AcquireQuantumPixel() now respects the memory-map and max-memory-requ…

…est securit y policies
fheyer · Jan 13, 2018 · 8f50ef4 · 8f50ef4
1 parent fdde851
commit 8f50ef4
Show file tree

Hide file tree

Showing 18 changed files with 53 additions and 47 deletions.
diff --git a/ImageMagick.spec.in b/ImageMagick.spec.in
@@ -154,7 +154,6 @@ cp -p Magick++/demo/*.cpp Magick++/demo/*.miff Magick++/examples
         --with-xml \
         --with-perl-options="INSTALLDIRS=vendor %{?perl_prefix} CC='%__cc -L$PWD/MagickCore/.libs' LDDLFLAGS='-shared -L$PWD/MagickCore/.libs'" \
         --without-dps \
-        --without-heic \
         --without-gcc-arch \
         --with-jbig \
         --with-openjp2

diff --git a/MagickCore/quantum-private.h b/MagickCore/quantum-private.h
@@ -18,6 +18,7 @@
 #ifndef MAGICKCORE_QUANTUM_PRIVATE_H
 #define MAGICKCORE_QUANTUM_PRIVATE_H
 
+#include "MagickCore/memory_.h"
 #include "MagickCore/cache.h"
 
 #if defined(__cplusplus) || defined(c_plusplus)
@@ -66,7 +67,7 @@ struct _QuantumInfo
   size_t
     number_threads;
 
-  unsigned char
+  MemoryInfo
     **pixels;
 
   size_t

diff --git a/MagickCore/quantum.c b/MagickCore/quantum.c
@@ -162,25 +162,27 @@ static MagickBooleanType AcquireQuantumPixels(QuantumInfo *quantum_info,
   assert(quantum_info != (QuantumInfo *) NULL);
   assert(quantum_info->signature == MagickCoreSignature);
   quantum_info->number_threads=(size_t) GetMagickResourceLimit(ThreadResource);
-  quantum_info->pixels=(unsigned char **) AcquireQuantumMemory(
+  quantum_info->pixels=(MemoryInfo **) AcquireQuantumMemory(
     quantum_info->number_threads,sizeof(*quantum_info->pixels));
-  if (quantum_info->pixels == (unsigned char **) NULL)
+  if (quantum_info->pixels == (MemoryInfo **) NULL)
     return(MagickFalse);
   quantum_info->extent=extent;
   (void) ResetMagickMemory(quantum_info->pixels,0,quantum_info->number_threads*
     sizeof(*quantum_info->pixels));
   for (i=0; i < (ssize_t) quantum_info->number_threads; i++)
   {
-    quantum_info->pixels[i]=(unsigned char *) AcquireQuantumMemory(extent+1,
-      sizeof(**quantum_info->pixels));
-    if (quantum_info->pixels[i] == (unsigned char *) NULL)
+    unsigned char
+      *pixels;
+
+    quantum_info->pixels[i]=AcquireVirtualMemory(extent+1,sizeof(*pixels));
+    if (quantum_info->pixels[i] == (MemoryInfo *) NULL)
       {
         DestroyQuantumPixels(quantum_info);
         return(MagickFalse);
       }
-    (void) ResetMagickMemory(quantum_info->pixels[i],0,(extent+1)*
-      sizeof(**quantum_info->pixels));
-    quantum_info->pixels[i][extent]=QuantumSignature;
+    pixels=(unsigned char *)  GetVirtualMemoryBlob(quantum_info->pixels[i]);
+    (void) ResetMagickMemory(pixels,0,(extent+1)*sizeof(*pixels));
+    pixels[extent]=QuantumSignature;
   }
   return(MagickTrue);
 }
@@ -212,7 +214,7 @@ MagickExport QuantumInfo *DestroyQuantumInfo(QuantumInfo *quantum_info)
 {
   assert(quantum_info != (QuantumInfo *) NULL);
   assert(quantum_info->signature == MagickCoreSignature);
-  if (quantum_info->pixels != (unsigned char **) NULL)
+  if (quantum_info->pixels != (MemoryInfo **) NULL)
     DestroyQuantumPixels(quantum_info);
   if (quantum_info->semaphore != (SemaphoreInfo *) NULL)
     RelinquishSemaphoreInfo(&quantum_info->semaphore);
@@ -253,19 +255,23 @@ static void DestroyQuantumPixels(QuantumInfo *quantum_info)
 
