=19074&op=diff
==============================================================================
--- branches/upstream/libimager-perl/current/Changes (original)
+++ branches/upstream/libimager-perl/current/Changes Wed Apr 23 15:56:14 2008
@@ -1,4 +1,36 @@
Imager release history. Older releases can be found in Changes.old
+
+Imager 0.64 - 23 April 2008
+===========
+
+This is a bug fix release. This includes a fix for a possible
+security issue.
+
+Bug fixes:
+
+ - Possible security issue: The floating point sample path for image
+ based fills had a buffer overflow. This would overwrite the end of
+ a malloc()ed buffer with double precision floats.
+ http://rt.cpan.org/Ticket/Display.html?id=35324
+
+ - check that the result of fileno($fh) is defined rather than simply
+ true when read() or write() is supplied with an fh parameter.
+ http://rt.cpan.org/Ticket/Display.html?id=35139
+
+ - i_scale_axis() wasn't checking the result of i_img_new_ch()
+ resulting in a SIGSEGV when attempting to scale an image to a size
+ too large to fit in memory. This is a NULL pointer access issue,
+ not a buffer overflow.
+ Added a check for the failure.
+ scale_calculate() (and hence scale()) will now fail if any of the
+ scale size parameters are a reference.
+ http://rt.cpan.org/Ticket/Display.html?id=35172
+
+ - Regression: filling a greyscale image with a hatch used the wrong
+ color channels from the supplied fg/bg colors.
+ https://rt.cpan.org/Ticket/Display.html?id=35278
+
+ - fixed a related problem for image fills.
Imager 0.63 - 7 April 2008
===========
Modified: branches/upstream/libimager-perl/current/Imager.pm
URL: http://svn.debian.org/wsvn/branches/upstream/libimager-perl/current/Imager.pm?rev=19074&op=diff
==============================================================================
--- branches/upstream/libimager-perl/current/Imager.pm (original)
+++ branches/upstream/libimager-perl/current/Imager.pm Wed Apr 23 15:56:14 2008
@@ -173,7 +173,7 @@
BEGIN {
require Exporter;
@ISA = qw(Exporter);
- $VERSION = '0.63';
+ $VERSION = '0.64';
eval {
require XSLoader;
XSLoader::load(Imager => $VERSION);
@@ -1197,7 +1197,7 @@
}
elsif ($input->{fh}) {
my $fd = fileno($input->{fh});
- unless ($fd) {
+ unless (defined $fd) {
$self->_set_error("Handle in fh option not opened");
return;
}
@@ -1248,7 +1248,7 @@
}
elsif ($input->{fh}) {
my $fd = fileno($input->{fh});
- unless ($fd) {
+ unless (defined $fd) {
$self->_set_error("Handle in fh option not opened");
return;
}
@@ -2075,6 +2075,14 @@
my %opts = ('type'=>'max', @_);
+ # none of these should be references
+ for my $name (qw/xpixels ypixels xscalefactor yscalefactor width height/) {
+ if (defined $opts{$name} && ref $opts{$name}) {
+ $self->_set_error("scale_calculate: $name parameter cannot be a reference");
+ return;
+ }
+ }
+
my ($x_scale, $y_scale);
my $width = $opts{width};
my $height = $opts{height};
@@ -2178,12 +2186,12 @@
if ($opts{qtype} eq 'normal') {
$tmp->{IMG} = i_scaleaxis($self->{IMG}, $x_scale, 0);
if ( !defined($tmp->{IMG}) ) {
- $self->{ERRSTR} = 'unable to scale image';
+ $self->{ERRSTR} = 'unable to scale image: ' . $self->_error_as_msg;
return undef;
}
$img->{IMG}=i_scaleaxis($tmp->{IMG}, $y_scale, 1);
