github.com/kaydxh/golang@v0.0.131/pkg/gocv/cgo/third_path/graphics-magick/share/doc/GraphicsMagick/ChangeLog.2018

2018-12-20  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/jpeg.c (ReadJPEGImage): Move return point for 'ping' mode
	until after jpeg_start_decompress() and after JPEG compression
	properties have been estimated.  Fixes SourceForge issue #578 "gm
	identify with format "%[JPEG-Colorspace-Name]" does not work" and
	#586 "Identify returning wrong compression values".

2018-12-18  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/gif.c (ReadGIFImage): Don't throw an error if opacity is
	outside of the range of the image colors.  Fix suggested by 莫红波
	<hongbo.mo@upai.com> on the graphicsmagick-bugs mailinb list on
	Fri, 9 Oct 2015.

	* magick/memory.h (MagickAllocateClearedArray): New macro for
	allocating a cleared array.

	* magick/resize.c (ScaleImage): Patch by Troy Patteson which
	resolves SourceForge issue #381 "Artifacts when scaling a PNG with
	semi-transparent pixels".

	ScaleImage() suffers from two problems related to the blending of
	fully transparent pixels with non-fully transparent pixels during
	the scaling operation.

	The first is that the colour values for fully transparent pixels
	are contributing to the colour values of the blended pixels when
	they should not.

	The second is that the colour values of pixels blended with fully
	and non-fully transparent pixels are scaled as though the fully
	transparent pixels contribute to the blended pixels' colour values
	when they should not. For example, if blending 10% of a fully
	opaque white pixel with 90% of a fully transparent black pixel one
	would expect the blended pixel RGBA values to be 255,255,255,25.5
	assuming 8 bit colour but they are in fact 25.5,25.5,25.5,25.5.

	The provided patch solves the first issue by treating the colour
	values of fully transparent pixels as zero and the second issue by
	recording the volume of each blended pixel made up of pxiels that
	are not fully transparent (0.1 in the above example) and then
	scaling the blended pixel RGB values by dividing by that
	amount. In the above example, 25.5/0.1 = 255.

2018-12-16  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/dib.c (ReadDIBImage): DIB images claiming more than
	8-bits per pixel are not colormapped.  Reject such files.  Fixes
	SourceForge issue #585 "Assertion Failure in coders/png.c:7503".
	The problem is in the DIB reader rather than PNG.

	* coders/miff.c (ReadMIFFImage): Detect and reject zero-length
	deflate-encoded row in MIFF version 0.  Fixes oss-fuzz 11876
	"graphicsmagick/coder_MIFF_fuzzer: Use-of-uninitialized-value in
	deflate_slow". (Credit to OSS-Fuzz)

	* configure.ac: Improve search for true Microsoft Windows fonts
	and provide better indication of results.  Fix a typo which caused
	DcrawExtraOptions not to be evaluated correctly.

2018-12-15  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/tiff.c (QuantumTransferMode): Be more strict about the
	requirements for CIE Log2(L) and LOGLUV images.
	(ReadTIFFImage): Apply memory resource limits to strip and tile
	allocations.
	(ReadTIFFImage): Rationalize tile width/height to reject large
	tile sizes which are much larger than the image dimensions.  Fixes
	oss-fuzz 11824 "graphicsmagick/coder_BIGTIFF_fuzzer: Out-of-memory
	in graphicsmagick_coder_BIGTIFF_fuzzer". (Credit to OSS-Fuzz)
	(ReadTIFFImage): Return with error if TIFFClientOpen() reports
	errors yet still returns a TIFF handle.

2018-12-12  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/tga.c (WriteTGAImage): Image rows/columns must not be
	larger than 65535. Fixes SourceForge #583 "heap-buffer-overflow in
	WriteTGAImage of tga.c".

2018-12-11  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/bmp.c (ReadBMPImage): Fix heap overflow in 32-bit build
	due to arithmetic overflow.  Only happens if limits are changed
	from defaults. Fixes SourceForge #582 "heap-buffer-overflow in
	ReadBMPImage of bmp.c".

2018-12-09  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* common.shi.in (MAGICK_FONT): The test suite must pass even on
	systems where we don't find any fonts.

2018-12-08  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/miff.c (ReadMIFFImage): Sanitize claimed profile size
	before allocating memory for it.  Fixes oss-fuzz 11781
	"graphicsmagick/coder_MIFF_fuzzer: Out-of-memory in
	graphicsmagick_coder_MIFF_fuzzer". (Credit to OSS-Fuzz)

2018-12-05  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/png.c (ReadMNGImage): Fix non-terminal MNG looping.
	Fixes oss-fuzz 11596 "graphicsmagick/coder_MNG_fuzzer: Timeout in
	graphicsmagick_coder_MNG_fuzzer". (Credit to OSS-Fuzz)

2018-12-04  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/xpm.c (WriteXPMImage): Assure that added colormap entry
	for transparent XPM is initialized. Fixes oss-fuzz 11617
	"graphicsmagick/coder_XPM_fuzzer: Use-of-uninitialized-value in
	QueryColorname". (Credit to OSS-Fuzz)

	* coders/miff.c (ReadMIFFImage): Fix memory leak of profiles
	'name' when claimed length is zero.  Fixes oss-fuzz 11710
	"graphicsmagick/coder_MIFF_fuzzer: Direct-leak in AllocateString".
	and oss-fuzz 11688 "graphicsmagick/coder_MIFF_fuzzer:
	Out-of-memory in graphicsmagick_coder_MIFF_fuzzer". (Credit to
	OSS-Fuzz)

2018-12-02  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* fuzzing/oss-fuzz-build.sh: Apply patch from Alex Gaynor to add
	Zstd to the oss-fuzz build.

2018-12-01  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* configure.ac (DcrawExtraOptions): For QuantumDepth > 8 pass -6
	option to dcraw.  Fixes SourceForge issue #568 "dcraw not
	returning 16 bit image even though quantum depth is set to 16".

	* fuzzing/oss-fuzz-build.sh (PKG_CONFIG_PATH): Build WebP prior to
	libtiff so that libtiff has a chance to find it.

2018-11-30  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* magick/command.c (TimeImageCommand): Time command now shows 6
	digits of elapsed time indication since this precision is often
	now available and it is useful to see.

2018-11-29  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* Magick++/lib/Magick++/Drawable.h: Fix use of clang diagnostic
	syntax. Addresses SourceForge bug #579 "'diagnostic pop' pragma
	without 'diagnostic push' in Drawable.h.".

2018-11-22  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* magick/constitute.c (WriteImage): Eliminate use of just-freed
	memory in clone_info->magick when throwing exception due to no
	support for format.  Fixes SourceForge issue #576 "heap
	use-after-freee when convert one format into another format".

	* magick/command.c (BenchmarkImageCommand): Benchmark command now
	shows 6 digits of elapsed time indication since this precision is
	often now available and it is useful to see.

2018-11-21  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* wand/wand_api.h ("C"): magick/api.h should be included prior to
	wand/wand_symbols.h.  Change made due to report by yzh杨振宏 on
	Wed, 21 Nov 2018 via the graphicsmagick-bugs mailing list.

2018-11-20  Fojtik Jaroslav  <JaFojtik@seznam.cz>

	* magick/nt_base.c Fix a bug when OS does not support performance counter.

2018-11-20  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* magick/nt_base.c (NTElapsedTime): Use
	QueryPerformanceFrequency() and QueryPerformanceCounter() to
	measure elapsed time for Windows.

2018-11-19  Fojtik Jaroslav  <JaFojtik@seznam.cz>

	* tiff/port/snprintf.c Fix for older Microsoft Visual Studio

2018-11-17  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* www/index.rst: Update in preparation for 1.3.31 release.

	* version.sh: Update library versioning in preparation for
	1.3.31 release.

	* NEWS.txt: Update news in preparation for 1.3.31 release.

2018-11-15  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* magick/command.c (BenchmarkUsage): Document the benchmark
	command better.

2018-11-14  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* magick/resize.c (HorizontalFilter, VerticalFilter): quantum is a
	pointer so it's value can not be usefully flushed.  Use a local
	variable and then update quantum pointer when done.

2018-11-11  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* magick/*: Changed row_count tallying to use 'omp atomic' and
	status update to use 'omp flush' for progress and error
	indication.  This replaces most use of 'omp critical' for this
	purpose.  Changed some lumpy algorithms which were using 'static'
	scheduling to 'guided' scheduling due to observing better results.
	Also added prolific 'restrict' annotations where they were
	missing.

	* www/security.rst: Documented a PGP private key for file signing
	or private correspondence.

2018-11-10  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* www/authors.rst: Moved "Glenn Randers-Pehrson" and "Gregory J
	Wolfe" to the "Former Contributor" category.

2018-11-09  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* Added many GCC function annotations in the libraries and coders.

2018-11-07  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* configure.ac: Use printf rather than echo to portably expand tab
	requests in configuration summary.

2018-11-01  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* configure.ac: Use pkg-config data as the initial choice when
	configuring for FreeType 2.0 and libxml-2.0.  Only fall back to
	invoking an external script (and then traditional methods) if
	pkg-config fails.

	* coders/msl.c (ProcessMSLScript): Release msl_image if OpenBlob
	fails.  Similar to ImageMagick CVE-2018-18544.  Problem was
	reported to us via email from Petr Gajdos on Thu, 1 Nov 2018.

2018-10-27  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/miff.c (WriteMIFFImage): Only run
	strlen(attribute->value) once per attribute since the length won't
	change.  May address oss-fuzz 11158
	"graphicsmagick/coder_MIFF_fuzzer: Timeout in
	graphicsmagick_coder_MIFF_fuzzer". (Credit to OSS-Fuzz)

	* Fix compilation warnings observed with GCC 8.2.0.

2018-10-26  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* magick/pixel_iterator.c (PixelIterateMonoModifyImplementation):
	Use atomic and flush rather than critical construct for a small
	speedup.

	* magick/monitor.c (MagickMonitorFormatted): Serialize calls to
	the progress monitor so that the caller does not need to perform
	this serialization.
	(MagickMonitor): Serialize calls to the progress monitor so that
	the caller does not need to perform this serialization.  This
	function is now marked as deprecated.
	(InitializeMagickMonitor): New private function to initialize
	monitor functionality.
	(DestroyMagickMonitor): New private function to destroy monitor
	functionality.

