Search found 467 matches

by broucaries
2015-05-03T04:28:00-07:00
Forum: Bugs
Topic: Be upstream patch friendly for documentation
Replies: 3
Views: 2854

Be upstream patch friendly for documentation

Hi,

Could be possible to not generate the
<!-- Magick Cache 25th July 2014 04:06 -->
line at the end of each documentation file for packaged documentation ?

a sed script for removing it from tar.gz will be really nice....

It is really painful for refreshing patch....

Bastien
by broucaries
2014-12-28T06:36:26-07:00
Forum: Bugs
Topic: Backport of security bug and problem
Replies: 3
Views: 3176

Re: Backport of security bug and problem

The original reporter propose a new patch:

https://bugs.debian.org/773980

What do you think ?

Bastien
by broucaries
2014-12-27T12:50:58-07:00
Forum: Bugs
Topic: Backport of security bug and problem
Replies: 3
Views: 3176

Backport of security bug and problem

Hi,

http://trac.imagemagick.org/changeset/17297 is problematic.

Try convert rose: rose.xpm
then display rose.xpm

Have you an idea ?

Bastien
by broucaries
2014-12-23T14:03:54-07:00
Forum: Kudos and Rants
Topic: Missing commit messages
Replies: 4
Views: 23758

Re: Missing commit messages

Yes it really suck for a security point of view. I must ask upstream and it is a loss of time both side
by broucaries
2014-12-23T13:57:43-07:00
Forum: Bugs
Topic: Security bug
Replies: 2
Views: 2638

Re: Security bug

Done I have a mail adresss. Could you pm your mail (and full nam) also, I am writting to oss-security@lists.openwall.com

I have prepared a patch queue.
by broucaries
2014-12-23T08:13:53-07:00
Forum: Bugs
Topic: SIGABRT convert - IM 6.9.0-1 - 36b70be2
Replies: 25
Views: 26615

Re: SIGABRT convert - IM 6.9.0-1 - 36b70be2

Where is the patch for this one ?
by broucaries
2014-12-23T04:47:58-07:00
Forum: Bugs
Topic: Security bug
Replies: 2
Views: 2638

Security bug

Hi,

I have just send a private mail about a security bug. Could you get a glimpse?

Bastien
by broucaries
2014-12-14T07:56:19-07:00
Forum: Bugs
Topic: SEGV in 64-bit and 32-bit platforms 07c8accc
Replies: 15
Views: 27973

Re: SEGV in 64-bit and 32-bit platforms 07c8accc

> Ok so my description are correct. Could you help me for tiff one and the png one ? Glenn is the PNG maintainer (the author of libpng). Glenn can you report on your recent patches to coders/png.c? The TIFF library TIFFGetField() uses var args. In most cases there are @ most 2 possible return argum...
by broucaries
2014-12-14T07:23:42-07:00
Forum: Bugs
Topic: SIGABRT convert - IM 6.9.0-1 - 36b70be2
Replies: 25
Views: 26615

Re: SIGABRT convert - IM 6.9.0-1 - 36b70be2

Ok more information (gdb) up #1 0x0000000004e8809d in memcpy (__len=360, __src=<optimized out>, __dest=0x8eb6e10) at /usr/include/x86_64-linux-gnu/bits/string3.h:51 51 return __builtin___memcpy_chk (__dest, __src, __len, __bos0 (__dest)); (gdb) up #2 ReadBlob (image=0x8e50910, length=614891469123651...
by broucaries
2014-12-14T07:20:05-07:00
Forum: Bugs
Topic: SIGABRT convert - IM 6.9.0-1 - 36b70be2
Replies: 25
Views: 26615

Re: SIGABRT convert - IM 6.9.0-1 - 36b70be2

Ok here is backtrace I will try to give you some information bt #0 0x0000000004c2d943 in _vgr20180ZZ_libcZdsoZa_memcpyZAZAGLIBCZu2Zd14 (dst=0x8eb6e10, src=<optimized out>, len=<optimized out>) at ../shared/vg_replace_strmem.c:915 #1 0x0000000004e8809d in memcpy (__len=360, __src=<optimized out>, __d...
by broucaries
2014-12-14T07:14:31-07:00
Forum: Bugs
Topic: SIGABRT convert - IM 6.9.0-1 - 36b70be2
Replies: 25
Views: 26615

Re: SIGABRT convert - IM 6.9.0-1 - 36b70be2

Valgrind give me another picture. It seems malloc area is smashed and confuse gdb macro.... Will try to run valgrind under gdb ==22848== Memcheck, a memory error detector ==22848== Copyright (C) 2002-2013, and GNU GPL'd, by Julian Seward et al. ==22848== Using Valgrind-3.10.0 and LibVEX; rerun with ...
by broucaries
2014-12-14T07:02:04-07:00
Forum: Bugs
Topic: SIGABRT convert - IM 6.9.0-1 - 36b70be2
Replies: 25
Views: 26615

Re: SIGABRT convert - IM 6.9.0-1 - 36b70be2

in AcquireSemaphoreMemory alignment = 64.

Bastien
by broucaries
2014-12-14T06:53:09-07:00
Forum: Bugs
Topic: SIGABRT convert - IM 6.9.0-1 - 36b70be2
Replies: 25
Views: 26615

Re: SIGABRT convert - IM 6.9.0-1 - 36b70be2

18446744073709551615=2^64 - 1 or signed -1 in 2 complement.

Will try to get parameter before. I will not recompile but use debugger it is quicker
by broucaries
2014-12-14T06:49:11-07:00
Forum: Bugs
Topic: SEGV in 64-bit and 32-bit platforms 07c8accc
Replies: 15
Views: 27973

Re: SEGV in 64-bit and 32-bit platforms 07c8accc

Ok so my description are correct. Could you help me for tiff one and the png one ? BTW the viff one is buggy and non portable. Cast to ssize_t could lead to negative number and thus implementation dependant access. Do you mean size_t here ? if it is negative it should be checked before passing to bo...
by broucaries
2014-12-14T03:38:04-07:00
Forum: Bugs
Topic: SEGV in 64-bit and 32-bit platforms 07c8accc
Replies: 15
Views: 27973

Re: SEGV in 64-bit and 32-bit platforms 07c8accc

Ok let try something Ok I suppose these patch: - http://trac.imagemagick.org/changeset/17112/ImageMagick/branches/ImageMagick-6/coders/dpx.c This one I have the beggining: "A malformed imageme could trigger " What are the consequence ? Do you have a CVE ? - http://trac.imagemagick.org/changeset/1716...