if ( !defined($img->{IMG}) ) {
- $self->{ERRSTR}='unable to scale image';
+ $self->{ERRSTR}='unable to scale image: ' . $self->_error_as_msg;
return undef;
}
@@ -2200,7 +2208,7 @@
elsif ($opts{'qtype'} eq 'mixing') {
$img->{IMG} = i_scale_mixing($self->{IMG}, $new_width, $new_height);
unless ($img->{IMG}) {
- $self->_set_error(Imager->_error_as_meg);
+ $self->_set_error(Imager->_error_as_msg);
return;
}
return $img;
Modified: branches/upstream/libimager-perl/current/META.yml
URL: http://svn.debian.org/wsvn/branches/upstream/libimager-perl/current/META.yml?rev=19074&op=diff
==============================================================================
--- branches/upstream/libimager-perl/current/META.yml (original)
+++ branches/upstream/libimager-perl/current/META.yml Wed Apr 23 15:56:14 2008
@@ -1,6 +1,6 @@
--- #YAML:1.0
name: Imager
-version: 0.63
+version: 0.64
version_from: Imager.pm
author:
- Tony Cook <tony at imager.perl.org>
@@ -17,4 +17,4 @@
meta-spec:
version: 1.3
url: http://module-build.sourceforge.net/META-spec-v1.3.html
-generated_by: Imager version 0.63
+generated_by: Imager version 0.64
Modified: branches/upstream/libimager-perl/current/fills.c
URL: http://svn.debian.org/wsvn/branches/upstream/libimager-perl/current/fills.c?rev=19074&op=diff
==============================================================================
--- branches/upstream/libimager-perl/current/fills.c (original)
+++ branches/upstream/libimager-perl/current/fills.c Wed Apr 23 15:56:14 2008
@@ -650,12 +650,20 @@
int byte = f->hatch[(y + f->dy) & 7];
int xpos = (x + f->dx) & 7;
int mask = 128 >> xpos;
+ i_color fg = f->fg;
+ i_color bg = f->bg;
+ int want_channels = channels > 2 ? 4 : 2;
+
+ if (channels < 3) {
+ i_adapt_colors(2, 4, &fg, 1);
+ i_adapt_colors(2, 4, &bg, 1);
+ }
while (width-- > 0) {
if (byte & mask)
- *data++ = f->fg;
+ *data++ = fg;
else
- *data++ = f->bg;
+ *data++ = bg;
if ((mask >>= 1) == 0)
mask = 128;
@@ -675,12 +683,19 @@
int byte = f->hatch[(y + f->dy) & 7];
int xpos = (x + f->dx) & 7;
int mask = 128 >> xpos;
+ i_fcolor fg = f->ffg;
+ i_fcolor bg = f->fbg;
+
+ if (channels < 3) {
+ i_adapt_fcolors(2, 4, &fg, 1);
+ i_adapt_fcolors(2, 4, &bg, 1);
+ }
while (width-- > 0) {
if (byte & mask)
- *data++ = f->ffg;
+ *data++ = fg;
else
- *data++ = f->fbg;
+ *data++ = bg;
if ((mask >>= 1) == 0)
mask = 128;
@@ -741,6 +756,7 @@
struct i_fill_image_t *f = (struct i_fill_image_t *)fill;
int i = 0;
i_color *out = data;
+ int want_channels = channels > 2 ? 4 : 2;
if (f->has_matrix) {
/* the hard way */
@@ -803,33 +819,12 @@
++i;
}
}
- if (f->src->channels == 3) {
- /* just set the alpha */
- for (i = 0; i < width; ++i) {
- data->channel[3] = 255;
- data++;
- }
- }
- else if (f->src->channels == 2) {
- /* copy the alpha to channel 3, duplicate the grey value */
- for (i = 0; i < width; ++i) {
- data->channel[3] = data->channel[1];
- data->channel[1] = data->channel[2] = data->channel[0];
- data++;
- }
- }
- else if (f->src->channels == 1) {
- /* set the alpha, duplicate grey */
- for (i = 0; i < width; ++i) {
- data->channel[3] = 255;
- data->channel[1] = data->channel[2] = data->channel[0];
- data++;
- }
- }
-}
-
-/*
-=item fill_image(fill, x, y, width, channels, data, work)
