libgd
/
libgd
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
1,956 Commits
1 Branch
0 Tags
24 MiB
Commit Graph

1956 Commits (2e886046f86d0d6bfc14aab94a881259a081e3f4)

Author SHA1 Message Date
wilson chen 2e886046f8
Fix #497: gdImageColorMatch Out Of Bounds Write on Heap (CVE-2019-6977) 
Fixed CVE-2019-6977 and add corresponding testcase.

Original patch by Christoph M. Bechker <cmbecker69@gmx.de>
https://gist.github.com/cmb69/1f36d285eb297ed326f5c821d7aafced
 2019-12-20 10:12:04 +08:00
willson-chen 4b0f372402 Fixed #369: fix new_a init error in gdImageConvolution() 2019-12-13 10:54:25 +01:00
willson-chen b9004db6a2 add testcase for gdImageColorClosestHWB 
add testcase for gdImageColorClosestHWB
 2019-11-28 13:28:41 -05:00
willson-chen b5a5d98209 add testcase for gdImageColorMatch 
add testcase for gdImageColorMatch
 2019-11-28 13:27:29 -05:00
wilson chen c3a77b5a3b add testcase for gdimagestringup 2019-11-28 11:23:51 -05:00
wilson chen fac913b874 add testcase for gdImageStringUp16 2019-11-28 00:05:23 -05:00
wilson chen 05ae40a4ba add testcase for gdImageString16 2019-11-28 00:04:50 -05:00
wilson chen 39facb195f add testcase for gdImageCopyMergeGray 2019-11-28 00:04:08 -05:00
wilson chen c6880dc209 add testcase for gdimagestring 2019-11-27 13:46:38 -05:00
wilson chen c456072f43 add testcase for gdImageCopyMerge 2019-11-27 01:33:26 -05:00
Christoph M. Becker 48ffba3f1b Fix GD build with -D SIGNED_COMPARE_SLOW 
Apparently, this has not been tested for a long time, and might be a
refactoring relict.  Anyhow, we have to pass the context to
`GIFNextPixel` as well.

This issue has been reported by Kleber Tarcísio.
 2019-11-21 20:07:20 -05:00
wilson chen b73137fcd4 Remove config.h in gdpp 
Remove config.h & jpeg defines in gdpp.h & gdpp.cxx.
 2019-11-18 23:09:44 -05:00
willson-chen 3b89ca6766 Fix #164: update doc files install directory in CMakeLists.txt (#536) 
Change install directory from 'share/docs' to 'share/doc/gd-<major>.<minor>'.
 2019-11-14 02:25:49 -05:00
willson-chen 4cb9825f32 Update cmake min version to 3.7 2019-11-06 13:23:03 -08:00
willson-chen e6159b206f Fix #533: Remove cmake modules 
FindFreetype.cmake, FindPNG.cmake and FindJPEG, have been the cmake standard modules since cmake v2.6.
 2019-11-04 23:50:57 -08:00
willson-chen fbc8833e99 FindLIQ.cmake: delete libimagequant source code download logic 
* FindLIQ.cmake: add comment of LIQ_BUILD which is used in CMakeLists.txt

And fixed some indent error.

* FindLIQ.cmake: delete download libimagequant source code logic.

* And delete the LIQ_BUILD logic in CMakeLists.txt correspondingly.
* Fixed some indent errors.

