Special Issues:
It has been discovered that the 'ICU' library (a perhaps 30MB C++ library) which is now often a libxml2 dependendency causes huge process initialization overhead. This is noticed as unexpected slowness when GraphicsMagick utilities are used to process small to medium sized files. The time to initialize is often longer than the time to read the input file, process the image, and write the output file. If the 'ICU' dependency can not be avoided, then make sure to use the modules build. Please lobby the 'ICU' library developers to change their implementation to avoid long start-up times due to merely linking with the library.
Security Fixes:
GraphicsMagick is now participating in Google's oss-fuzz project due to the contributions and assistance of Alex Gaynor. Since February 4 2018, 343 issues have been opened by oss-fuzz and 331 of those issues have been resolved. The issues list is available at
https://bugs.chromium.org/p/oss-fuzz/issues/list under search term "graphicsmagick". Issues are available for anyone to view and duplicate if they have been in "Verified" status for 30 days, or if they have been in "New" status for 90 days. There are too many fixes to list here. Please consult the GraphicsMagick ChangeLog file, Mercurial repository commit log, and the oss-fuzz issues list for details.
BMP reader: Fix heap overflow in 32-bit build due to arithmetic overflow. Only happens if limits are changed from defaults.
BMP reader/writer: Improve buffer-size calculations to guard against buffer overflows.
DIB reader: Reject files which claim more than 8-bits per pixel but also claim to be colormapped.
DIB reader/writer: Improve buffer-size calculations to guard against buffer overflows.
MIFF reader: Detect end of file while reading RLE packets.
MIFF reader: Fix heap overflow (for some files using RLE compression) caused by a typo in the code.
MAT writer: Added missing error handling to avoid heap overflow.
MNG reader: Fixed a small heap buffer overflow.
SVG reader: Fixed a stack buffer overflow.
TGA writer: Fix heap overflow when image rows/columns are larger than 65535.
TIFF reader: Rationalize tile width/height to reject large tile sizes which are much larger than the image dimensions.
TIFF reader: Apply memory resource limits to strip and tile allocations.
WMF reader: Fixed a division by zero problem.
XWD reader: Many heap buffer overflows and uses of uninitialized data were fixed.
Pixel cache: Now apply resource limits to pixel nexus allocations using the same limits (total pixels, width, height, memory) as applied to the whole image since some requests are directly influenced by the input file. More tests are added for arithmetic overflow. Care was taken to minimize performance impact due to the many extra checks.
Bug fixes:
See above note about oss-fuzz fixes.
Fixed include order of magick/api.h vs wand/wand_symbols.h.
WriteImage(): Eliminate use of just-freed memory in clone_info->magick when throwing exception due to no support for format.
Magick++/lib/Magick++/Drawable.h: Fix use of clang diagnostic syntax.
DIB: Preserve PseudoClass opaque representation if ICO mask is opaque.
JPEG reader: Restore ability to access detailed image properties while in 'ping' mode.
JPEG reader: Base test for "Unreasonable dimensions" on original JPEG dimensions and not the scaled dimensions.
JPEG reader: Allow input files to have a compression ratio as high as 2500. Extremely compressed files were being rejected.
FreeType renderer: Fixed a memory leak.
PDF writer: Fixed a memory leak.
PDF writer: Fixed a thread safety problem.
PICT reader: Fix a thread safety problem.
Exception reporting: Throwing an exception was not thread safe. Now it is.
Exception reporting: Handle the case where some passed character strings refer to existing exception character strings.
Command-line parser now does not attempt to read a list of filenames from a file in '@name' syntax if the path '@name' exists. Previously it would attempt to read a list of file names from 'name' even if '@name' did exist.
Rendering: Short-circuit path parsing and return and error immediately if an error occurs.
New Features:
Added support for writing the Braille image format (by Samuel Thibault).
WebP writer: Support WebP 'use_sharp_yuv' option ("if needed, use sharp (and slow) RGB->YUV conversion") via -define webp:use-sharp-yuv=true.
The version command output now reports the OpenMP specification number rather than just the integer version identifier.
API Updates:
ReallocateImageColormap() added to re-allocate an existing colormap.
Some improperly-exposed globals are now static as they should have been.
Feature improvements:
Microsoft Windows timing information now uses QueryPerformanceFrequency() and QueryPerformanceCounter() for increased precision.
The 'benchmark' command now shows 6 digits (microseconds) of elapsed time indication.
The 'time' command now shows 6 digits (microseconds) of elapsed time indication.
The logging facility now shows 6 digits (microseconds) of time resolulution
Dcraw: When QuantumDepth is greater than 8, pass -6 option to dcraw so that it returns a 16-bit/sample image.
Dcraw: If Dcraw supports TIFF format, then request TIFF format in order to be able to acquire more metatdata.
Scale algorithm: Eliminate artifacts when scaling an image with semi-transparent pixels.
Library metrics: The number of shared library relocations and the amount of initialized data has been signficantly reduced by following recommendations from Ulrich Drepper's document How To Write Shared Libraries.
As can be seen, the number of relocations was extreme and has been reduced to reasonable levels while also diminishing the amount of initialized data and the total size of the library/program. Most of the remaining initialized data (106,648 bytes) and some of the relocations (65 relocations) may be attributed to the optional X11 animate/display/import support.
Windows Delegate Updates/Additions:
None
Build Changes:
The test suite now passes even if no fonts are found.
Configure script does better at finding Windows fonts on non-Windows systems.
The configure script now supports the option --with-mtmalloc to enable use of the mtmalloc library as found on Solaris-derived systems.
Behavior Changes:
AnnotateImage(): No longer implicitly call TranslateText() since this is not suitable for most use-cases and causes additional performance impact. The API user can perform such translations in advance on the text string using TranslateText() if need be.
