From 6368ab06496b366d48cf7dcc1c7f767a94a70193 Mon Sep 17 00:00:00 2001
From: John Cupitt <jcupitt@gmail.com>
Date: Sat, 12 Mar 2016 16:48:27 +0000
Subject: [PATCH] add switches to disable rad, analyze and ppm

vips has built-in support for rad, analyze and ppm ... add configure
switches to disable these readers

useful to reduce the attack surface in some applications
---
 ChangeLog                            |  1 +
 configure.ac                         | 30 ++++++++++++++++++++++++++++
 libvips/deprecated/im_analyze2vips.c | 13 ++++++++----
 libvips/foreign/analyze2vips.c       |  3 +++
 libvips/foreign/analyzeload.c        |  4 ++++
 libvips/foreign/foreign.c            | 19 +++++++++++++-----
 libvips/foreign/ppm.c                |  4 ++++
 libvips/foreign/ppmload.c            |  4 ++++
 libvips/foreign/ppmsave.c            |  4 ++++
 libvips/foreign/radiance.c           |  4 ++++
 libvips/foreign/radload.c            |  4 ++++
 libvips/foreign/radsave.c            |  4 ++++
 test/test_foreign.py                 | 15 ++++++++++++++
 13 files changed, 100 insertions(+), 9 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index ded22a71..019a53e7 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -18,6 +18,7 @@
 - more vips_resize() tuning, a bit quicker now
 - better behaviour for vips_cast() shift of non-int types (thanks apacheark)
 - python .bandrank() now works like .bandjoin()
+- switches to disable PPM, Rad and Analyze support
 
 27/1/16 started 8.2.3
 - fix a crash with SPARC byte-order labq vips images
diff --git a/configure.ac b/configure.ac
index 99199bda..949423fa 100644
--- a/configure.ac
+++ b/configure.ac
@@ -618,6 +618,33 @@ if test x"$with_matio" != "xno"; then
     ])
 fi
 
+# not external libraries, but have options to disable them, helps to
+# reduce attack surface
+
+AC_ARG_WITH([ppm], 
+  AS_HELP_STRING([--without-ppm], [build without ppm (default: with)]))
+
+if test x"$with_ppm" != "xno"; then
+  AC_DEFINE(HAVE_PPM,1,[define to build ppm support.])
+  with_ppm=yes
+fi
+
+AC_ARG_WITH([analyze], 
+  AS_HELP_STRING([--without-analyze], [build without analyze (default: with)]))
+
+if test x"$with_analyze" != "xno"; then
+  AC_DEFINE(HAVE_ANALYZE,1,[define to build analyze support.])
+  with_analyze=yes
+fi
+
+AC_ARG_WITH([radiance], 
+  AS_HELP_STRING([--without-radiance], [build without radiance (default: with)]))
+
+if test x"$with_radiance" != "xno"; then
+  AC_DEFINE(HAVE_RADIANCE,1,[define to build radiance support.])
+  with_radiance=yes
+fi
+
 # cfitsio
 AC_ARG_WITH([cfitsio], 
   AS_HELP_STRING([--without-cfitsio], [build without cfitsio (default: test)]))
@@ -911,6 +938,9 @@ gobject introspection: 			$found_introspection
 build vips7 Python binding:		$with_python
 install vips8 Python overrides:		$enable_pyvips8
   (requires pygobject-3.12.0 or later)
+build radiance support: 		$with_radiance
+build analyze support: 			$with_analyze
+build PPM support: 			$with_ppm
 
 * optional dependencies
 use fftw3 for FFT: 			$with_fftw
diff --git a/libvips/deprecated/im_analyze2vips.c b/libvips/deprecated/im_analyze2vips.c
index f4d892c9..c7b63056 100644
--- a/libvips/deprecated/im_analyze2vips.c
+++ b/libvips/deprecated/im_analyze2vips.c
@@ -42,9 +42,6 @@
 
 #include <vips/vips.h>
 
-#include "../foreign/dbh.h"
-#include "../foreign/analyze2vips.h"
-
 static VipsFormatFlags
 analyze_flags( const char *filename )
 {
@@ -61,7 +58,15 @@ isanalyze( const char *filename )
 int
 im_analyze2vips( const char *filename, IMAGE *out )
 {
-	return( vips__analyze_read( filename, out ) ); 
+	VipsImage *t;
+
+	if( vips_analyzeload( filename, &t, NULL ) )
+		return( -1 );
+	if( vips_image_write( t, out ) ) {
+		g_object_unref( t );
+		return( -1 );
+	}
+	g_object_unref( t );
 
 	return( 0 );
 }
diff --git a/libvips/foreign/analyze2vips.c b/libvips/foreign/analyze2vips.c
index e7ec87b3..77771753 100644
--- a/libvips/foreign/analyze2vips.c
+++ b/libvips/foreign/analyze2vips.c
@@ -50,6 +50,8 @@
 #endif /*HAVE_CONFIG_H*/
 #include <vips/intl.h>
 