   assert(quantum_info != (QuantumInfo *) NULL);
   assert(quantum_info->signature == MagickCoreSignature);
-  assert(quantum_info->pixels != (unsigned char **) NULL);
+  assert(quantum_info->pixels != (MemoryInfo **) NULL);
   extent=(ssize_t) quantum_info->extent;
   for (i=0; i < (ssize_t) quantum_info->number_threads; i++)
-    if (quantum_info->pixels[i] != (unsigned char *) NULL)
+    if (quantum_info->pixels[i] != (MemoryInfo *) NULL)
       {
+        unsigned char
+          *pixels;
+
         /*
           Did we overrun our quantum buffer?
         */
-        assert(quantum_info->pixels[i][extent] == QuantumSignature);
-        quantum_info->pixels[i]=(unsigned char *) RelinquishMagickMemory(
+        pixels=(unsigned char *) GetVirtualMemoryBlob(quantum_info->pixels[i]);
+        assert(pixels[extent] == QuantumSignature);
+        quantum_info->pixels[i]=RelinquishVirtualMemory(
           quantum_info->pixels[i]);
       }
-  quantum_info->pixels=(unsigned char **) RelinquishMagickMemory(
+  quantum_info->pixels=(MemoryInfo **) RelinquishMagickMemory(
     quantum_info->pixels);
 }
 
@@ -487,7 +493,7 @@ MagickExport unsigned char *GetQuantumPixels(const QuantumInfo *quantum_info)
 
   assert(quantum_info != (QuantumInfo *) NULL);
   assert(quantum_info->signature == MagickCoreSignature);
-  return(quantum_info->pixels[id]);
+  return((unsigned char *) GetVirtualMemoryBlob(quantum_info->pixels[id]));
 }
 
 /*
@@ -680,7 +686,7 @@ MagickExport MagickBooleanType SetQuantumDepth(const Image *image,
         else
           quantum_info->depth=16;
     }
-  if (quantum_info->pixels != (unsigned char **) NULL)
+  if (quantum_info->pixels != (MemoryInfo **) NULL)
     DestroyQuantumPixels(quantum_info);
   quantum=(quantum_info->pad+MaxPixelChannels)*(quantum_info->depth+7)/8;
   extent=MagickMax(image->columns,image->rows)*quantum;

diff --git a/PerlMagick/quantum/quantum.pm b/PerlMagick/quantum/quantum.pm
@@ -122,7 +122,7 @@ It was originally developed to be used by CGI scripts for Web pages.
 
 A web page has been set up for this extension. See:
 
-	 file:///usr/local/share/doc/ImageMagick-7/www/perl-magick.html
+	 file:///ImageMagick-7.0.7/share/doc/ImageMagick-7/www/perl-magick.html
 	 http://www.imagemagick.org/script/perl-magick.php
 
 If you have problems, go to

diff --git a/utilities/ImageMagick.1 b/utilities/ImageMagick.1
@@ -86,9 +86,9 @@ saves any visible window on an X server and outputs it as an image file. You can
 
 interprets and executes scripts written in the Magick Scripting Language (MSL).
 .PP
-For more information about the ImageMagick, point your browser to file:///usr/local/share/doc/ImageMagick-7/index.html or http://www.imagemagick.org/.
+For more information about the ImageMagick, point your browser to file:///ImageMagick-7.0.7/share/doc/ImageMagick-7/index.html or http://www.imagemagick.org/.
 .SH SEE ALSO
 convert(1), identify(1), composite(1), montage(1), compare(1), display(1), animate(1), import(1), conjure(1), quantize(5), miff(4)
 