2018-10-23  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/gif.c (ReadGIFImage): Improve the efficiency of storing a
	GIF comment in order to avoid a DOS opportunity.  Fixes oss-fuzz
	11096 "graphicsmagick/coder_GIF_fuzzer: Timeout in
	graphicsmagick_coder_GIF_fuzzer". (Credit to OSS-Fuzz)

2018-10-21  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* PerlMagick/Makefile.PL.in: Use MAGICK_API_LIBS to obtain the
	list of libraries to use when linking.

	* configure.ac: OpenMP library is normally supplied due to a
	CFLAGS option so only supply it in cases where the CFLAGS option
	may be lost or it might not be used.  Otherwise the compiler may
	apply the library twice when linking.

2018-10-20  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* configure.ac: Remove Ghostscript library support (--with-gslib)
	from configure script.  The 'HasGS' pre-processor defines which
	were enabled by this remain in the source code so it is still
	possible to use this library if absolutely necessary
	(e.g. CPPFLAGS=-DHasGS LIBS=-lgs).

	* tests/rwfile.tap: Test TIFF format with all supported
	compression options.

	* tests/{rwblob.c, rwfile.c} (main): Use StringToCompressionType()
	to parse compression option. Also consider requested compression
	algorithm when deciding if format is lossy.

	* coders/tiff.c (WriteTIFFImage): WebP compression needs
	PHOTOMETRIC_RGB. Fix wrong rows-per-strip calculation when using
	LZMA compression.

	* tests/rwblob.tap: Added a rwblob test to verify that lower-case
	magick works.

	* magick/static.c (OpenModule): Upper case magick string before
	searching static modules list.  Fixes Debian bug 911386
	"libgraphicsmagick-q16-3: graphicsmagick 1.3.30 has made formats
	case-sensitive at the API level".

	* filters/analyze.c (AnalyzeImage): X and y should be unsigned
	long to match image rows/columns type.  Calculate total pixels by
	simple multiplication rather than counting.

2018-10-14  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/tiff.c (WriteTIFFImage): Support WebP compression in
	TIFF. This requires a libtiff release after 4.0.9.

	* magick/image.h ("C"): WebPCompression added to CompressionType
	enumeration.

2018-10-13  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* configure.ac: Configure for the Zstd library.  Use
	--without-zstd to disable searching for this library.  Libtiff may
	require this library to successfully link so static linkage could
	fail if searching for libzstd is disabled.

	* magick/image.h ("C"): ZSTDCompression added to CompressionType
	enumeration.

	* coders/tiff.c (WriteTIFFImage): Support Zstd compression in
	TIFF.  This requires a libtiff release after 4.0.9.

2018-10-10  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* magick/command.c (GMCommandSingle): Add 'compare' to the list of
	command names that gm will support as a command if copied to or
	linked from that name.  There was already a 'compare' link
	installed when the '--enable-magick-compat' configure option is
	used, but it could not possibly function without being blessed by
	this list.  Related to Debian bug #910652
	"graphicsmagick-imagemagick-compat: Doesn't ship a compare tool".

2018-09-30  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* Magick++/lib/Magick++/Drawable.h: Block unused-private-field
	warnings from Clang due to _dummy members which were intentionally
	included in some parent class definitions.

	* magick/widget.c (XEditText): Fix compilation warnings about
	cases which fall-through.

	* magick/display.c (MagickXAnnotateEditImage): Fix compilation
	warnings about cases which fall-through.

	* coders/pict.c (WritePICTImage): Add more checks to memory
	allocation calculations.

	* magick/pixel_cache.c (DestroyCacheInfo): Eliminate intentional
	fall-through logic in switch statement which results in compiler
	warnings.  Eliminate switch statements entirely and split
	unrelated logic.

	* coders/txt.c (ReadTXTImage): Fix comparison between pointer and
	'\0' rather than NULL as was obviously intended.

	* coders/msl.c (MSLStartElement): Add missing 'break' statements
	after ThrowException() calls.  Otherwise execution falls through
	into unrelated switch cases and throws a redundant exception.

2018-09-29  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/meta.c (parse8BIM): Eliminate repeated use of strlen()
	which scans the entire remaining string on each cycle.  Fixes
	oss-fuzz 10667 "graphicsmagick/coder_IPTCTEXT_fuzzer: Timeout in
	graphicsmagick_coder_IPTCTEXT_fuzzer". (Credit to OSS-Fuzz)

2018-09-26  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* magick/utility.c (MagickGetToken): Fix possible read up to four
	bytes beyond end of stack allocated token buffer.  Fixes oss-fuzz
	10653 "graphicsmagick/coder_MVG_fuzzer: Stack-buffer-overflow in
	MagickGetToken". (Credit to OSS-Fuzz)

2018-09-22  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* fuzzing/coder_fuzzer.cc (LLVMFuzzerTestOneInput): Limit the
	maximum number of JPEG progressive scans to 50.

	* coders/jpeg.c (ReadJPEGImage): Apply a default limit of 100
	progressive scans before the reader quits with an error.  This
	limit may be adjusted using the -define mechanism like -define
	JPEG:max-scan-number=500.  Also respond more quickly to files
	which exceed the maximum image dimensions.  Fixes oss-fuzz 10258
	"graphicsmagick/coder_JPEG_fuzzer: Timeout in
	graphicsmagick_coder_JPEG_fuzzer". (Credit to OSS-Fuzz)

2018-09-20  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/png.c (ReadMNGImage): mng_LOOP chunk must be at least 5
	bytes long.  Fixes oss-fuzz 10455
	"graphicsmagick/coder_MNG_fuzzer: Use-of-uninitialized-value in
	ReadMNGImage". (Credit to OSS-Fuzz)

2018-09-15  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* magick/render.c (TraceEllipse): Detect arithmetic overflow when
	computing the number of points to allocate for an ellipse.  Fixes
	oss-fuzz 10306 "graphicsmagick/coder_MVG_fuzzer:
	Heap-buffer-overflow in TracePoint". (Credit to OSS-Fuzz)

2018-09-12  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* magick/attribute.c (GenerateEXIFAttribute): Eliminate undefined
	shift.  Also right-sized involved data types.  Fixes oss-fuzz
	10309 "graphicsmagick/coder_JPG_fuzzer: Undefined-shift in
	Read32s". (Credit to OSS-Fuzz)

2018-09-09  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* magick/render.c (DrawClipPath): Fix Coverity 319663 "Null
	pointer dereferences".  Totally insignificant.

	* coders/wpg.c (ReadWPGImage): Mask/fix Coverity 319664 "Error
	handling issues".

	* magick/attribute.c (FindEXIFAttribute): Change size types from
	signed to unsigned and check for unsigned overflow.
	(GenerateEXIFAttribute): Change size types from signed to unsigned
	and check for unsigned overflow. Fixes oss-fuzz 10283
	"graphicsmagick/coder_JPG_fuzzer: Integer-overflow in
	GenerateEXIFAttribute". (Credit to OSS-Fuzz)

	* coders/sfw.c (ReadSFWImage): Enforce that file is read using the
	JPEG reader. (Credit to OSS-Fuzz)

	* coders/miff.c (ReadMIFFImage): Fix leak of 'values' buffer due
	to change made yesterday.

	* coders/mpc.c (ReadMPCImage): Fix leak of 'values' buffer due to
	change made yesterday.  Fixes oss-fuzz 10277
	"graphicsmagick/coder_MPC_fuzzer: Direct-leak in
	ReadMPCImage". (Credit to OSS-Fuzz)

2018-09-08  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/miff.c (ReadMIFFImage): Support legacy keyword
	'color-profile' for ICC color profile as was used by ImageMagick
	4.2.9.

	* coders/mpc.c (ReadMPCImage): Require that first keyword/value be
	id=MagickCache

	* coders/miff.c (ReadMIFFImage): Require that first keyword/value
	be id=ImageMagick.

2018-09-06  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/dcm.c (DCM_ReadElement): Add more size checks.

	* coders/jnx.c (ExtractTileJPG): Enforce that JPEG tiles are read
	by the JPEG coder.  Fixes oss-fuzz 10147
	"graphicsmagick/coder_JNX_fuzzer: Use-of-uninitialized-value in
	funcDCM_PhotometricInterpretation". (Credit to OSS-Fuzz)

2018-09-10  Fojtik Jaroslav  <JaFojtik@seznam.cz>

	* coders/wpg.c Zero fill raster error recovery.

2018-08-29  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* magick/render.c (ConvertPrimitiveToPath): Second attempt to
	prevent heap write overflow of PathInfo array.  Fixes oss-fuzz
	10096 "Heap-buffer-overflow in ConvertPrimitiveToPath". (Credit to
	OSS-Fuzz)

2018-08-25  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/tiff.c ("QuantumTransferMode"): CIE Log images with an
	alpha channel are not supported.  Fixes oss-fuzz 10013
	"graphicsmagick/coder_TIFF_fuzzer: Use-of-uninitialized-value in
	DisassociateAlphaRegion". (Credit to OSS-Fuzz)

	* magick/render.c (DrawImage): SetImageAttribute() appends new
	text to any existing value, leading to every increasing memory
	consumption if the existing value is not deleted first by the
	unwary.  Fixes oss-fuzz 9983 "graphicsmagick/coder_MVG_fuzzer:
	Timeout in graphicsmagick_coder_MVG_fuzzer" and oss-fuzz 10016
	"graphicsmagick/coder_MVG_fuzzer: Out-of-memory in
	graphicsmagick_coder_MVG_fuzzer". (Credit to OSS-Fuzz)

	* magick/utility.c (TranslateTextEx): Fix off-by-one in loop
	bounds check which allowed a one-byte stack write overflow.  Fixes
	oss-fuzz 10055 "graphicsmagick/coder_MVG_fuzzer:
	Stack-buffer-overflow in TranslateTextEx". (Credit to OSS-Fuzz)

	* magick/render.c (DrawImage): Be more precise about error
	detection and reporting, and return from an error more quickly.
	Also added MAX_DRAWIMAGE_RECURSION pre-processor definition to
	allow adjusting the drawing recursion limit.  The drawing
	recursion limit is still 100, which seems exceptionally generous.

	* magick/constitute.c (WriteImage): Produce a more useful error
	message if an encoding delegate is not available.

	* magick/nt_base.h (isnan): Try adding a MSVC replacement for
	missing isnan() function.  Not yet tested.

2018-08-25  Fojtik Jaroslav  <JaFojtik@seznam.cz>

	* coders/wpg.c This should fix intentional 64 bit file offset
	overflow as depictedin OSS-fuzz-9936. Thanks to OSS-Fuzz.

