[Pkg-gmagick-im-team] Bug#1004529: imagemagick-6.q16: convert foo.png foo.eps security violation leaves empty foo.eps

Barak A. Pearlmutter barak at cs.nuim.ie
Sat Jan 29 22:34:21 GMT 2022

Package: imagemagick-6.q16
Version: 8:
Severity: normal

When "convert foo.png foo.eps" gets a security error, it leaves an empty

/usr/bin/convert should not generate incorrect output files.  If the
output cannot be correctly generated, the output file should be removed.

The current behaviour is a problem when convert is used in a Makefile,
where the first run of "make" generates an error but also an empty
output file, then a second run of "make" treats that empty output file
as correct and continues later stages of the build.


$ ls -l stroke-signs-1.eps
ls: cannot access 'stroke-signs-1.eps': No such file or directory

$ convert stroke-signs-1.png stroke-signs-1.eps
convert-im6.q16: attempt to perform an operation not allowed by the security policy `EPS' @ error/constitute.c/IsCoderAuthorized/421.

$ ls -l stroke-signs-1.eps
-rw-rw-r-- 1 barak barak 0 Jan 14 22:36 stroke-signs-1.eps

More information about the Pkg-gmagick-im-team mailing list