Leading to Heap Corruption
An integer overflow vulnerability has been identified in the PSP
(Paint Shop Pro) file parser of GIMP. The issue occurs in the
read_creator_block() function, where the Creator metadata block is
processed. Specifically, a 32-bit length value read from the file is
used directly for memory allocation without proper validation.
Trigger -> when length is set to 0xFFFFFFFF
To fix this, we check that using that length doesn't exceed the end
of the creator block. If it does, we return with an error message.
We use a GimpCellRenderToggle for the Fx icon
in the layer and channel docks. If you hover over it
when there's no filter, a square "checkbox" will appear
and give the impression you can click on it, even though
you currently can not.
This patch connects the "visible" property of the toggle to
the number of filters attached to the drawable, similar to
what we did for "active". This prevents the checkbox from
appearing, and will hopefully reduce user confusion.
...for dark mode.
The Navigation and Selection Editor
docks use GIMP_ICON_TEXTURE as their
default background when there's no
active image. On dark mode, this creates
large bright areas in the UI.
This patch removes the calls to
gimp_view_renderer_set_background ()
for these docks so the theme background
is used instead.
By using a pre-made .DS_Store file, this bypasses Apple Script
restrictions which made impossible to set custom background on CI.
We don't have rights to tweak com.apple.TCC like gimp-macos-build.
.DS_Store is a binary file, but it is tiny and rarely updated,
which follows the precedent of build/windows/store/*.pfx.
Our ICNS importer did not verify that the ICNS resource
data size was defined as larger than 0. Therefore, it
was possible to create a malicious file that would infinitely
load since the file cursor would not advance. This patch
adds a check for the icon size being 0, and stops the loop
if this is encountered.
Additionally, there is no header defined limit for the number of
icons in an ICNS file. This patch switches from using a hardcoded
256 icon limit to using GLists to dynamically add icons as we read
them in.
We started to get this error on CI:
> Windows PowerShell is in NonInteractive mode. Read and Prompt functionality is not available.
So, for simple requests, let's use the Invoke-RestMethod cmdlet.
For download requests, let's use Invoke-WebRequest -UseBasicParsing
Following 2ce3c604 (for Windows) and d56676a2 (for Linux)
To make this possible the generate_mime_ext.py internals were
changed to construct a dictionary instead of a list like before,
because macOS supports both extension and mimetype (and also UTI).
This patch adds to the code that updates
text layers when colors are drag and dropped
on them. It now also allows color and
pattern drag and drops to update the fill
of vector layers.
Link layers are also protected so they won't
be destructively changed unless
rasterized.
We can't rely on python3 from shebang or python3 from .interp since
the found python by Meson can be python3.XX on MacPorts and Homebrew,
even with the PATH environment variable properly set.
Also, explains better the purpose of python 3 on relocatable builds.
This patch prevents the following CRITICAL:
gimp_rasterizable_restore: assertion
'gimp_rasterizable_is_rasterized (rasterizable)' failed
It is possible to call gimp_text_layer_set () on a text layer
that is not rasterized. Since gimp_rasterizable_restore ()
is always run even when we don't need to restore the layer
to non-rasterized format, it threw a CRITICAL. This patch
adds a check for gimp_rasterizable_is_rasterized (), similar
to earlier in this same function, to prevent the call on
non-rasterized layers.
Just like we did in commit 4eb106f2bf
we need to make sure that the offset in the colormap is valid before
using it, before using it to compute the RGB values.
Resolves#15684
In addition to setting the tcp_distoratio parameter to
the user's preferred quality, we also needed to enable
the cp_fixed_quality setting in OpenJPEG to actually
compress JPEG2000 images with different quality values.
Additionally, OpenJPEG expects the quality value to range
from 1.0 to 100.0, while we had it as 0.0 to 1.0. This patch
fixes both issues.
When calling `gimp_link_layer_new` from a plug-in, a critical was
shown:
LibGimp-CRITICAL **: 13:01:54.601: gimp_gp_param_to_value: type name
GimpLinkLayer is not registered
I noticed that its type was not initialized in libgimp/gimp.c.
This commit adds that initialization.
Some dropshadow offsets were incorrect when loading PSD's.
Photoshop has a global lighting angle that can override the angle
set for a dropshadow and we did not account for that.
This also showed that our computation of the X and Y values needed
to be adjusted.
Besides that I noticed a weird offset with angle values > 0xFF00 that
happened because we interpreted angle as unsigned when it should be
signed.
This adds support for loading the Global Lighting Angle, and using
that value in the legacy dropshadow effect.
We read the angle by using GUINT16_TO_BE because it's a signed int;
that also removes the need to check for 0xFF00.
Next we adjust the way we compute X and Y.
As pointed out by Dhiraj, it is possible to set width and
height values in the ICO header that will overflow a 32 bit
integer when loaded in. This patch adds checks using
g_size_check_mul () and g_try_new () to catch these
overflows and prevent them from crashing the plug-in.
Following e2d1ec73
This is not needed on Homebrew packages but seems that some
packages from MacPorts are built with debug symbols, but we
never have access to the .o (since they were in the servers).