2018-08-22  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* magick/render.c (ConvertPrimitiveToPath): Need to enlarge
	PathInfo array allocation to avoid possible heap write overflow.
	Fixes oss-fuzz 9651 "graphicsmagick/coder_MVG_fuzzer:
	Heap-buffer-overflow in ConvertPrimitiveToPath". (Credit to
	OSS-Fuzz)

2018-08-20  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/mpc.c (ReadMPCImage): Insist that the format be
	identified prior to any comment, and that there is only one
	comment.

	* coders/miff.c (ReadMIFFImage): Insist that the format be
	identified prior to any comment, and that there is only one
	comment.  Fixes oss-fuzz 9979 "graphicsmagick/coder_MIFF_fuzzer:
	Timeout in graphicsmagick_coder_MIFF_fuzzer".  This is not a
	serious issue, but the code runs slowly under UBSAN.  (Credit to
	OSS-Fuzz)

2018-08-19  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* magick/utility.c (MagickAtoFChk): Add additional validation
	checks for floating point values.  NAN and +/- INFINITY values
	also map to 0.0. Fixes oss-fuzz 9630
	"graphicsmagick/coder_MVG_fuzzer: Integer-overflow in
	IsNexusInCore" and oss-fuzz 9612 "graphicsmagick/coder_MVG_fuzzer:
	Integer-overflow in SetCacheNexus". (Credit to OSS-Fuzz)

	* magick/render.c (DrawImage): Add missing error-reporting logic
	to return immediately upon memory reallocation failure.  Apply
	memory resource limits to PrimitiveInfo array allocation.  Fixes
	oss-fuzz 9576 "graphicsmagick/coder_MVG_fuzzer: Null-dereference
	READ in DrawImage", oss-fuzz 9593
	"graphicsmagick/coder_MVG_fuzzer: Out-of-memory in
	graphicsmagick_coder_MVG_fuzzer", oss-fuzz 9648
	"graphicsmagick/coder_MVG_fuzzer: Unknown signal in
	DrawImage". (Credit to OSS-Fuzz)

2018-08-16  Fojtik Jaroslav  <JaFojtik@seznam.cz>

	* coder/mat.c Explicitly reject non-seekable streams.

2018-08-15  Fojtik Jaroslav  <JaFojtik@seznam.cz>

	* coder/mat.c Correctly check GetBlobSize(image) even for zipstreams.

2018-08-14  Fojtik Jaroslav  <JaFojtik@seznam.cz>

	* coders/mat.c More aggresive data corruption checking.

2018-08-09  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/xbm.c (XBMInteger): Limit the number of hex digits parsed
	to avoid signed integer overflow.  Fixes oss-fuzz 9746
	"graphicsmagick/coder_XBM_fuzzer: Undefined-shift in
	XBMInteger". (Credit to OSS-Fuzz)

2018-08-07  Fojtik Jaroslav  <JaFojtik@seznam.cz>

	* coders/mat.c Typecast difference to quantum.

2018-08-05  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/mat.c (InsertComplexFloatRow): Avoid signed
	overflow. Fixes oss-fuzz 9667 "graphicsmagick/coder_MAT_fuzzer:
	Integer-overflow in InsertComplexFloatRow". (Credit to OSS-Fuzz)

	* coders/xbm.c (ReadXBMImage): Add validations for row and column
	dimensions.  Fixes oss-fuzz 9736 "graphicsmagick/coder_XBM_fuzzer:
	Out-of-memory in graphicsmagick_coder_XBM_fuzzer". (Credit to
	OSS-Fuzz)

2018-08-04  Fojtik Jaroslav  <JaFojtik@seznam.cz>

	* coders/wpg.c Add mechanism to approve embedded subformats in
	WPG.  This should mute oss-fuzz 9559.  (Credit to OSS-Fuzz)

2018-07-24  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/mvg.c (ReadMVGImage): Fix memory leak added on
	2018-07-21.  Fixes oss-fuzz 9548 "graphicsmagick/coder_MVG_fuzzer:
	Direct-leak in CloneDrawInfo". (Credit to OSS-Fuzz)

2018-07-23  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/cineon.c (ReadCINEONImage): Fix SourceForge issue 571
	"Unexpected hang on a crafted Cineon image" by detecting and
	quitting on EOF appropriately, and verifying that file size is
	sufficient for claimed pixel dimensions when possible.

	* fuzzing/oss-fuzz-build.sh, fuzzing/dictionaries/MVG.dict: Added
	MVG fuzzing dictionary by Alex Gaynor.

2018-07-22  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* magick/pixel_cache.c (SetNexus): For requests one pixel tall,
	SetNexus() was wrongly using pixels in-core rather than using a
	staging area for the case where the nexus rows extend beyond the
	image raster boundary, leading to heap overflow.  This can happen
	when virtual pixels outside the image bounds are accessed.  Fixes
	oss-fuzz 9512 "graphicsmagick/graphicsmagick_coder_MVG_fuzzer:
	Heap-buffer-overflow in AcquireCacheNexus". (Credit to OSS-Fuzz)

	* magick/render.c (ExtractTokensBetweenPushPop):
	ExtractTokensBetweenPushPop() needs to always return a valid
	pointer into the primitive string.  Fixes oss-fuzz 9511
	"graphicsmagick/graphicsmagick_coder_MVG_fuzzer: Null-dereference
	READ in DrawImage". (Credit to OSS-Fuzz)
	(DrawPolygonPrimitive): Fix leak of polygon set when object is
	completely outside image.  Fixes oss-fuzz 9513
	"graphicsmagick/graphicsmagick_coder_MVG_fuzzer: Direct-leak in
	AllocateThreadViewDataSet". (Credit to OSS-Fuzz)

2018-07-21  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* magick/blob.c (FileToBlob): Use confirm access APIs to verify
	that read access to this path is allowed by policy.  Check that
	file is a regular file before proceeding to open and read from it.

	* coders/mvg.c (ReadMVGImage): Don't allow MVG files to side-load
	a file as the drawing primitive using '@' syntax.  Fixes oss-fuzz
	9494 "graphicsmagick/coder_MVG_fuzzer: Sanitizer CHECK failure in
	"((0)) != (0)" (0x0, 0x0)". (Credit to OSS-Fuzz)

2018-07-19  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/mvg.c (ReadMVGImage): Don't assume that in-memory MVG
	blob is a null-terminated C string. Fixes oss-fuzz 9469
	"graphicsmagick/coder_MVG_fuzzer: Heap-buffer-overflow in
	AllocateString". (Credit to OSS-Fuzz)

2018-07-12  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/miff.c (ReadMIFFImage): Detect EOF when reading using
	ReadBlobZC() and avoid subsequent heap read overflow.  Fixes
	oss-fuzz 9357 "graphicsmagick/coder_MIFF_fuzzer:
	Heap-buffer-overflow in ImportRGBQuantumType". (Credit to
	OSS-Fuzz)

2018-07-11  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* fuzzing/oss-fuzz-build.sh (CFLAGS): Try disabling SIMD
	instructions in libjpeg-turbo build.

2018-07-10  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/png.c (WriteOnePNGImage): Free png_pixels as soon as
	possible.  This might help with oss-fuzz 9334
	"graphicsmagick/coder_PNG8_fuzzer: Direct-leak in
	WriteOnePNGImage", which we have yet to reproduce.  It is not
	clear if png_pixels is being clobbered by longjmp or if something
	else is going on.

2018-06-26  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/jpeg.c (ReadJPEGImage): Provide a memory resource limit
	(of 1/5th the memory resource limit for Graphicsmagick) to libjpeg
	to limit how much memory it might consume for itself while reading
	a file.  Fixes oss-fuzz 9096 "graphicsmagick/coder_JPEG_fuzzer:
	Timeout in graphicsmagick_coder_JPEG_fuzzer".  (Credit to
	OSS-Fuzz)
	(ReadJPEGImage): Make sure that JPEG pixels array is initialized
	in case libjpeg fails to completely initialize it.  May fix
	oss-fuzz 9115 "graphicsmagick/coder_JPEG_fuzzer:
	Use-of-uninitialized-value in ReadJPEGImage".  We are not sure
	since the problem was not reproduced.  (Credit to OSS-Fuzz)

2018-06-23  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* version.sh: Update library versioning for 1.3.30 release.

	* NEWS.txt: Update news for 1.3.30 release.

2018-06-22  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/dpx.c (ReadDPXImage): Report exception on EOF file
	reading DPX pixel data. Fixes oss-fuzz 8104
	"graphicsmagick/coder_DPX_fuzzer: Use-of-uninitialized-value in
	WriteDPXImage", oss-fuzz 8297 "graphicsmagick/enhance_fuzzer:
	Use-of-uninitialized-value in EnhanceImage", and oss-fuzz 8133
	"graphicsmagick/coder_DPX_fuzzer: Use-of-uninitialized-value in
	RGBTransformPackets". (Credit to OSS-Fuzz)

2018-06-20  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/cmyk.c (ReadCMYKImage): Free scanline buffer in error
	path. Fixes SourceForge issue #567 "small memory leak in rgb.c,
	gray.c and cmyk.c" reported by Petr Gajdos.

	* coders/gray.c (ReadGRAYImage): Free scanline buffer in error
	path. Fixes SourceForge issue #567 "small memory leak in rgb.c,
	gray.c and cmyk.c" reported by Petr Gajdos.

	* coders/rgb.c (ReadRGBImage): Free scanline buffer in error
	path. Fixes SourceForge issue #567 "small memory leak in rgb.c,
	gray.c and cmyk.c" reported by Petr Gajdos.

	* coders/jpeg.c (ReadJPEGImage): Avoid memory leak of profile
	buffer when longjmp-based exception is thrown while reading a
	profile. Fixes oss-fuzz 8957 "graphicsmagick/enhance_fuzzer:
	Direct-leak in ReadGenericProfile". (Credit to OSS-Fuzz)

2018-06-17  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/xcf.c (load_level): Make sure to free 'tile_image' before
	returning exception.  Fixes oss-fuzz 8935
	"graphicsmagick/coder_XCF_fuzzer: Indirect-leak in
	CloneImage". (Credit to OSS-Fuzz)

	* coders/jpeg.c (ReadJPEGImage): Allow three warnings of any given
	type before promoting the next warning of the same type to a hard
	error.  The warning limit may be adjusted by the user using
	-define jpeg:max-warnings=<value>.  Fixes oss-fuzz 8704
	"graphicsmagick/coder_JPG_fuzzer: Out-of-memory in
	graphicsmagick_coder_JPG_fuzzer". (Credit to OSS-Fuzz)

	* coders/png.c (ReadPNGImage): Detect EOF when reading
	magic_number.  Fixes oss-fuzz 8944
	"graphicsmagick/coder_PNG_fuzzer: Use-of-uninitialized-value in
	ReadPNGImage".  (Credit to OSS-Fuzz)
	(ReadPNGImage, ReadJNGImage): Makes sure that return value of
	ReadBlob() is always checked to detect EOF.