 .SH COPYRIGHT
-\fBCopyright (C) 1999-2018 ImageMagick Studio LLC. Additional copyrights and licenses apply to this software, see file:///usr/local/share/doc/ImageMagick-7/www/license.html or http://www.imagemagick.org/script/license.php\fP
+\fBCopyright (C) 1999-2018 ImageMagick Studio LLC. Additional copyrights and licenses apply to this software, see file:///ImageMagick-7.0.7/share/doc/ImageMagick-7/www/license.html or http://www.imagemagick.org/script/license.php\fP
diff --git a/utilities/animate.1 b/utilities/animate.1
@@ -7,7 +7,7 @@ animate \- animates an image or image sequence on any X server.
 .SH OVERVIEW
 The \fBanimate\fP program is a member of the ImageMagick(1) suite of tools.  Use it to animate an image or image sequence on any X server.
 
-For more information about the animate command, point your browser to file:///usr/local/share/doc/ImageMagick-7/www/animate.html or http://www.imagemagick.org/script/animate.php.
+For more information about the animate command, point your browser to file:///ImageMagick-7.0.7/share/doc/ImageMagick-7/www/animate.html or http://www.imagemagick.org/script/animate.php.
 .SH DESCRIPTION
 Image Settings:
   \-alpha option        on, activate, off, deactivate, set, opaque, copy
@@ -98,4 +98,4 @@ ImageMagick(1)
 
 .SH COPYRIGHT
 
-\fBCopyright (C) 1999-2018 ImageMagick Studio LLC. Additional copyrights and licenses apply to this software, see file:///usr/local/share/doc/ImageMagick-7/www/license.html or http://www.imagemagick.org/script/license.php\fP
+\fBCopyright (C) 1999-2018 ImageMagick Studio LLC. Additional copyrights and licenses apply to this software, see file:///ImageMagick-7.0.7/share/doc/ImageMagick-7/www/license.html or http://www.imagemagick.org/script/license.php\fP
diff --git a/utilities/compare.1 b/utilities/compare.1
@@ -7,7 +7,7 @@ compare \- mathematically and visually annotate the difference between an image
 .SH OVERVIEW
 The \fBcompare\fP program is a member of the ImageMagick(1) suite of tools.  Use it to mathematically and visually annotate the difference between an image and its reconstruction.
 
-For more information about the compare command, point your browser to file:///usr/local/share/doc/ImageMagick-7/www/compare.html or http://www.imagemagick.org/script/compare.php.
+For more information about the compare command, point your browser to file:///ImageMagick-7.0.7/share/doc/ImageMagick-7/www/compare.html or http://www.imagemagick.org/script/compare.php.
 .SH DESCRIPTION
 Image Settings:
   \-alpha option        on, activate, off, deactivate, set, opaque, copy
@@ -104,4 +104,4 @@ ImageMagick(1)
 
 .SH COPYRIGHT
 
-\fBCopyright (C) 1999-2018 ImageMagick Studio LLC. Additional copyrights and licenses apply to this software, see file:///usr/local/share/doc/ImageMagick-7/www/license.html or http://www.imagemagick.org/script/license.php\fP
+\fBCopyright (C) 1999-2018 ImageMagick Studio LLC. Additional copyrights and licenses apply to this software, see file:///ImageMagick-7.0.7/share/doc/ImageMagick-7/www/license.html or http://www.imagemagick.org/script/license.php\fP
diff --git a/utilities/composite.1 b/utilities/composite.1
@@ -7,7 +7,7 @@ composite \-  overlaps one image over another.
 .SH OVERVIEW
 The \fBcomposite\fP program is a member of the ImageMagick(1) suite of tools.  Use it to overlap one image over another.
 