* FindLIQ.cmake: Delete libimagequant download path
 2019-11-04 23:48:27 -08:00
willson-chen ecea96be09 Fix some cmake modules typos 2019-11-03 18:27:07 -07:00
willson-chen d8e0c1a5a3 travis: delete obsolete macOS code 2019-11-02 22:03:29 -06:00
willson-chen ac7118680d Fix #539: Add RAQM support for cmake 
* Add `ENABLE_RAQM` option to CMakeLists.txt
* Add cmake module FindRAQM.cmake
 2019-11-02 00:59:43 -06:00
willson-chen 2874546a44 update gdtest.c to support msys (#528) 
* config.h is never generated in msys with existing windows/msys/Makefile
* errno.h is to solve EEXIST is not defined error
* GDTEST_TOP_DIR is defined in other compile ways except msys and test_config.h is created by windows/msys/run_test.sh
* Ui64 is only created by microsoft by not support in windows and ULL is common used and general supported
* _int64 is only support by vc but __int64 can be support in win
 2019-10-28 01:14:47 -06:00
willson-chen eec2c48443 Define HAVE_SYS_STAT_H in msys 2019-10-28 03:09:49 -04:00
willson-chen c12ce7f474 windows: run_tests: avoid running fontconfig & xpm 2019-10-28 03:09:24 -04:00
willson-chen 6049895bf3 CMakeLists.txt: set cpack vendor and version dynamically 2019-10-26 22:36:51 -07:00
Mike Frysinger 820033c152 cmake: drop old CMP0017 policy 
Doesn't seem like it's really needed.  Newer versions of cmake will
warn when it's seen at least.  Lets drop it and see if anyone notices.
Fixes #525.
 2019-10-26 19:11:05 -04:00
willson-chen d19cf8354c CMakeLists.txt: Exclude libm dependency under win 
* CMakeLists.txt: Exclude libm dependency under win
* CMakeLists.txt: Move win32/m logic into cmake/modules/gd.cmake
 2019-10-26 16:06:26 -07:00
willson-chen 746ec81f07 Delete unused marcos #311 2019-10-22 20:52:25 -06:00
willson-chen 4d7b598863 windows/msys/run_tests.sh: skip fontconfig and xpm test cases 
libxpm and libfontconfig are unavaible in windows. So skip fontconfig and xpm test cases by excluding their test path
 2019-10-09 23:51:35 -07:00
willson-chen 84c49063f9 windows/msys/Mkefile: add gd formats option 
This fixes 'gd image support has been disabled' in test cases of operating gd image, like gd/gd_im2im.c.
 2019-10-09 23:50:51 -07:00
willson-chen 619e71501e Update msys readme 
Fixes #518.
 2019-10-09 23:49:20 -07:00
willson-chen 74f46e938b \b is not support in MacOS sed 2019-10-09 23:42:08 -07:00
willson-chen a5761b679f fix MacOS sed error when running bootstrap.sh 2019-10-09 23:42:08 -07:00
willson-chen 534ad0aa24 enable the mac os ci 2019-10-09 23:42:08 -07:00
willson-chen b2011428f5 fixed cmake failed with MinGW 
If BUILD_STATIC_LIBS is not On, cmake will failed for target ${GD_LIB_STATIC} doesn't exist.
 2019-09-29 12:56:39 -04:00
willson-chen ce38651a9f README.TESTING: Update source download url and bug report url 2019-09-28 05:36:21 -04:00
Lance Wang d507fbbd1f Add a test for issue libgd#501 CVE-2019-11038 
When using gdImageCreateFromXbm() it is possible to supply data that
will cause the function to use the value of uninitialized variable.
 2019-09-02 04:27:33 -04:00
Jonas Meurer e13a342c07 Fix #501: Uninitialized read in gdImageCreateFromXbm (CVE-2019-11038) 
Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2019-11038
Bug-Debian: https://bugs.debian.org/929821
Bug: https://github.com/libgd/libgd/issues/501

We have to ensure that `sscanf()` does indeed read a hex value here,
and bail out otherwise.