2018-06-16  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/tiff.c (ReadTIFFImage): Re-structure exception reporting
	so that QuantumTransferMode() exceptions thrown for
	PLANARCONFIG_SEPARATE images are handled immediately.  Fixes
	oss-fuzz 8896 "graphicsmagick/coder_BIGTIFF_fuzzer:
	Use-of-uninitialized-value in DisassociateAlphaRegion". (Credit to
	OSS-Fuzz)
	(ReadTIFFImage): tsize_t is a signed type so be prepared for
	unexpected negative values produced by libtiff size functions.
	Fixes oss-fuzz 8934 "graphicsmagick/coder_TIFF_fuzzer: Sanitizer
	CHECK failure in "((0)) != (0)" (0x0, 0x0)". (Credit to OSS-Fuzz)

2018-06-16  Fojtik Jaroslav  <JaFojtik@seznam.cz>

	* coders/wpg.c Fix oss-fuzz 7735 "graphicsmagick/coder_WPG_fuzzer:
	Use-of-uninitialized-value in ReadWPGImage".  (Credit to OSS-Fuzz)

2018-06-11  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/png.c (ReadMNGImage): ENDL chunk must be at least one
	byte in size. Fixes oss-fuzz 8832
	"graphicsmagick/coder_MNG_fuzzer: Null-dereference READ in
	ReadMNGImage". (Credit to OSS-Fuzz)
	(ReadMNGImage): Length of DISC chunk must be evenly divisible by
	2.  Fixes oss-fuzz 8834 "graphicsmagick/coder_MNG_fuzzer:
	Heap-buffer-overflow in ReadMNGImage". (Credit to OSS-Fuzz)

2018-06-10  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/mpc.c (ReadMPCImage): Detect end of file while reading
	image directory.  Similar to MIFF fixes for ImageMagick
	CVE-2017-18272.
	(RegisterMPCImage): Require seekable stream since MPC is strictly
	a file-based format and so GetBlobSize() is assured to work.
	Similar to MIFF behavior.  Claimed to be part of the resolution
	for ImageMagick CVE CVE-2017-11449. Suggested by Petr Gajdos via
	email on January 3, 2018.

2018-06-09  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/miff.c (ReadMIFFImage): Detect end of file while reading
	image directory. Fixes SourceForge issue 565 "ImageMagick
	CVE-2017-18272 applies to GraphicsMagick".  Thanks to Petr Gajdos
	for reporting this issue to us.

	* magick/import.c (ImportViewPixelArea): Use appropriate
	bits_per_sample validations for FloatQuantumSampleType. Fixes
	oss-fuzz 8780 "graphicsmagick/coder_PTIF_fuzzer:
	Use-of-uninitialized-value in HorizontalFilter". (Credit to
	OSS-Fuzz)

2018-06-09  Fojtik Jaroslav  <JaFojtik@seznam.cz>

	* coders/mat.c More than 4GiB are not supported in MAT!

2018-06-09  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/mat.c (ReadMATImage): Add casts to avoid arithmetic
	overflow when computing size and offsets.  Fixes oss-fuzz 8801
	"graphicsmagick/coder_MAT_fuzzer: Timeout in
	graphicsmagick_coder_MAT_fuzzer". (Credit to OSS-Fuzz)

	* magick/blob.c (ReadBlobLSBDoubles, ReadBlobMSBDoubles): Only
	byte-swap doubles or test doubles for NAN if we have read enough
	bytes for at least one double value.
	(ReadBlob): Add an assertion to enforce that ReadBlob() will never
	report reading more bytes than requested due to some
	implementation issue.

2018-06-08  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* magick/blob.c (ReadBlob, WriteBlob): gzread(), BZ2_bzread(),
	gzwrite(), BZ2_bzwrite() return type 'int' rather than 'size_t'
	like their stdio equivalents.  Use correct signed type to avoid
	returning a negative value into an unsigned type, forming a huge
	positive value.  Fixes oss-fuzz 8600
	"graphicsmagick/coder_MAT_fuzzer: Heap-buffer-overflow in
	ReadBlobLSBDoubles". (Credit to OSS-Fuzz)

2018-06-07  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/png.c (png_read_raw_profile): Try to shore up parsing of
	raw profile reading to avoid heap read overruns.  Fixes oss-fuzz
	8763 "graphicsmagick/coder_PNG32_fuzzer: Heap-buffer-overflow in
	png_read_raw_profile". (Credit to OSS-Fuzz)

2018-06-07  Fojtik Jaroslav  <JaFojtik@seznam.cz>

	* coders/mat.c Reduce stack usage for 64 bit architecture.

2018-06-06  Fojtik Jaroslav  <JaFojtik@seznam.cz>

	* coders/wpg.c Check return values of SeekBlob for more safety.

2018-06-06  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/png.c (ReadOneJNGImage): Use DestroyImageList() rather
	than DestroyImage() on returned Image from supposed read of JPEG
	data, in case multiple frames were unexpectedly returned.  Also
	add "JPEG:" prefix to filename when reading from temporary file to
	force that it can only be read as a JPEG file, disabling format
	auto-detection based on file header.  Fixes oss-fuzz 8755
	"graphicsmagick/coder_JNG_fuzzer: Indirect-leak in
	AllocateImage". (Credit to OSS-Fuzz)

2018-06-05  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* magick/blob.c (EOFBlob): Implement EOF detection for ZipStream.
	Does some archaic zlib not provide gzeof()?  Fixes oss-fuzz 8550
	"graphicsmagick/coder_MAT_fuzzer: Timeout in
	graphicsmagick_coder_MAT_fuzzer". (Credit to OSS-Fuzz)

2018-06-04  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/png.c (ReadOnePNGImage): Skip adding empty raw profile.
	Fixes oss-fuzz "graphicsmagick/coder_PNG_fuzzer:
	Heap-buffer-overflow in png_read_raw_profile". (Credit to
	OSS-Fuzz)

2018-06-03  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* NEWS.txt: Update NEWS with latest changes.

	* coders/dcm.c (DCM_ReadRGBImage): Force the image to DirectClass
	to avoid later use of uninitialized indexes.  Fixes oss-fuzz 8602
	"graphicsmagick/coder_DCM_fuzzer: Use-of-uninitialized-value in
	DCM_PostRescaleImage". (Credit to OSS-Fuzz)
	(DCM_ReadPlanarRGBImage): Force the image to DirectClass to avoid
	later use of uninitialized indexes.

	* coders/png.c (ReadMNGImage): Free chunk memory in error
	reporting path to avoid leak.  Fixes oss-fuzz 8721
	"graphicsmagick/coder_MNG_fuzzer: Direct-leak in
	ReadMNGImage". (Credit to OSS-Fuzz)

2018-06-02  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* magick/constitute.c (ReadImage): Assure that an error exception
	is thrown if coder returns null without properly reporting an
	exception.

	* magick/blob.c (BlobToImage): Assure that an error exception is
	thrown if coder returns null without properly reporting an
	exception.

	* coders/png.c (ReadMNGImage): Disable mystery "linked list is
	corrupted" code.  Assure that exceptions are reported to the
	correct place so they are not lost.  Fixes oss-fuzz 8710
	"graphicsmagick/coder_MNG_fuzzer: Indirect-leak in
	AllocateImage". (Credit to OSS-Fuzz)

	* coders/tiff.c (ReadTIFFImage): Initialize allocated scanline,
	strip, or tile to zero in order to avoid complaint about use of
	uninitialized data if libtiff fails to write all the bytes.  Fixes
	oss-fuzz 8551 "graphicsmagick/coder_TIFF_fuzzer:
	Use-of-uninitialized-value in ImportGrayQuantumType". (Credit to
	OSS-Fuzz)

	* magick/annotate.c (RenderFreetype): Throw an exception if
	DrawInfo font is null.  Should fix oss-fuzz 8557
	"graphicsmagick/coder_PCD_fuzzer: Unknown signal in
	RenderFreetype" and may fix oss-fuzz 8544
	"graphicsmagick/coder_PCD_fuzzer: Null-dereference READ in
	RenderFreetype". (Credit to OSS-Fuzz)

	* coders/jpeg.c (ReadGenericProfile): Add/improve tracing for
	profile size and when JPEG header is being read.

2018-06-01  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/png.c (ReadOneJNGImage): Report a useful exception for
	the case when the JNG file fails to provide the necessary image
	chunks to allocate the color image.  Inspired by oss-fuzz 8666
	"graphicsmagick/coder_JNG_fuzzer: ASSERT: data != (const char *)
	NULL" although the reported issue was not reproduced.

2018-05-31  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/png.c (ReadMNGImage): Fix off-by-one in length validation
	for TERM chunk which allowed one byte heap read overflow.  Fixes
	oss-fuzz 8615 "graphicsmagick/coder_MNG_fuzzer:
	Heap-buffer-overflow in mng_get_long". (Credit to OSS-Fuzz)
	(ReadMNGImage): Fix leak of MngInfo in error reporting path.
	Fixes oss-fuzz 8604 "graphicsmagick/coder_MNG_fuzzer: Direct-leak
	in ReadMNGImage". (Credit to OSS-Fuzz)
	(ReadMNGImage): Verify that claimed chunk size does not exceed
	input size.  Fixes oss-fuzz 8564 "graphicsmagick/coder_MNG_fuzzer:
	Out-of-memory in graphicsmagick_coder_MNG_fuzzer". (Credit to
	OSS-Fuzz)

	* coders/tiff.c (ReadTIFFImage): Reject files with excessive
	samples-per-pixel or extra-samples. Avoids potential issues
	observed in oss-fuzz 8634 "graphicsmagick/coder_BIGTIFF_fuzzer:
	Undefined-shift in ImportAlphaQuantumType". (Credit to OSS-Fuzz)

2018-05-30  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/png.c (ReadMNGImage): Assure that object id index is
	always less than MNG_MAX_OBJECTS to avoid overflow.  Fixes
	oss-fuzz 8596 "graphicsmagick/coder_MNG_fuzzer:
	Index-out-of-bounds in ReadMNGImage" and likely other issues yet
	to be reported. (Credit to OSS-Fuzz)

2018-05-30  Greg Wolfe  <gregory.wolfe@kodakalaris.com>

	* magick/render.c (CompareEdges): Per ticket #562,
	function CompareEdges() did not conform to the qsort()
	requirement that if CompareEdges(edge0,edge1) returns
	-1 (i.e., edge0 "less than" edge1), then
	CompareEdges(edge1,edge0) should return 1 (edge1
	"greater than" edge0).  This has been fixed.