-For more information about the composite command, point your browser to file:///usr/local/share/doc/ImageMagick-7/www/composite.html or http://www.imagemagick.org/script/composite.php.
+For more information about the composite command, point your browser to file:///ImageMagick-7.0.7/share/doc/ImageMagick-7/www/composite.html or http://www.imagemagick.org/script/composite.php.
 .SH DESCRIPTION
 Image Settings:
   \-affine matrix       affine transform matrix
@@ -113,4 +113,4 @@ ImageMagick(1)
 
 .SH COPYRIGHT
 
-\fBCopyright (C) 1999-2018 ImageMagick Studio LLC. Additional copyrights and licenses apply to this software, see file:///usr/local/share/doc/ImageMagick-7/www/license.html or http://www.imagemagick.org/script/license.php\fP
+\fBCopyright (C) 1999-2018 ImageMagick Studio LLC. Additional copyrights and licenses apply to this software, see file:///ImageMagick-7.0.7/share/doc/ImageMagick-7/www/license.html or http://www.imagemagick.org/script/license.php\fP
diff --git a/utilities/conjure.1 b/utilities/conjure.1
@@ -7,7 +7,7 @@ conjure \- interprets and executes scripts written in the Magick Scripting Langu
 .SH OVERVIEW
 The \fBconjure\fP program is a member of the ImageMagick(1) suite of tools.  Use it to process a Magick Scripting Language (MSL) script. The Magick scripting language (MSL) will primarily benefit those that want to accomplish custom image processing tasks but do not wish to program, or those that do not have access to a Perl interpreter or a compiler.
 
-For more information about the conjure command, point your browser to file:///usr/local/share/doc/ImageMagick-7/www/conjure.html or http://www.imagemagick.org/script/conjure.php.
+For more information about the conjure command, point your browser to file:///ImageMagick-7.0.7/share/doc/ImageMagick-7/www/conjure.html or http://www.imagemagick.org/script/conjure.php.
 .SH DESCRIPTION
 Image Settings:
   \-monitor             monitor progress
@@ -31,4 +31,4 @@ ImageMagick(1)
 
 .SH COPYRIGHT
 
-\fBCopyright (C) 1999-2018 ImageMagick Studio LLC. Additional copyrights and licenses apply to this software, see file:///usr/local/share/doc/ImageMagick-7/www/license.html or http://www.imagemagick.org/script/license.php\fP
+\fBCopyright (C) 1999-2018 ImageMagick Studio LLC. Additional copyrights and licenses apply to this software, see file:///ImageMagick-7.0.7/share/doc/ImageMagick-7/www/license.html or http://www.imagemagick.org/script/license.php\fP
diff --git a/utilities/convert.1 b/utilities/convert.1
@@ -7,7 +7,7 @@ convert \- convert between image formats as well as resize an image, blur, crop,
 .SH OVERVIEW
 The \fBconvert\fP program is a member of the ImageMagick(1) suite of tools.  Use it to convert between image formats as well as resize an image, blur, crop, despeckle, dither, draw on, flip, join, re-sample, and much more.  
 
-For more information about the convert command, point your browser to file:///usr/local/share/doc/ImageMagick-7/www/convert.html or http://www.imagemagick.org/script/convert.php.
+For more information about the convert command, point your browser to file:///ImageMagick-7.0.7/share/doc/ImageMagick-7/www/convert.html or http://www.imagemagick.org/script/convert.php.
 .SH DESCRIPTION
 Image Settings:
   \-adjoin              join images into a single multi-image file
@@ -323,4 +323,4 @@ By default, the image format of `file' is determined by its magic number.  To sp
 ImageMagick(1)
 
 .SH COPYRIGHT
-\fBCopyright (C) 1999-2018 ImageMagick Studio LLC. Additional copyrights and licenses apply to this software, see file:///usr/local/share/doc/ImageMagick-7/www/license.html or http://www.imagemagick.org/script/license.php\fP
+\fBCopyright (C) 1999-2018 ImageMagick Studio LLC. Additional copyrights and licenses apply to this software, see file:///ImageMagick-7.0.7/share/doc/ImageMagick-7/www/license.html or http://www.imagemagick.org/script/license.php\fP
diff --git a/utilities/display.1 b/utilities/display.1
@@ -7,7 +7,7 @@ display \- displays an image or image sequence on any X server.
 .SH OVERVIEW
 The \fBdisplay\fP program is a member of the ImageMagick(1) suite of tools.  Use it to display an image or image sequence on any X server.
 