+#ifdef HAVE_ANALYZE
+
 #include <ctype.h>
 #include <stdio.h>
 #include <string.h>
@@ -594,3 +596,4 @@ vips__analyze_read( const char *filename, VipsImage *out )
 	return( 0 );
 }
 
+#endif /*HAVE_ANALYZE*/
diff --git a/libvips/foreign/analyzeload.c b/libvips/foreign/analyzeload.c
index 0bb1c6cd..691d1edc 100644
--- a/libvips/foreign/analyzeload.c
+++ b/libvips/foreign/analyzeload.c
@@ -48,6 +48,8 @@
 #include <vips/buf.h>
 #include <vips/internal.h>
 
+#ifdef HAVE_ANALYZE
+
 #include "analyze2vips.h"
 
 typedef struct _VipsForeignLoadAnalyze {
@@ -142,6 +144,8 @@ vips_foreign_load_analyze_init( VipsForeignLoadAnalyze *analyze )
 {
 }
 
+#endif /*HAVE_ANALYZE*/
+
 /**
  * vips_analyzeload:
  * @filename: file to load
diff --git a/libvips/foreign/foreign.c b/libvips/foreign/foreign.c
index a701c9e4..5ac52a63 100644
--- a/libvips/foreign/foreign.c
+++ b/libvips/foreign/foreign.c
@@ -1665,22 +1665,31 @@ vips_foreign_operation_init( void )
 	extern GType vips_foreign_load_gif_file_get_type( void ); 
 	extern GType vips_foreign_load_gif_buffer_get_type( void ); 
 
-	vips_foreign_load_rad_get_type(); 
-	vips_foreign_save_rad_get_type(); 
-	vips_foreign_load_ppm_get_type(); 
-	vips_foreign_save_ppm_get_type(); 
 	vips_foreign_load_csv_get_type(); 
 	vips_foreign_save_csv_get_type(); 
 	vips_foreign_load_matrix_get_type(); 
 	vips_foreign_save_matrix_get_type(); 
 	vips_foreign_print_matrix_get_type(); 
-	vips_foreign_load_analyze_get_type(); 
 	vips_foreign_load_raw_get_type(); 
 	vips_foreign_save_raw_get_type(); 
 	vips_foreign_save_raw_fd_get_type(); 
 	vips_foreign_load_vips_get_type(); 
 	vips_foreign_save_vips_get_type(); 
 
+#ifdef HAVE_ANALYZE
+	vips_foreign_load_analyze_get_type(); 
+#endif /*HAVE_ANALYZE*/
+
+#ifdef HAVE_PPM
+	vips_foreign_load_ppm_get_type(); 
+	vips_foreign_save_ppm_get_type(); 
+#endif /*HAVE_PPM*/
+
+#ifdef HAVE_RADIANCE
+	vips_foreign_load_rad_get_type(); 
+	vips_foreign_save_rad_get_type(); 
+#endif /*HAVE_RADIANCE*/
+
 #ifdef HAVE_POPPLER
 	vips_foreign_load_pdf_get_type(); 
 	vips_foreign_load_pdf_file_get_type(); 
diff --git a/libvips/foreign/ppm.c b/libvips/foreign/ppm.c
index bc5334ca..d6e4ecae 100644
--- a/libvips/foreign/ppm.c
+++ b/libvips/foreign/ppm.c
@@ -68,6 +68,8 @@
 #endif /*HAVE_CONFIG_H*/
 #include <vips/intl.h>
 
+#ifdef HAVE_PPM
+
 #include <ctype.h>
 #include <stdio.h>
 #include <string.h>
@@ -825,3 +827,5 @@ vips__ppm_save( VipsImage *in, const char *filename,
 
 	return( 0 );
 }
+
+#endif /*HAVE_PPM*/
diff --git a/libvips/foreign/ppmload.c b/libvips/foreign/ppmload.c
index 55a5abaf..df458c9f 100644
--- a/libvips/foreign/ppmload.c
+++ b/libvips/foreign/ppmload.c
@@ -48,6 +48,8 @@
 #include <vips/buf.h>
 #include <vips/internal.h>
 