2018-05-30  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/png.c (ReadOneJNGImage): Deal with JDAA JNG chunk with
	length zero.  Fixes oss-fuzz 8562
	"graphicsmagick/coder_JNG_fuzzer: ASSERT: data != (const char *)
	NULL". (Credit to OSS-Fuzz)

	* coders/tiff.c (ReadTIFFImage): Check that the bits-per-sample is
	supported by the implementation before attempting to decode the
	image. Fixes oss-fuzz 8554 "graphicsmagick/coder_BIGTIFF_fuzzer:
	Undefined-shift in MagickBitStreamMSBWrite". (Credit to OSS-Fuzz)

	* coders/png.c (ReadMNGImage): Eliminate use of uninitialized
	header magic data by checking for EOF first.  Fixes oss-fuzz 8597
	"graphicsmagick/coder_MNG_fuzzer: Use-of-uninitialized-value in
	ReadMNGImage". (Credit to OSS-Fuzz)

2018-05-25  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* fuzzing/oss-fuzz-build.sh: More fixes based on what is observed
	in oss-fuzz build log.

2018-05-24  Fojtik Jaroslav  <JaFojtik@seznam.cz>

	* coders/jnx.c The attribute should belong to only one scene and
	not to whole image list.

2018-05-24  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* fuzzing/oss-fuzz-build.sh: Changes to add CPPFLAGS to configure
	executions to hopefully get oss-fuzz build closer to success.

2018-05-23  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* PerlMagick/t/jpeg/read.t: Add a JNX reader test case.

	* coders/jnx.c (ReadJNXImage): JNX image depth should be 8.

	* fuzzing/oss-fuzz-build.sh: Apply patch from Alex Gaynor to
	switch libpng to autotools build system, as well as configure
	GraphicsMagick with '--with-quantum-depth=16'.

2018-05-22  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/tiff.c (ReadTIFFImage): Validate tile memory requests for
	the TIFFReadRGBATile() case in the same way as the TIFFReadTile()
	case.  Fixes oss-fuzz 8434 "graphicsmagick/coder_BIGTIFF_fuzzer:
	Out-of-memory in graphicsmagick_coder_BIGTIFF_fuzzer". (Credit to
	OSS-Fuzz)

2018-05-21  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/tile.c (ReadTILEImage): Remove any existing size request
	when while image to tile.  This avoids size being used for both
	the input image size and the tile image size.  Fixes SourceForge
	issue #563 "tile:<image> appears to blow image up by 100% before
	applying tiling".

2018-05-20  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* fuzzing/oss-fuzz-build.sh: Patch from Paul Kehrer to disable
	libpng test programs and binaries while building libpng in support
	of oss-fuzz testing.

	* coders/dcm.c (DCM_ReadGrayscaleImage): If a palette was
	provided, the image may be in PseudoClass but we need DirectClass
	for gray image when GRAYSCALE_USES_PALETTE is not defined.  Fixes
	oss-fuzz 7550 "graphicsmagick/coder_DCM_fuzzer:
	Use-of-uninitialized-value in SyncImageCallBack". (Credit to
	OSS-Fuzz)
	(ReadDCMImage): Restore use of DCM_PostRescaleImage() in order to
	obtain suitably scaled DICOM again.  Hopefully it is more robust
	now.
	(DCM_ReadPaletteImage): Assure that DirectClass pixels are
	initialized.

2018-05-19  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/tiff.c (ReadTIFFImage): Remove strange addition of
	image->columns to pixel buffer offsets which now causes a heap
	overflow since the buffer has been right-sized.  Perhaps the extra
	offset plus the over-sized allocation was some attempt to avoid
	buffer over/underflows due to bugs in libtiff. Fixes oss-fuzz 8384
	"graphicsmagick/coder_BIGTIFF_fuzzer: Heap-buffer-overflow in
	put1bitbwtile" which is described to be a regression. (Credit to
	OSS-Fuzz)

	* magick/render.c (DrawImage): Fix wrong range checks which caused
	spurious "Parsing of SVG images fail with "Non-conforming drawing
	primitive definition (push)" failure.  Fixes SourceForge issue 561
	"Parsing of SVG images fail with "Non-conforming drawing primitive
	definition (push)"" which is due to problems caused by the fix for
	SourceForge issue 517.

	* coders/tiff.c (WritePTIFImage): Use '-define
	ptif:minimum-geometry=<geometry>' to specify the smallest
	subresolution frame which is produced by the PTIF (Pyramid TIFF)
	writer.

2018-05-18  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/tiff.c (WritePTIFImage): Allow 1x1 input image to be
	supported.

	* coders/png.c (ReadOneJNGImage): Unconditionally free JDAT chunk
	memory.  Fixes oss-fuzz 8366 "graphicsmagick/coder_JNG_fuzzer:
	Direct-leak in ReadOneJNGImage". (Credit to OSS-Fuzz)

	* coders/tiff.c (WritePTIFImage): Fix leak of pyramid Image list
	if ResizeImage() fails.  Fixes oss-fuzz 8364
	"graphicsmagick/coder_PTIF_fuzzer: Indirect-leak in
	CloneImage". (Credit to OSS-Fuzz)

2018-05-17  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/tiff.c (WriteTIFFImage): Add and use
	ThrowTIFFWriterException() macro to consistently clean-up when
	throwing writer exception.  May fix oss-fuzz 8321
	"graphicsmagick/coder_EPT_fuzzer: Direct-leak in
	TIFFClientOpen". (Credit to OSS-Fuzz)
	(ReadTIFFImage): Add and use ThrowTIFFReaderException() macro to
	consistently clean-up when throwing reader exception.

2018-05-16  Greg Wolfe  <gregory.wolfe@kodakalaris.com>

	* magick/alpha_composite.h (AlphaCompositePixel): The
	macro definition for MagickAlphaCompositeQuantum in
	alpha_composite.h computes an expression of the form:

	a * b + c * d * e

	Code in function AlphaCompositePixel() (also in
	alpha_composite.h) multiplies the result of this macro
	by variable "delta" as follows:

	delta * a * b + c * d * e

	However, the intended result is actually:

	delta * ( a * b + c * d * e )

	The macro definition has been modified to enclose the
	entire expression in parentheses.

	The effects of this bug were particularly evident at the
	boundary between a stroked polygon and a transparent
	black region. More generally, an incorrect composited
	pixel value was being computed by AlphaCompositePixel()
	whenever the output alpha value was not 100% opaque.

2018-05-16  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* tests/rwblob.tap: Add a test for PTIF format.

	* coders/tiff.c (WritePTIFImage): Fix Image blob referencing in
	order to avoid double-free when writing PTIF to memory BLOB. Fixes
	oss-fuzz 8280 "graphicsmagick/coder_PTIF_fuzzer: Heap-double-free
	in Magick::BlobRef::~BlobRef". (Credit to OSS-Fuzz)

2018-05-14  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/tiff.c (WriteTIFFImage): Use libtiff's
	TIFFDefaultStripSize() function rather than an old porting macro
	required by some defunct libtiff version.  Expected to fix
	oss-fuzz 8248 "graphicsmagick/coder_EPT_fuzzer:
	Floating-point-exception in WriteTIFFImage". (Credit to OSS-Fuzz)

2018-05-13  Fojtik Jaroslav  <JaFojtik@seznam.cz>

	* coders/mat.c Fix potentional leak when compressed object is
	corrupted. Fixes oss-fuzz 8251 (Credit to OSS-Fuzz)

2018-05-13  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/tiff.c (ReadTIFFImage): Fix leak of Image when
	TIFFReadRGBAImage() reports failure.  Also harden buffer
	allocation calculation.  Fixes oss-fuzz 8275
	"graphicsmagick/coder_BIGTIFF_fuzzer: Indirect-leak in
	AllocateImage". (Credit to OSS-Fuzz)

	* coders/ept.c (ReadEPTImage): Add validations of 'count' and
	'filesize' read from EPT file. In response to oss-fuzz 8248
	"graphicsmagick/coder_EPT_fuzzer: Floating-point-exception in
	WriteTIFFImage" but we are unable to recreate the oss-fuzz issue
	since the EPT reader already immediately reports an EOF exception.

2018-05-12  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* fuzzing/oss-fuzz-build.sh: Apply SourceForge patch #57 "Add
	fuzzing support for jpeg + freetype delegates" by Alex Gaynor.

	* coders/png.c (read_user_chunk_callback): Fix memory leak and use
	of uninitialized memory when handling eXIf chunk. Fixes oss-fuzz
	8247 "graphicsmagick/coder_PNG24_fuzzer: Direct-leak in
	png_malloc". (Credit to OSS-Fuzz)

2018-05-11  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* fuzzing/oss-fuzz-build.sh: Apply SourceForge patch #56 "Use a
	few delegate libraries in fuzzing" by Alex Gaynor.

2018-05-10  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* tests/rwfile.tap: MIFF zip and bzip compression tests do not
	fail if zlib and bzlib are not available because the compression
	request is silently changed to no compression.

2018-05-07  Greg Wolfe  <gregory.wolfe@kodakalaris.com>

	* magick/render.c (DrawImage, InsertAttributeIntoInputStream):
	For a reference such as 'class="classname"', the "classname"
	is now allowed to be undefined.

	* coders.svg.c (ProcessStyleClassDefs): Class definitions
	defined within a <style> block may now be empty.

	* These relaxed conditions are not specifically called out in
	the SVG spec as being either acceptable or unacceptable, but
	other SVG renderers (e.g., Chrome) handle them this way. These
	changes do not resolve, but are related to, ticket #307.

2018-05-05  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* utilities/Makefile.am (utilities/tests/montage.log): Fix
	dependency rule so that effects.tap is fully executed before
	execution of montage.tap starts.