-For more information about the display command, point your browser to file:///usr/local/share/doc/ImageMagick-7/www/display.html or http://www.imagemagick.org/script/display.php.
+For more information about the display command, point your browser to file:///ImageMagick-7.0.7/share/doc/ImageMagick-7/www/display.html or http://www.imagemagick.org/script/display.php.
 .SH DESCRIPTION
 Image Settings:
   \-alpha option        on, activate, off, deactivate, set, opaque, copy
@@ -136,4 +136,4 @@ ImageMagick(1)
 
 .SH COPYRIGHT
 
-\fBCopyright (C) 1999-2018 ImageMagick Studio LLC. Additional copyrights and licenses apply to this software, see file:///usr/local/share/doc/ImageMagick-7/www/license.html or http://www.imagemagick.org/script/license.php\fP
+\fBCopyright (C) 1999-2018 ImageMagick Studio LLC. Additional copyrights and licenses apply to this software, see file:///ImageMagick-7.0.7/share/doc/ImageMagick-7/www/license.html or http://www.imagemagick.org/script/license.php\fP
diff --git a/utilities/identify.1 b/utilities/identify.1
@@ -7,7 +7,7 @@ identify \- describes the format and characteristics of one or more image files.
 .SH OVERVIEW
 The \fBidentify\fP program is a member of the ImageMagick(1) suite of tools.  It describes the format and characteristics of one or more image files. It also reports if an image is incomplete or corrupt. The information returned includes the image number, the file name, the width and height of the image, whether the image is colormapped or not, the number of colors in the image (by default off use \fI-define unique=true\fP option), the number of bytes in the image, the format of the image (JPEG, PNM, etc.), and finally the number of seconds it took to read and process the image. Many more attributes are available with the verbose option.
 
-For more information about the identify command, point your browser to file:///usr/local/share/doc/ImageMagick-7/www/identify.html or http://www.imagemagick.org/script/identify.php.
+For more information about the identify command, point your browser to file:///ImageMagick-7.0.7/share/doc/ImageMagick-7/www/identify.html or http://www.imagemagick.org/script/identify.php.
 .SH DESCRIPTION
 Image Settings:
   \-alpha option        on, activate, off, deactivate, set, opaque, copy
@@ -76,4 +76,4 @@ ImageMagick(1)
 
 .SH COPYRIGHT
 
-\fBCopyright (C) 1999-2018 ImageMagick Studio LLC. Additional copyrights and licenses apply to this software, see file:///usr/local/share/doc/ImageMagick-7/www/license.html or http://www.imagemagick.org/script/license.php\fP
+\fBCopyright (C) 1999-2018 ImageMagick Studio LLC. Additional copyrights and licenses apply to this software, see file:///ImageMagick-7.0.7/share/doc/ImageMagick-7/www/license.html or http://www.imagemagick.org/script/license.php\fP
diff --git a/utilities/import.1 b/utilities/import.1
@@ -7,7 +7,7 @@ import \- saves any visible window on an X server and outputs it as an image fil
 .SH OVERVIEW
 The \fBimport\fP program is a member of the ImageMagick(1) suite of tools.  Use it to capture some or all of an X server screen and save the image to a file.
 
