[Pkg-gmagick-im-team] Bug#671002: convert segfaults on jpegs
Matthew Somerville
matthew at mysociety.org
Tue May 1 16:44:32 UTC 2012
We are having this issue too, and it has caused our live site to go down once (due to segfaulting on perfectly respectable JPEGs, quite ironic given this patch was meant to prevent DoS due to malicious JPEGs :-) ).
After some investigation, the issue appears to be in the code applied by patch 0002-Fix-security-holes-JPEG-EXIF-TIFF.patch - the following two lines in coders/jpeg.c:
+ if (jpeg_info->err->num_warnings++ > 1000) /* 1000 = JPEGEcessiveWarnings */
+ JPEGErrorHandler(jpeg_info);
are not placed where the patch on http://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=20629 implies they should be (ie. directly above the if statement within the level<0 if statement). Moving these two lines down the few lines to that location and recompiling stops the segfaulting on the JPEGs previously causing the issue.
I don't know enough about the ImageMagick source code to know if that is entirely the solution, but I hope is helpful in diagnosing this problem.
ATB,
Matthew
More information about the Pkg-gmagick-im-team
mailing list