2018-05-04  Greg Wolfe  <gregory.wolfe@kodakalaris.com>

	* magick/render.c (DrawImage, TraceXXX): The PrimitiveInfo
	array used to store points generated by TraceEllipse(), the
	other TraceXXX() functions, and DrawImage() was not always
	being expanded when needed, resulting in writes beyond the
	end of the currently allocated storage. To fix this problem,
	a new data structure PrimitiveInfoMgr, and an associated
	function, PrimtiveInfoRealloc(), were written to handle
	expanding the PrimitiveInfo array as needed. DrawImage() and
	the TraceXXX() functions were modified to prevent the out of
	bounds writes to memory. This fixes ticket #516.

2018-05-03  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/png.c (ReadOneJNGImage): Add more JNG chunk
	validations. Fixes an issue reported by "Trace Probe" via a
	follow-up post to SourceForge issue 437 "assertion failure in
	WriteBlob", although the issue described was not reproduced.

	* coders/meta.c (ReadMETAImage): Detect and report 8BIMTEXT and
	8BIMWTEXT decoding problems.  Fixes oss-fuzz 8125
	"graphicsmagick/coder_8BIMTEXT_fuzzer: Use-of-uninitialized-value
	in format8BIM". (Credit to OSS-Fuzz)

2018-05-02  Greg Wolfe  <gregory.wolfe@kodakalaris.com>

	* magick/render.c (TraceStrokePolygon): Excessively
	large values of stroke-width were cascading through
	other computations, causing the function to write beyond
	the end of it's array of points when the stroke-linejoin
	attribute value was "round". Code was added to reallocate
	the array of points as needed, and to limit the size of
	stroke-width (for computational purposes) to no more than
	approximately twice the diagonal size of the output image.
	Fixes ticket #515.

	* The same limit on stroke-width was applied to all other
	instances of the same computation in render.c.

2018-05-01  Greg Wolfe  <gregory.wolfe@kodakalaris.com>

	* This change set fixes ticket #471.

	* magick/render.c (DrawImage): Polylines with fewer
	than two points were being flagged as an error. The
	SVG spec has no such restriction (fixed).

	* coders/svg.c (SVGStartElement) Inner <svg> elements
	could modify the output image dimensions if a geometry
	string was supplied. Now the output image dimensions
	are determined by the outermost <svg> only.

2018-05-01  Greg Wolfe  <gregory.wolfe@kodakalaris.com>

	* magick/render.c (TraceEllipse, TraceRectangle,
	TraceRoundRectangle): Per the SVG spec, rectangles and
	round rectangles having a width or height of zero are
	not rendered. Also per the spec, ellipses having an x
	or y radius of zero are not rendered.  Fixes ticket #457.

2018-04-30  Greg Wolfe  <gregory.wolfe@kodakalaris.com>

	* magick/render.h, (PrimitiveInfo), magick/render.c: Added
	member "flags" to PrimitiveInfo to support indicating closed
	shapes (e.g., rectangle, circle, path closed using 'z' or 'Z').
	Updated code in render.c (functions TraceXXX) to indicate
	closed shapes.  This replaces the previous policy of detecing
	closed shapes by comparing the first and last points to see if
	they are identical (within MagickEpsilon). The old policy
	prevented open subpaths with the same first and last point from
	being rendered properly (per the SVG spec) when round or square
	endcaps were enabled.  Part of the fix for ticket #322.

	* magick/render.c (ConvertPrimitiveToPath): Modified duplicate
	point elimination code so that the first and last points of
	a subpath are always preserved.  Consequences: (1) Allows
	for the correct rendering of the sequence "move x1 y1 line
	x1 y1" with round or square endcaps.  Part of the fix for
	ticket #322. (2) Fixes a bug in which eliminating the last
	point as a duplicate caused a closed shape to no longer be
	closed. This would manifest itself, for example, as a small
	"nub" on the boundary of a filled circle.

	* magick/render.c (GetPixelOpacity): Fixed a bug in the
	code that computed the distance between a point and a
	segment (polygon edge).  Prior to this fix, for zero length
	segments this code would generate a divide-by-zero and
	incorrect output. Part of the fix for ticket #322.

	* magick/render.c (DrawPolygonPrimitive): Polygons/paths with
	zero or one points are no longer rendered per the SVG spec.

	* magick/render.c (DrawStrokePolygon): Per the SVG spec, a
	polygon consisting of a single move-to command is not stroked.

	* magick/render.c (TracePath): Per the SVG spec, if the
	endpoints (x1, y1) and (x2, y2) of an arc subpath are identical,
	then this is equivalent to omitting the elliptical arc segment
	entirely.  For rendering purposes the zero length arc is
	treated like a zero length "line to" command to the current
	point.

	* magick/render.c (TraceStrokePolygon): Added code to detect
	zero length open subpaths and return a stroked polygon containing
	no points when round or square endcaps are not enabled.  This
	satisfies the SVG spec requirement that zero length subpaths are
	only stroked if the 'stroke-linecap' property has a value of
	round or square.

	* magick/render.c (TracePath): Fixed a bug in which if a "move to"
	command was followed by additional pairs of points, indicating
	implied "line to" commands, each point was added twice.

2018-04-30  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/pcx.c (ReadPCXImage): Colormap from PCX header is only
	used if colors <= 16. Determination of DirectClass image was
	wrong.  Fixes oss-fuzz 8093 "graphicsmagick/coder_PCX_fuzzer:
	Use-of-uninitialized-value in IsMonochromeImage". (Credit to
	OSS-Fuzz)

2018-04-29  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* version.sh: Updates to prepare for the 1.3.29 release.

	* coders/pict.c (DecodeImage): Assure that scanline is initialized
	to avoid use of uninitialized data.  Fixes oss-fuzz 8063
	"graphicsmagick/coder_WPG_fuzzer: Use-of-uninitialized-value in
	ReadPICTImage". (Credit to OSS-Fuzz)

	* coders/dpx.c (ReadDPXImage): Assure that NULL pixels is not
	used.  Fixes oss-fuzz 8078 "graphicsmagick/coder_DPX_fuzzer:
	Null-dereference WRITE in ReadDPXImage". (Credit to OSS-Fuzz)

	* NEWS.txt: Update NEWS file with information about changes since
	last release.

2018-04-28  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/dib.c (ReadDIBImage): Disable EOF tests for "ICODIB"
	subformat due to icon file provided by SourceForge issue #557
	"ErrorCorruptImage: Magick: Unexpected end-of-file ()" where an
	EOF error was reported due to no mask data being supplied.

	* coders/png.c (ReadOneJNGImage): The embedded JPEG image is
	required to have the same dimensions as the JNG image as provided
	by JHDR.  Fixes SourceForge bug 555 "heap-buffer-overflow in
	AcquireCacheNexus when processing jng file".  It is likely that
	this issue is precipitated by using 'montage' which seems to set a
	default non-zero image size.
	(ReadMNGImage): By default limit the maximum loops specifiable by
	the MNG LOOP chunk to 512 loops, but allow this to be modified by
	'-define mng:maximum-loops=value'.  Also assure that the value is
	in the range of 0-2147483647 as per the MNG specification.  This
	is to address the denial of service issue described by
	CVE-2018-10177.  This problem was reported to us by Petr Gajdos
	via email on Fri, 20 Apr 2018.

	* coders/dpx.c (ReadDPXImage): Move misplaced channel validation
	code.  Fixes oss-fuzz 8041 "graphicsmagick/coder_DPX_fuzzer:
	Use-of-uninitialized-value in WriteDPXImage" and oss-fuzz 8055
	"graphicsmagick/enhance_fuzzer: Use-of-uninitialized-value in
	EnhanceImage". (Credit to OSS-Fuzz)

2018-04-27  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/xpm.c (StringToListMod): Algorithm fixes to fix use of
	uninitialized data.  Fixes oss-fuzz 8046
	"graphicsmagick/coder_XPM_fuzzer: Use-of-uninitialized-value in
	StringToListMod". (Credit to OSS-Fuzz)

2018-04-26  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/xpm.c (ReadXPMImage): Reduce memory consumption further.
	Hopefully fixes oss-fuzz 8013 "graphicsmagick/coder_XPM_fuzzer:
	Out-of-memory in graphicsmagick_coder_XPM_fuzzer". (Credit to
	OSS-Fuzz)

	* magick/utility.c (StringToList): Only allocate the memory
	required when converting string to an ASCII list.  May or may not
	fix oss-fuzz 8013 "graphicsmagick/coder_XPM_fuzzer: Out-of-memory
	in graphicsmagick_coder_XPM_fuzzer". (Credit to OSS-Fuzz)

2018-04-24  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/bmp.c (ReadBMPImage): Fix benign use of uninitialized
	data when testing header magick.  Fixes oss-fuzz 7980
	"graphicsmagick/coder_BMP_fuzzer: Use-of-uninitialized-value in
	LocaleNCompare". (Credit to OSS-Fuzz)

	* coders/dpx.c (ReadDPXImage): ColorDifferenceCbCr does require
	even image width. Fixes oss-fuzz 7966
	"graphicsmagick/coder_DPX_fuzzer: Unknown signal in
	TentUpsampleChroma". (Credit to OSS-Fuzz)

2018-04-23  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/dpx.c (ReadDPXImage): ColorDifferenceCbCr element
	requires two samples/pixel, not one. Fixes oss-fuzz 7951
	"graphicsmagick/coder_DPX_fuzzer: Heap-buffer-overflow in
	ReadDPXImage". (Credit to OSS-Fuzz)

2018-04-22  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/pdb.c (ReadPDBImage): Assure that pixels buffer is
	initialized.  Fixes oss-fuzz 7937
	"graphicsmagick/coder_PDB_fuzzer: Use-of-uninitialized-value in
	ReadPDBImage". (Credit to OSS-Fuzz)

	* coders/mvg.c (ReadMVGImage): Assure that MVG viewbox parameters
	were supplied.  Fixes oss-fuzz 7936
	"graphicsmagick/coder_MVG_fuzzer: Use-of-uninitialized-value in
	ReadMVGImage". (Credit to OSS-Fuzz)

	* coders/dpx.c (ReadDPXImage): Element descriptors CbYCrY422 and
	CbYACrYA4224 require that the image width be evenly divisible by 2
	so enforce that.  Fixes oss-fuzz 7935
	"graphicsmagick/coder_DPX_fuzzer: Heap-buffer-overflow in
	ReadDPXImage". (Credit to OSS-Fuzz)

2018-04-21  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/dpx.c (ReadDPXImage): Reject DPX files which claim to use
	signed data.  Fixes oss-fuzz 7758
	"graphicsmagick/coder_DPX_fuzzer: Use-of-uninitialized-value in
	WriteDPXImage". (Credit to OSS-Fuzz)
	(ReadDPXImage): Validate that the image elements do update all of
	the channels, including the alpha channel.  Now report an error if
	a color channel is missing.  Fixes oss-fuzz 7758
	"graphicsmagick/coder_DPX_fuzzer: Use-of-uninitialized-value in
	WriteDPXImage".