-For more information about the import command, point your browser to file:///usr/local/share/doc/ImageMagick-7/www/import.html or http://www.imagemagick.org/script/import.php.
+For more information about the import command, point your browser to file:///ImageMagick-7.0.7/share/doc/ImageMagick-7/www/import.html or http://www.imagemagick.org/script/import.php.
 .SH DESCRIPTION
 Image Settings:
   \-adjoin              join images into a single multi-image file
@@ -97,4 +97,4 @@ ImageMagick(1)
 
 .SH COPYRIGHT
 
-\fBCopyright (C) 1999-2018 ImageMagick Studio LLC. Additional copyrights and licenses apply to this software, see file:///usr/local/share/doc/ImageMagick-7/www/license.html or http://www.imagemagick.org/script/license.php\fP
+\fBCopyright (C) 1999-2018 ImageMagick Studio LLC. Additional copyrights and licenses apply to this software, see file:///ImageMagick-7.0.7/share/doc/ImageMagick-7/www/license.html or http://www.imagemagick.org/script/license.php\fP
diff --git a/utilities/magick-script.1 b/utilities/magick-script.1
@@ -10,7 +10,7 @@ The \fBmagick-script\fP program is a member of the ImageMagick(1) suite of tools
     #!/bin/env magick-script
     -size 100x100 xc:red ( rose: -rotate -90 ) +append  -write show:
 
-For more information about the magick-script command, point your browser to file:///usr/local/share/doc/ImageMagick-7/www/magick-script.html or http://www.imagemagick.org/script/magick-script.php.
+For more information about the magick-script command, point your browser to file:///ImageMagick-7.0.7/share/doc/ImageMagick-7/www/magick-script.html or http://www.imagemagick.org/script/magick-script.php.
 .SH DESCRIPTION
 Image Settings:
   \-adjoin              join images into a single multi-image file
@@ -280,4 +280,4 @@ By default, the image format of `file' is determined by its magic number.  To sp
 ImageMagick(1)
 
 .SH COPYRIGHT
-\fBCopyright (C) 1999-2018 ImageMagick Studio LLC. Additional copyrights and licenses apply to this software, see file:///usr/local/share/doc/ImageMagick-7/www/license.html or http://www.imagemagick.org/script/license.php\fP
+\fBCopyright (C) 1999-2018 ImageMagick Studio LLC. Additional copyrights and licenses apply to this software, see file:///ImageMagick-7.0.7/share/doc/ImageMagick-7/www/license.html or http://www.imagemagick.org/script/license.php\fP
diff --git a/utilities/magick.1 b/utilities/magick.1
@@ -7,7 +7,7 @@ magick \- convert between image formats as well as resize an image, blur, crop,
 .SH OVERVIEW
 The \fBmagickscript\fP program is a member of the ImageMagick(1) suite of tools.  Use it to convert between image formats as well as resize an image, blur, crop, despeckle, dither, draw on, flip, join, re-sample, and much more.  
 
-For more information about the magick command, point your browser to file:///usr/local/share/doc/ImageMagick-7/www/magick.html or http://www.imagemagick.org/script/magick.php.
+For more information about the magick command, point your browser to file:///ImageMagick-7.0.7/share/doc/ImageMagick-7/www/magick.html or http://www.imagemagick.org/script/magick.php.
 .SH DESCRIPTION
 Image Settings:
   \-adjoin              join images into a single multi-image file
@@ -277,4 +277,4 @@ By default, the image format of `file' is determined by its magic number.  To sp
 ImageMagick(1)
 
 .SH COPYRIGHT
-\fBCopyright (C) 1999-2018 ImageMagick Studio LLC. Additional copyrights and licenses apply to this software, see file:///usr/local/share/doc/ImageMagick-7/www/license.html or http://www.imagemagick.org/script/license.php\fP
+\fBCopyright (C) 1999-2018 ImageMagick Studio LLC. Additional copyrights and licenses apply to this software, see file:///ImageMagick-7.0.7/share/doc/ImageMagick-7/www/license.html or http://www.imagemagick.org/script/license.php\fP