rmagick 7.0.2 → 7.0.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +6 -0
  3. data/ext/RMagick/rmimage.cpp +3 -0
  4. data/ext/RMagick/rmutil.cpp +1 -5
  5. data/lib/rmagick/version.rb +1 -1
  6. metadata +1 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: '08ddd337d97e120559c7795dd051433b1453f7c420777083bf0ba29c094659b2'
4
- data.tar.gz: 06e68a270014d1a93bc4873723e82f2a83144086d33c3329ff583ea357694af4
3
+ metadata.gz: 32acca4c4c8093c4473e8ed5347b925e688b1674082a8b11731508da616ca859
4
+ data.tar.gz: 184b70abce972992538f018162aa2a31e31e4d5ca864f945fa829de22a788501
5
5
  SHA512:
6
- metadata.gz: 8b21f2dacdd58215e7fdfe7cce5c057280c8450d77fdab2b5e6bf48b2d5ba4995309b54054db4e06537ea6bc496b9e4126a2fe2462704caeaeec3be520ce94f5
7
- data.tar.gz: 46e1f9816246476793cdf5f71c33abb794212a0d1935dcf81ec6a83aeb1a3668a6248cf1d7d8ad8993a758c3e129835f2cd8a4f5f5d2c0a695328a271869db29
6
+ metadata.gz: 0d100afa5ed1091828e68066199393d0a5fd472aa635b6edabc37a4d916a1efe0e8c44f65567cdcda099996d1d30aece01120715ba1dabdb040497c9f595e207
7
+ data.tar.gz: 850e978981ebca5d4c63c59b2f577f4c9138eb48cab4402a59f78a54e95cfaac56b9806d690e025bae5502235e713d0b53c72645dac1bbcc855e43b5b05fc042
data/CHANGELOG.md CHANGED
@@ -3,6 +3,12 @@
3
3
  All notable changes to this project are documented in this file.
4
4
  This project adheres to [Semantic Versioning](http://semver.org/).
5
5
 
6
+ ## RMagick 7.0.3
7
+
8
+ Bug Fixes
9
+
10
+ * Fix potential stack buffer overflows in format_exception and add_format_prefix (#1796)
11
+
6
12
  ## RMagick 7.0.2
7
13
 
8
14
  Bug Fixes
data/ext/RMagick/rmimage.cpp CHANGED
@@ -15833,6 +15833,9 @@ void add_format_prefix(Info *info, VALUE file)
15833
15833
  {
15834
15834
  memset(magic, '\0', sizeof(magic));
15835
15835
  magic_l = p - filename;
15836
+ if (magic_l >= sizeof(magic)) {
15837
+ magic_l = sizeof(magic) - 1;
15838
+ }
15836
15839
  memcpy(magic, filename, magic_l);
15837
15840
 
15838
15841
  exception = AcquireExceptionInfo();
data/ext/RMagick/rmutil.cpp CHANGED
@@ -1574,15 +1574,11 @@ rm_check_image_exception(Image *imglist, ErrorRetention retention)
1574
1574
  static void
1575
1575
  format_exception(const ExceptionType severity, const char *reason, const char *description, char *msg)
1576
1576
  {
1577
- int len;
1578
1577
  memset(msg, 0, ERROR_MSG_SIZE);
1579
-
1580
- len = snprintf(msg, ERROR_MSG_SIZE, "%s%s%s",
1578
+ snprintf(msg, ERROR_MSG_SIZE, "%s%s%s",
1581
1579
  GetLocaleExceptionMessage(severity, reason),
1582
1580
  description ? ": " : "",
1583
1581
  description ? GetLocaleExceptionMessage(severity, description) : "");
1584
-
1585
- msg[len] = '\0';
1586
1582
  }
1587
1583
 
1588
1584
 
data/lib/rmagick/version.rb CHANGED
@@ -1,7 +1,7 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Magick
4
- VERSION = '7.0.2'
4
+ VERSION = '7.0.3'
5
5
  MIN_RUBY_VERSION = '3.2.0'
6
6
  MIN_IM6_VERSION = '6.9.0'
7
7
  MIN_IM7_VERSION = '7.1.0'
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rmagick
3
3
  version: !ruby/object:Gem::Version
4
- version: 7.0.2
4
+ version: 7.0.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - Tim Hunter