	* coders/gif.c (DecodeImage): Finally fix oss-fuzz 7732
	"graphicsmagick/coder_GIF_fuzzer: Heap-buffer-overflow in
	DecodeImage" which was not actually fixed with previous
	changes. (Credit to OSS-Fuzz)

2018-04-21  Fojtik Jaroslav  <JaFojtik@seznam.cz>

	* coders/topol.c Emit error when tile storage overflows image data;
        fixes oss-fuzz 7769 thanks to oss-fuzz.

2018-04-20  Greg Wolfe  <gregory.wolfe@kodakalaris.com>

	* magick/render.c (ConvertPrimitiveToPath):  Fixed a bug
	in which SVG paths containing multiple open subpaths were
	not being processed correctly, resulting in incorrect
	output.  This fixes ticket #94.

2018-04-18  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/gif.c (DecodeImage): Fix use of uninitialized memory
	during error condition in decoder. Fixes oss-fuzz 7732
	"graphicsmagick/coder_GIF_fuzzer: Heap-buffer-overflow in
	DecodeImage". (Credit to OSS-Fuzz)

	* coders/txt.c (ReadTXTImage): Assure that all image pixels are
	initialized to black.

	* Magick++/demo/zoom.cpp (main): Add a -read-blob option to read
	input file into a Blob so that it is read by the Blob reader
	rather than the file reader.  Default the output Geometry to the
	input image geometry in case the user does not specify a resize
	resolution or geometry.

	* Magick++/tests/readWriteBlob.cpp (main): Improve the quality of
	code which reads a file into memory for Blob testing.

	* magick/blob.c (BlobToImage): Add exception reports for the cases
	where 'magick' was not set and the file format could not be
	deduced from its header.  Previously a null Image pointer was
	being returned without any exception being thrown.

2018-04-15  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/dpx.c (ReadDPXImage): Assure that CbCr layer initializes
	all channels if it is the first element of a planar DPX.  Fixes
	oss-fuzz 7703 "graphicsmagick/coder_DPX_fuzzer:
	Use-of-uninitialized-value in WriteDPXImage". (Credit to OSS-Fuzz)

	* coders/pict.c (ReadPICTImage): Don't refer to filename member of
	ImageInfo which was just destroyed. Much thanks to Alex Gaynor for
	finding this.  Should fix oss-fuzz 6867
	"graphicsmagick/coder_PCT_fuzzer: Heap-use-after-free in
	GetLocaleExceptionMessage". (Credit to OSS-Fuzz).

2018-04-14  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/sgi.c (ReadSGIImage): Assure that iris pixels are fully
	initialized.  Fixes oss-fuzz 7543
	"graphicsmagick/coder_SGI_fuzzer: Use-of-uninitialized-value in
	SGIEncode". (Credit to OSS-Fuzz).

	* coders/xcf.c (ReadXCFImage): Restore SetImage() which was
	previously commented out.  This is needed to assure initialized
	pixels.  Fixes oss-fuzz 7430 "graphicsmagick/coder_XCF_fuzzer:
	Use-of-uninitialized-value in AlphaCompositePixel". (Credit to
	OSS-Fuzz).

	* coders/pict.c (ReadPICTImage): Properly initialize "black
	canvas" that tiles may be composed on.  Fixes oss-fuzz 7574
	"graphicsmagick/enhance_fuzzer: Use-of-uninitialized-value in
	EnhanceImage". (Credit to OSS-Fuzz).

	* coders/rle.c (ReadRLEImage): Check for EOF when reading comment.
	Fixes oss-fuzz 7667 "graphicsmagick/coder_RLE_fuzzer:
	Use-of-uninitialized-value in ReadRLEImage". (Credit to OSS-Fuzz).

	* coders/pdb.c (WritePDBImage): Avoid use of uninitialized
	bytes. Fixes oss-fuzz 7638 "graphicsmagick/coder_PDB_fuzzer:
	Use-of-uninitialized-value in WritePDBImage". (Credit to
	OSS-Fuzz).

	* coders/rla.c (ReadRLAImage): Add many more validations,
	including scanline offsets and number of channels.  Fixes oss-fuzz
	7653 "graphicsmagick/coder_RLA_fuzzer: Timeout in
	graphicsmagick_coder_RLA_fuzzer". (Credit to OSS-Fuzz).

	* coders/txt.c (ReadTXTImage): Implement missing subrange logic to
	read only the specified range of frames.  Limits frames read from
	oss-fuzz test case
	clusterfuzz-testcase-minimized-coder_TEXT_fuzzer-6061076048248832
	"graphicsmagick/coder_TEXT_fuzzer: Timeout in
	graphicsmagick_coder_TEXT_fuzzer". (Credit to OSS-Fuzz).

	* Magick++/lib/Image.cpp (read): Set subrange = 1 since this
	interface is intended to read just one frame from the input file.
	Use the STL-based interfaces to read multiple frames.

	* coders/fits.c (ReadFITSImage): Verify FITS header before reading
	further.  Rejects file from oss-fuzz 7650
	"graphicsmagick/coder_FITS_fuzzer: Out-of-memory in
	graphicsmagick_coder_FITS_fuzzer".  (Credit to OSS-Fuzz).

	* PerlMagick/Magick.xs (Get): Fix PerlMagick compilation problem
	due to rename/repurposing of image->clip_mask.

2018-04-13  Greg Wolfe  <gregory.wolfe@kodakalaris.com>

	* magick/image.c, magick/image.h:  In order to be able to
	support SVG masks, and to be able to further extend the
	Image data structure without changing its size, new data
	structure ImageExtra (struct _ImageExtra) has been added.
	Header file image.h contains only a forward declaration;
	the members of ImageExtra are defined in file image.c.
	Image member variable Image * clip_mask has been replaced
	by ImageExtra * extra, and function prototypes that enable
	access to ImageExtra have been added to image.h.  The
	clip_mask member variable now resides in ImageExtra.  All
	references to Image::clip_mask in the GraphicsMagick
	source code have either been replaced with direct references
	to ImageExtra::clip_mask (image.c), or have been replaced
	with calls to access function ImageGetClipMask().

	* magick/render.c, magick/render.h:  In order to be able to
	support SVG masks, and to be able to further extend the
	DrawInfo data structure without changing its size, new data
	structure DrawInfoExtra (struct _DrawInfoExtra) has been added.
	Header file render.h contains only a forward declaration;
	the members of DrawInfoExtra are defined in file render.c.
	DrawInfo member variable char * clip_path has been replaced by
	DrawInfoExtra * extra, and function prototypes that enable
	access to DrawInfoExtra have been added to render.h.  The
	clip_path member variable now resides in ImageExtra.  All
	references to DrawInfo::clip_path in the GraphicsMagick
	source code have either been replaced with direct references
	to DrawInfoExtra::clip_path (render.c), or have been
	replaced with calls to access function DrawInfoGetClipPath().

	* magick/image.c (new functions CompositePathImage,
	CompositeMaskImage, GetImageCompositeMask,
	SetImageCompositeMask):  Defined new data structure ImageExtra,
	added create/destroy logic, and implemented associated access
	functions.  Implemented SVG masks.

	* magick/render.c (DrawImage, new function DrawCompositeMask):
	Defined new data structure DrawInfoExtra, added create/destroy
	logic, and implemented associated access functions.  Impemented
	SVG masks.

	* magick/pixel_cache.c (SyncCacheNexus, new function
	CompositeCacheNexus):  Fixed references to Image::clip_mask.
	Implemented SVG masks.

	* coders/svg.c (SVGStartElement, SVGEndElement): Implemented
	SVG masks.

	* locale/c.mgk, magick/gm_messages.mc, magick/local_c.h:
	Added new error codes to support SVG masks.

	* coders/ps3.c, magick/enhance.c: Fixed references to
	Image::clip_mask.

	* magick/draw.c, wand/drawing_wand.c: Fixed references to
	DrawInfo::clip_path.

2018-04-13  Fojtik Jaroslav  <JaFojtik@seznam.cz>

	* coders/wpg.c Crash on row overflow fixed oss-fuzz 7639 thanks to oss-fuzz.

2018-04-11  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/dpx.c (ReadDPXImage): Add more header validations.
	Always assure that scanline is initialized for Luma channel. Fixes
	oss-fuzz 7544 "graphicsmagick/coder_DPX_fuzzer:
	Use-of-uninitialized-value in WriteDPXImage". (Credit to OSS-Fuzz)

	* coders/pdb.c (ReadPDBImage): Add more EOF checks to avoid benign
	use of uninitialized data.  Fixes oss-fuzz 7545
	"graphicsmagick/coder_PDB_fuzzer: Use-of-uninitialized-value in
	ReadPDBImage".

	* coders/wpg.c (InsertRow, UnpackWPGRaster): x & y should be
	'unsigned long' to match type used by pixel cache APIs and image
	rows/columns.

2018-04-08  Fojtik Jaroslav  <JaFojtik@seznam.cz>

	* coders/wpg.c Stop reading when last row is reached.
	This should stop oss-fuzz 7528 thanks to oss-fuzz.


2018-04-10  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/xcf.c (ReadXCFImage): Fix use of uninitialized data in
	magick header string for runt file.  Fixes oss-fuzz 7521
	"graphicsmagick/coder_XCF_fuzzer: Use-of-uninitialized-value in
	LocaleNCompare". (Credit to OSS-Fuzz).

2018-04-09  Greg Wolfe  <gregory.wolfe@kodakalaris.com>

	* OVERVIEW: Change set 9aaeeca0224c modified the drawing
	of clipping paths to conform to the SVG spec.  This change
	set restores the previous behavior for non-SVG clients of
	render.c, while still satisfying the SVG spec for SVG clients.

	* magick/render.h (DrawInfo): Added a bit field in member
	"flags" to indicate that drawing should be SVG compliant.

