Discussion:
[GM-bugs] Fwd: Corrupt image when identify gif image
莫红波
2015-10-09 05:04:01 UTC
Permalink
The command:

gm identify test.gif

The output in terminal:

gm identify: Corrupt image (test.gif)

However, Imagemagicks does well.

So, I gdb GM and IM and then I found the difference.

In GM.1.3.22 coders/gif.c:

1011 if (opacity >= (long) image->colors)
1012 image->colors=opacity+1;

In IM:

1259 if (opacity >= (ssize_t) image->colors)
1260 opacity=(-1);

------

This difference will cause mistakes when allocating local colormaps.
Moreover I scaned spec-gif89a.txt
<http://www.w3.org/Graphics/GIF/spec-gif89a.txt> and didn't find anything
about this. So I'm not sure whether it's a bug.


image URL: Loading Image...
莫红波
2015-11-20 03:42:57 UTC
Permalink
I find that some GIFs set an invalid value as transparent index such as
image->colors+1.

However,

/*
Read local colormap.
*/
colormap=MagickAllocateMemory(unsigned char *,3*image->colors);
if (colormap == (unsigned char *) NULL)
{
MagickFreeMemory(global_colormap);
ThrowReaderException(ResourceLimitError,MemoryAllocationFailed,
image);
}
if (ReadBlob(image,3*image->colors,(char *) colormap) !=
3*image->colors) // <------- BUG
{
MagickFreeMemory(global_colormap);
MagickFreeMemory(colormap);
ThrowReaderException(CorruptImageError,InsufficientImageDataInFile,image);
}

​
莫红波
2015-11-20 04:31:55 UTC
Permalink
I find that some GIFs set an invalid value as transparent index such as
image->colors+1.

However,
```
/*
Read local colormap.
*/
colormap=MagickAllocateMemory(unsigned char *,3*image->colors);
if (colormap == (unsigned char *) NULL)
{
MagickFreeMemory(global_colormap);
ThrowReaderException(ResourceLimitError,MemoryAllocationFailed,
image);
}
if (ReadBlob(image,3*image->colors,(char *) colormap) !=
3*image->colors) // <------- BUG
{
MagickFreeMemory(global_colormap);
MagickFreeMemory(colormap);

ThrowReaderException(CorruptImageError,InsufficientImageDataInFile,image);
}
```
Post by 莫红波
gm identify test.gif
gm identify: Corrupt image (test.gif)
However, Imagemagicks does well.
So, I gdb GM and IM and then I found the difference.
1011 if (opacity >= (long) image->colors)
1012 image->colors=opacity+1;
1259 if (opacity >= (ssize_t) image->colors)
1260 opacity=(-1);
------
This difference will cause mistakes when allocating local colormaps.
Moreover I scaned spec-gif89a.txt
<http://www.w3.org/Graphics/GIF/spec-gif89a.txt> and didn't find anything
about this. So I'm not sure whether it's a bug.
image URL: http://bigfile.b0.upaiyun.com/test.gif
Bob Friesenhahn
2015-11-21 16:29:33 UTC
Permalink
I find that some GIFs set an invalid value as transparent index such as image->colors+1.
Sorry for not being responsive on this issue. I do plan to
investigate it thoroughly and apply the suggested fix if it proves to
be correct.

Please make sure that there is a record opened in the official
GraphicsMagick bug-tracker on SourceForge so that it does not get
forgotten. Make sure to wrap up any uploaded GIF in a zip file (or
gzip it) to make sure that SourceForge does not re-write the file for
the Web site.

Bob
--
Bob Friesenhahn
***@simple.dallas.tx.us, http://www.simplesystems.org/users/bfriesen/
GraphicsMagick Maintainer, http://www.GraphicsMagick.org/
Loading...