block 0 width or height images from imagemagick

IM could return 0 width and/or height for some crafted images. Block
these.

Thanks @Koen1999.

See https://github.com/libvips/libvips/issues/1890
This commit is contained in:
John Cupitt 2020-11-20 12:17:42 +00:00
parent 98641ba153
commit d971c75d6f
3 changed files with 24 additions and 2 deletions

View File

@ -8,7 +8,8 @@
- hide info messages you could get with some older glibs [kleisauke] - hide info messages you could get with some older glibs [kleisauke]
- fix --no-strip on dzsave with icc-profiles [altert] - fix --no-strip on dzsave with icc-profiles [altert]
- better GraphicsMagick image write [bfriesen] - better GraphicsMagick image write [bfriesen]
- Add missing read loops to spng, heif, giflib and ppm load [kleisauke] - add missing read loops to spng, heif, giflib and ppm load [kleisauke]
- block zero width or height images from imagemagick load [Koen1999]
6/9/20 started 8.10.2 6/9/20 started 8.10.2
- update magicksave/load profile handling [kelilevi] - update magicksave/load profile handling [kelilevi]

View File

@ -336,8 +336,18 @@ parse_header( Read *read )
im->Xsize = image->columns; im->Xsize = image->columns;
im->Ysize = image->rows; im->Ysize = image->rows;
read->frame_height = image->rows; read->frame_height = image->rows;
if( (im->Bands = get_bands( image )) < 0 ) im->Bands = get_bands( image );
if( im->Xsize <= 0 ||
im->Ysize <= 0 ||
im->Bands <= 0 ||
im->Xsize >= VIPS_MAX_COORD ||
im->Ysize >= VIPS_MAX_COORD ||
im->Bands >= VIPS_MAX_COORD ) {
vips_error( "magick2vips",
_( "bad image dimensions %d x %d pixels, %d bands" ),
im->Xsize, im->Ysize, im->Bands );
return( -1 ); return( -1 );
}
/* Depth can be 'fractional'. /* Depth can be 'fractional'.
* *

View File

@ -449,6 +449,17 @@ vips_foreign_load_magick7_parse( VipsForeignLoadMagick7 *magick7,
out->Ysize = image->rows; out->Ysize = image->rows;
magick7->frame_height = image->rows; magick7->frame_height = image->rows;
out->Bands = magick7_get_bands( image ); out->Bands = magick7_get_bands( image );
if( out->Xsize <= 0 ||
out->Ysize <= 0 ||
out->Bands <= 0 ||
out->Xsize >= VIPS_MAX_COORD ||
out->Ysize >= VIPS_MAX_COORD ||
out->Bands >= VIPS_MAX_COORD ) ||
vips_error( class->nickname,
_( "bad image dimensions %d x %d pixels, %d bands" ),
out->Xsize, out->Ysize, out->Bands );
return( -1 );
}
/* Depth can be 'fractional'. You'd think we should use /* Depth can be 'fractional'. You'd think we should use
* GetImageDepth() but that seems to compute something very complex. * GetImageDepth() but that seems to compute something very complex.