+ if (f->src->channels != want_channels)
+ i_adapt_colors(want_channels, f->src->channels, data, width);
+}
+
+/*
+=item fill_imagef(fill, x, y, width, channels, data, work)
=cut
*/
@@ -837,8 +832,10 @@
i_fcolor *data) {
struct i_fill_image_t *f = (struct i_fill_image_t *)fill;
int i = 0;
+ int want_channels = channels > 2 ? 4 : 2;
if (f->has_matrix) {
+ i_fcolor *work_data = data;
/* the hard way */
while (i < width) {
double rx = f->matrix[0] * (x+i) + f->matrix[1] * y + f->matrix[2];
@@ -871,11 +868,12 @@
}
c2[dy] = interp_i_fcolor(c[dy][0], c[dy][1], rx, f->src->channels);
}
- *data++ = interp_i_fcolor(c2[0], c2[1], ry, f->src->channels);
+ *work_data++ = interp_i_fcolor(c2[0], c2[1], ry, f->src->channels);
++i;
}
}
else {
+ i_fcolor *work_data = data;
/* the easy way */
/* this should be possible to optimize to use i_glin() */
while (i < width) {
@@ -894,34 +892,13 @@
}
rx -= ix * f->src->xsize;
ry -= iy * f->src->ysize;
- i_gpixf(f->src, rx, ry, data);
- ++data;
+ i_gpixf(f->src, rx, ry, work_data);
+ ++work_data;
++i;
}
}
- if (f->src->channels == 3) {
- /* just set the alpha */
- for (i = 0; i < width; ++i) {
- data->channel[3] = 1.0;
- data++;
- }
- }
- else if (f->src->channels == 2) {
- /* copy the alpha to channel 3, duplicate the grey value */
- for (i = 0; i < width; ++i) {
- data->channel[3] = data->channel[1];
- data->channel[1] = data->channel[2] = data->channel[0];
- data++;
- }
- }
- else if (f->src->channels == 1) {
- /* set the alpha, duplicate grey */
- for (i = 0; i < width; ++i) {
- data->channel[3] = 1.0;
- data->channel[1] = data->channel[2] = data->channel[0];
- data++;
- }
- }
+ if (f->src->channels != want_channels)
+ i_adapt_fcolors(want_channels, f->src->channels, data, width);
}
Modified: branches/upstream/libimager-perl/current/image.c
URL: http://svn.debian.org/wsvn/branches/upstream/libimager-perl/current/image.c?rev=19074&op=diff
==============================================================================
--- branches/upstream/libimager-perl/current/image.c (original)
+++ branches/upstream/libimager-perl/current/image.c Wed Apr 23 15:56:14 2008
@@ -853,6 +853,7 @@
i_color val,val1,val2;
i_img *new_img;
+ i_clear_error();
mm_log((1,"i_scaleaxis(im %p,Value %.2f,Axis %d)\n",im,Value,Axis));
@@ -880,6 +881,10 @@
}
new_img = i_img_empty_ch(NULL, hsize, vsize, im->channels);
+ if (!new_img) {
+ i_push_error(0, "cannot create output image");
+ return NULL;
+ }
/* 1.4 is a magic number, setting it to 2 will cause rather blurred images */
LanczosWidthFactor = (Value >= 1) ? 1 : (int) (1.4/Value);
Modified: branches/upstream/libimager-perl/current/lib/Imager/Draw.pod
URL: http://svn.debian.org/wsvn/branches/upstream/libimager-perl/current/lib/Imager/Draw.pod?rev=19074&op=diff
==============================================================================
--- branches/upstream/libimager-perl/current/lib/Imager/Draw.pod (original)
+++ branches/upstream/libimager-perl/current/lib/Imager/Draw.pod Wed Apr 23 15:56:14 2008
@@ -1147,7 +1147,7 @@
=head1 BUGS
-box, arc, do not support antialiasing yet. Arc, is only filled as of
+box() does not support antialiasing yet. Arc, is only filled as of
yet. Default color is not unified yet.