+#ifdef HAVE_PPM
+
 #include "ppm.h"
 
 typedef struct _VipsForeignLoadPpm {
@@ -142,6 +144,8 @@ vips_foreign_load_ppm_init( VipsForeignLoadPpm *ppm )
 {
 }
 
+#endif /*HAVE_PPM*/
+
 /**
  * vips_ppmload:
  * @filename: file to load
diff --git a/libvips/foreign/ppmsave.c b/libvips/foreign/ppmsave.c
index 6893caee..178011af 100644
--- a/libvips/foreign/ppmsave.c
+++ b/libvips/foreign/ppmsave.c
@@ -47,6 +47,8 @@
 
 #include <vips/vips.h>
 
+#ifdef HAVE_PPM
+
 #include "ppm.h"
 
 typedef struct _VipsForeignSavePpm {
@@ -144,6 +146,8 @@ vips_foreign_save_ppm_init( VipsForeignSavePpm *ppm )
 {
 }
 
+#endif /*HAVE_PPM*/
+
 /**
  * vips_ppmsave:
  * @in: image to save 
diff --git a/libvips/foreign/radiance.c b/libvips/foreign/radiance.c
index c50aae6e..fc688b60 100644
--- a/libvips/foreign/radiance.c
+++ b/libvips/foreign/radiance.c
@@ -127,6 +127,8 @@
 #endif /*HAVE_CONFIG_H*/
 #include <vips/intl.h>
 
+#ifdef HAVE_RADIANCE
+
 #include <stdio.h>
 #include <assert.h>
 #include <stdlib.h>
@@ -1303,3 +1305,5 @@ vips__rad_save( VipsImage *in, const char *filename )
 }
 
 const char *vips__rad_suffs[] = { ".hdr", NULL };
+
+#endif /*HAVE_RADIANCE*/
diff --git a/libvips/foreign/radload.c b/libvips/foreign/radload.c
index 66ab5d55..8d46d3a7 100644
--- a/libvips/foreign/radload.c
+++ b/libvips/foreign/radload.c
@@ -48,6 +48,8 @@
 #include <vips/buf.h>
 #include <vips/internal.h>
 
+#ifdef HAVE_RADIANCE
+
 #include "radiance.h"
 
 typedef struct _VipsForeignLoadRad {
@@ -145,6 +147,8 @@ vips_foreign_load_rad_init( VipsForeignLoadRad *rad )
 {
 }
 
+#endif /*HAVE_RADIANCE*/
+
 /**
  * vips_radload:
  * @filename: file to load
diff --git a/libvips/foreign/radsave.c b/libvips/foreign/radsave.c
index cd97a67d..bfffe6c1 100644
--- a/libvips/foreign/radsave.c
+++ b/libvips/foreign/radsave.c
@@ -47,6 +47,8 @@
 
 #include <vips/vips.h>
 
+#ifdef HAVE_RADIANCE
+
 #include "radiance.h"
 
 typedef struct _VipsForeignSaveRad {
@@ -129,6 +131,8 @@ vips_foreign_save_rad_init( VipsForeignSaveRad *rad )
 {
 }
 
+#endif /*HAVE_RADIANCE*/
+
 /**
  * vips_radsave:
  * @in: image to save 
diff --git a/test/test_foreign.py b/test/test_foreign.py
index 9722e184..0eb44ff0 100755
--- a/test/test_foreign.py
+++ b/test/test_foreign.py
@@ -267,6 +267,11 @@ class TestForeign(unittest.TestCase):
         self.save_load("%s.webp", self.colour)
 
     def test_analyzeload(self):
+        x = Vips.type_find("VipsForeign", "analyzeload")
+        if not x.is_instantiatable():
+            print("no analyze support in this vips, skipping test")
+            return
+
         def analyze_valid(self, im):
             a = im(10, 10)
             self.assertAlmostEqual(a[0], 3335)
@@ -416,10 +421,20 @@ class TestForeign(unittest.TestCase):
         self.save_load("%s.mat", self.mono)
 
     def test_ppm(self):
+        x = Vips.type_find("VipsForeign", "ppmload")
+        if not x.is_instantiatable():
+            print("no PPM support in this vips, skipping test")
+            return
+
         self.save_load("%s.ppm", self.mono)
         self.save_load("%s.ppm", self.colour)
 
     def test_rad(self):
+        x = Vips.type_find("VipsForeign", "radload")
+        if not x.is_instantiatable():
+            print("no Radiance support in this vips, skipping test")
+            return
+
         self.save_load("%s.hdr", self.colour)
 
     def test_dzsave(self):