Original patch by Christoph M. Becker <cmbecker69@gmx.de> for PHP libgd ext.
https://git.php.net/?p=php-src.git;a=commit;h=ed6dee9a198c904ad5e03113e58a2d2c200f5184
 2019-09-02 04:25:39 -04:00
Lance Wang bbb46ab9a5 annotate: be consistent in error messages 2019-08-03 12:54:08 -04:00
Christoph M. Becker 55f3b360c0 Fix #499: gdImageGifAnimAddPtr: heap corruption with 2 identical images 
Whenever `gdImageGifAnimAddPtr()` calls `gdImageGifAnimAddCtx()` and
the latter fails, we must not call `gdDPExtractData()`; otherwise a
double-free would occur.  Since `gdImageGifAnimAddCtx` is a void
function, and we can't change that for BC reasons, we're introducing
a static helper which is used internally.
 2019-05-26 11:01:14 +02:00
Iman Hosseini 3ad4e65075 Fixed typo in the comments. 
Fixed typo "As will all ..." -> "As with all ..."
 2019-05-06 10:36:53 +02:00
Mike Frysinger e0cb1b76c3 cmake: update FindFreetype module 
This pulls some fixes from upstream cmake.
 2019-02-09 13:55:44 -05:00
Mike Frysinger eaa28204bd cmake: update FindPNG module #475 
This pulls in a minor change from upstream cmake to support libpng
versions 1.6.  Fixes #475.
 2019-02-09 13:32:39 -05:00
Andrew Burley e5502c7a3f tests: cmake: list appending instead of set( 
Consistent use of LIST(APPEND over SET(
 2019-02-09 13:17:25 -05:00
Andrew Burley 2d1c4ba01b tests: cmake: feature enable lists - building w/o libpng enabled failing again. #382 2019-02-09 13:17:25 -05:00
Mike Frysinger a91cb62f01 add stub ABI funcs when formats are disabled #345 
We do this for some funcs already, so add jpeg/png/tiff/liq/webp
stubs too.  This keeps our ABI stable and lets code do runtime
detection instead.
 2019-02-09 13:16:57 -05:00
Christoph M. Becker 553702980a Fix #492: Potential double-free in gdImage*Ptr() 
Whenever `gdImage*Ptr()` calls `gdImage*Ctx()` and the latter fails, we
must not call `gdDPExtractData()`; otherwise a double-free would
happen.  Since `gdImage*Ctx()` are void functions, and we can't change
that for BC reasons, we're introducing static helpers which are used
internally.

We're adding a regression test for `gdImageJpegPtr()`, but not for
`gdImageGifPtr()` and `gdImageWbmpPtr()` since we don't know how to
trigger failure of the respective `gdImage*Ctx()` calls.

This potential security issue has been reported by Solmaz Salimi (aka.
Rooney).
 2019-01-17 11:54:55 +01:00
Christoph M. Becker a414b9ba3e Remove trailing whitespace 2019-01-16 19:52:54 +01:00
Christoph M. Becker 21406b1a43 Fix #351: gdImageFilledArc() doesn't properly draw pies 
The fix for PHP bug 43828[1] changed the algorithm from drawing filled
pies from drawing multiple triangles to drawing a single polygon.  Due
to quirks of the filled polygon drawing algorithm, we had to filter out
extraneous vertices.  This lead, however, to a bug regarding displaced
starting and ending points near 90° and 270° degrees, which we fix by
reinserting these vertices if they had been removed.

[1] <https://bugs.php.net/bug.php?id=43828>
 2019-01-16 19:39:42 +01:00
Christoph M. Becker 0414bb2da0 Fix misleading variable type 
`m` and `n` are supposed to be plain integers, so we shouldn't declare
them as `gdFixed`.
 2019-01-10 23:26:09 +01:00
Romain DÉOUX d0859134fc Fix #450: Failed to open 1 bit per pixel bitmap 
For 1 bit per pixel bitmap images, when the width of the image match
some specific values (for instance, 10px), the image loading fails.
 2018-12-31 19:45:21 +01:00
Mike Frysinger e13956b6db
Merge pull request #484 from omron93/gdcache 
Don't dereference a null pointer when cache size is 1
 2018-11-26 13:28:28 -05:00