=head1 AUTHOR
@@ -1160,6 +1160,6 @@
=head1 REVISION
-$Revision: 1431 $
+$Revision: 1465 $
=cut
Modified: branches/upstream/libimager-perl/current/t/t20fill.t
URL: http://svn.debian.org/wsvn/branches/upstream/libimager-perl/current/t/t20fill.t?rev=19074&op=diff
==============================================================================
--- branches/upstream/libimager-perl/current/t/t20fill.t (original)
+++ branches/upstream/libimager-perl/current/t/t20fill.t Wed Apr 23 15:56:14 2008
@@ -1,10 +1,11 @@
#!perl -w
use strict;
-use Test::More tests => 121;
+use Test::More tests => 129;
use Imager ':handy';
use Imager::Fill;
use Imager::Color::Float;
+use Imager::Test qw(is_image);
use Config;
Imager::init_log("testout/t20fill.log", 1);
@@ -413,6 +414,58 @@
cmp_ok(Imager->errstr, '=~', 'No color named', "check error message");
}
+{ # RT #35278
+ # hatch fills on a grey scale image don't adapt colors
+ for my $bits (8, 'double') {
+ my $im_g = Imager->new(xsize => 10, ysize => 10, channels => 1, bits => $bits);
+ $im_g->box(filled => 1, color => 'FFFFFF');
+ my $fill = Imager::Fill->new
+ (
+ combine => 'normal',
+ hatch => 'weave',
+ fg => '000000',
+ bg => 'FFFFFF'
+ );
+ $im_g->box(fill => $fill);
+ my $im_c = Imager->new(xsize => 10, ysize => 10, channels => 3, bits => $bits);
+ $im_c->box(filled => 1, color => 'FFFFFF');
+ $im_c->box(fill => $fill);
+ my $im_cg = $im_g->convert(preset => 'rgb');
+ is_image($im_c, $im_cg, "check hatch is the same between color and greyscale (bits $bits)");
+
+ # check the same for image fills
+ my $grey_fill = Imager::Fill->new
+ (
+ image => $im_g,
+ combine => 'normal'
+ );
+ my $im_cfg = Imager->new(xsize => 20, ysize => 20, bits => $bits);
+ $im_cfg->box(filled => 1, color => '808080');
+ $im_cfg->box(fill => $grey_fill);
+ my $rgb_fill = Imager::Fill->new
+ (
+ image => $im_cg,
+ combine => 'normal'
+ );
+ my $im_cfc = Imager->new(xsize => 20, ysize => 20, bits => $bits);
+ $im_cfc->box(filled => 1, color => '808080');
+ $im_cfc->box(fill => $rgb_fill);
+ is_image($im_cfg, $im_cfc, "check filling from grey image matches filling from rgb (bits = $bits)");
+
+ my $im_gfg = Imager->new(xsize => 20, ysize => 20, channels => 1, bits => $bits);
+ $im_gfg->box(filled => 1, color => '808080');
+ $im_gfg->box(fill => $grey_fill);
+ my $im_gfg_c = $im_gfg->convert(preset => 'rgb');
+ is_image($im_gfg_c, $im_cfg, "check grey filled with grey against base (bits = $bits)");
+
+ my $im_gfc = Imager->new(xsize => 20, ysize => 20, channels => 1, bits => $bits);
+ $im_gfc->box(filled => 1, color => '808080');
+ $im_gfc->box(fill => $rgb_fill);
+ my $im_gfc_c = $im_gfc->convert(preset => 'rgb');
+ is_image($im_gfc_c, $im_cfg, "check grey filled with color against base (bits = $bits)");
+ }
+}
+
sub color_close {
my ($c1, $c2) = @_;
Modified: branches/upstream/libimager-perl/current/t/t40scale.t
URL: http://svn.debian.org/wsvn/branches/upstream/libimager-perl/current/t/t40scale.t?rev=19074&op=diff
==============================================================================
--- branches/upstream/libimager-perl/current/t/t40scale.t (original)
+++ branches/upstream/libimager-perl/current/t/t40scale.t Wed Apr 23 15:56:14 2008
@@ -1,6 +1,6 @@
#!perl -w
use strict;
-use Test::More tests => 228;
+use Test::More tests => 230;
BEGIN { use_ok(Imager=>':all') }
use Imager::Test qw(is_image is_color4);
@@ -213,6 +213,14 @@
"class method scale_factor");
}
+{ # passing a reference for scaling parameters should fail
+ # RT #35172
+ my $im = Imager->new(xsize => 100, ysize => 100);
+ ok(!$im->scale(xpixels => {}), "can't use a reference as a size");
+ cmp_ok($im->errstr, '=~', "xpixels parameter cannot be a reference",
+ "check error message");
+}
+
sub scale_test {
my ($in, $method, $exp_width, $exp_height, $note, @parms) = @_;
More information about the Pkg-perl-cvs-commits
mailing list