	* magick/render.c (DrawImage): Now recognizes keyword
	"svg-compliant", and tags DrawInfo accordingly.  This
	allows for existing features in render.c to be changed
	to comply with the SVG spec without impacting the previous
	behavior expected by non-SVG clients.

	* magick/render.c (DrawImage): Now uses DrawInfo "flags"
	bit for SVG compliance in conjunction with "flags" bit
	for "clipping path" to determine when to ignore changes
	to fill color, stroke color, etc.  This restores the
	previous behavior for clipping paths for non-SVG clients.

	* coders/svg.c (SVGStartElement): The initial set of
	MVG commands for rendering an SVG file now includes
	new keyword "svg-compliant" (to indicate that certain
	graphical elements should be drawn according to the
	SVG spec), and includes an intialization of the SVG
	"fill-rule" to "nonzero" (the SVG default) instead of
	the internally initialized value of "evenodd".

	* coders/wpg.c: Fixed C99 "//" comments.

2018-04-08  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/pict.c (ReadPICTImage): Copy tile exception info to main
	image and don't composite tile if it has a problem.  Fixes
	oss-fuzz 7169 "graphicsmagick/enhance_fuzzer:
	Use-of-uninitialized-value in EnhanceImage". (Credit to OSS-Fuzz)

	* coders/dib.c (ReadDIBImage): Do not increase decode bits/pixel
	if compression=2, but use it to increase pixel packet size when
	estimating bytes per line for decode buffer.  Fixes oss-fuzz issue
	7324 "graphicsmagick/coder_WPG_fuzzer: Use-of-uninitialized-value
	in ReadDIBImage". (Credit to OSS-Fuzz)

	* coders/dpx.c (ReadDPXImage): When handling the first element of
	a planar DPX, assure that the other channels are
	initialized. Fixes oss-fuzz 7841 "graphicsmagick/coder_DPX_fuzzer:
	Use-of-uninitialized-value in WriteDPXImage". (Credit to OSS-Fuzz)

	* coders/tim.c (ReadTIMImage): Only 4 and 8 bit TIM requires a
	colormap. For other depths, force reading as DirectClass even if
	the TIM file provides a colormap.  Fixes oss-fuzz 7407
	"graphicsmagick/coder_TIM_fuzzer: Use-of-uninitialized-value in
	SyncImageCallBack". (Credit to OSS-Fuzz)

2018-04-08  Fojtik Jaroslav  <JaFojtik@seznam.cz>

	* coders/mat.c The unread data contains crap in memory,
	erase current image data. This should mute oss-fuzz 6604.

	* coders/wpg.c - condition "if(y<1) continue;" is redundant
	and could be removed completely.
	Allow logging in MatlabV4 module.

	* coders/svg.c - Do not use C++ syntax in C code - removed.

2018-04-07  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/wpg.c (UnpackWPGRaster): Fix uninitialized row 0 when
	row-based RLE is used.  Fixes oss-fuzz 6603
	"graphicsmagick/enhance_fuzzer: Use-of-uninitialized-value in
	BlendCompositePixel". (Credit to OSS-Fuzz)

	* coders/pcd.c: Fix many issues, including oss-fuzz 6016
	"graphicsmagick/coder_PCD_fuzzer: Heap-double-free in
	MagickRealloc" and oss-fuzz 6108 "graphicsmagick/coder_PCD_fuzzer:
	Unknown signal in AllocateThreadViewDataSet". (Credit to OSS-Fuzz)

2018-04-06  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/dcm.c (funcDCM_BitsStored): Limit DICOM significant bits
	to 16.  Otherwise rescale map code blows up.  Fixes oss-fuzz 7435
	"graphicsmagick/coder_DCM_fuzzer: Out-of-memory in
	graphicsmagick_coder_DCM_fuzzer". (Credit to OSS-Fuzz)

	* coders/pix.c (ReadPIXImage): Detect EOF.  Reject RLE lenth of
	zero.  Fixes oss-fuzz 7440 "graphicsmagick/coder_PIX_fuzzer:
	Out-of-memory in graphicsmagick_coder_PIX_fuzzer". (Credit to
	OSS-Fuzz)

2018-04-05  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/dpx.c (ReadDPXImage): Insist on having an element
	descriptor we understand since otherwise we can not decode the
	image.  Fixes oss-fuzz 7410 "graphicsmagick/coder_DPX_fuzzer:
	Use-of-uninitialized-value in WriteDPXImage". (Credit to OSS-Fuzz)

	* coders/avs.c, etc... (WriteAVSImage): Cache image list length
	before writing image sequence so that progress monitor is
	scalable.  Helps with oss-fuzz 7404
	"graphicsmagick/coder_AVS_fuzzer: Timeout in
	graphicsmagick_coder_AVS_fuzzer". (Credit to OSS-Fuzz)

2018-04-05  Greg Wolfe  <gregory.wolfe@kodakalaris.com>

	* coders/svg.c (SVGStartElement, SVGEndElement),
	magick/render.c (DrawImage): The current text position
	is now maintained by DrawImage() instead of by
	SVGStartElement() and SVGEndElement().  This change was
	made to support the recently implmemented "use" and
	"class" elements, which may make changes to the font
	size that are not visible to the code in svg.c.

	* coders/svg.c (GetStyleTokens, SVGStartElement): The
	list of SVG attributes is now reordered so that
	"font-size", "class", and "style" are processed first.
	This ensures that a change to the font size will be
	processed before any dimensional attribute whose value
	may depend on the font size (e.g., a width value
	specified in "em" units).

	* coders/svg.c (ProcessStyleClassDefs): Fixed two memory
	leaks associated with making an early return when
	malformed input is detected.

	* magick/render.c (ExtractTokensBetweenPushPop): Fixed
	an uninitialized variable condition which can occur when
	malformed input is detected.

	* magick/render.h (DrawInfo), magick/render.c: DrawInfo
	member "unused1" has been renamed "flags".  It is now
	used to tag a DrawInfo as being a clipping path or a
	compositing mask.

2018-04-04  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/pdb.c (ReadPDBImage): Update DirectClass pixels to avoid
	use of uninitialized memory for 2 bits/pixel.  Fixes oss-fuzz 7350
	"graphicsmagick/coder_PDB_fuzzer: Use-of-uninitialized-value in
	WritePDBImage".  (Credit to OSS-Fuzz)

	* coders/palm.c (ReadPALMImage): Fix use of uninitialized memory.
	Fixes oss-fuzz 7325 "graphicsmagick/coder_PALM_fuzzer:
	Use-of-uninitialized-value in TransparentImageCallBack". (Credit
	to OSS-Fuzz)

	* coders/dcm.c (DCM_ReadNonNativeImages): Break out of reading
	loop on EOF and properly report exception.  Fixes oss-fuzz 7349
	"graphicsmagick/coder_DCM_fuzzer: Timeout in
	graphicsmagick_coder_DCM_fuzzer". (Credit to OSS-Fuzz)

2018-04-03  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/xcf.c (ReadXCFImage): Require that XCF file offsets be in
	ascending order to avoid DOS.  Fixes oss-fuzz 7333
	"graphicsmagick/coder_XCF_fuzzer: Out-of-memory in
	graphicsmagick_coder_XCF_fuzzer". (Credit to OSS-Fuzz)

	* coders/wpg.c (UnpackWPGRaster): Fix memory leak in error return
	path. Fixes oss-fuzz 7338 "graphicsmagick/enhance_fuzzer:
	Direct-leak in UnpackWPGRaster". (Credit to OSS-Fuzz)

2018-04-03  Greg Wolfe  <gregory.wolfe@kodakalaris.com>

	* coders/svg.c (SVGStartElement): This changeset adds
	support for SVG geometric transforms specified using the
	style="transform: ..." syntax.  This syntax is sometimes
	used when exporting SVG files from Adobe Illustrator.

2018-04-02  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/dpx.c (ReadDPXImage): Validate DPX packing method.  Fixes
	oss-fuzz 7296 "graphicsmagick/coder_DPX_fuzzer:
	Use-of-uninitialized-value in WriteDPXImage". (Credit to OSS-Fuzz)

2018-04-02  Greg Wolfe  <gregory.wolfe@kodakalaris.com>

	* coders/svg.c (SVGStartElement, SVGEndElement),
	magick/render.c (DrawImage): This changeset adds support for
	"class" styling attributes within a <style> section within
	the <defs> section, and the ability to reference them from
	other SVG elements by class="classname".  SVG files exported
	from Adobe Illustrator make extensive use of "class" definitions.

2018-04-01  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/pict.c (ReadPICTImage): Fix leak of tile image on EOF.
	This is a recent regression.  Fixes oss-fuzz 7287
	"graphicsmagick/coder_PCT_fuzzer: Indirect-leak in
	CloneImage". (Credit to OSS-Fuzz)

	* magick/pixel_cache.c (OpenCache): Use image->scene rather than
	GetImageIndexInList(image) for scene-id part of cache info file
	name.

	* coders/txt.c (WriteTXTImage): Optimize the progress indicator
	since it is very inefficient with a large number of scenes and
	oss-fuzz 7090 "graphicsmagick/coder_TEXT_fuzzer: Timeout in
	graphicsmagick_coder_TEXT_fuzzer" consistently shows
	GetImageListLength() in its stack traces.

	* coders/dcm.c (ReadDCMImage): DICOM reader was no longer
	immediately quitting with excessive samples per pixel.  This
	caused spinning for a very long time when reading planar images
	with large samples per pixel.  This is a regression due to recent
	changes.  Fixes oss-fuzz 7269 "graphicsmagick/coder_DCM_fuzzer:
	Timeout in graphicsmagick_coder_DCM_fuzzer". (Credit to OSS-Fuzz)

	* coders/xcf.c (ReadXCFImage): Destroy layer info before returning
	due to exception.  This is a new regression due to adding more
	checks. Fixes oss-fuzz 7277 "graphicsmagick/coder_XCF_fuzzer:
	Direct-leak in ReadXCFImage". (Credit to OSS-Fuzz)

	* coders/pdb.c (ReadPDBImage): Assure that all bytes of scanline
	are initialized while decoding.  Fixes oss-fuzz 7051
	"graphicsmagick/coder_PDB_fuzzer: Use-of-uninitialized-value in
	WritePDBImage". (Credit to OSS-Fuzz)

2018-03-31  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/pcx.c (ReadPCXImage): Assure that scanline is
	initialized.  Fixes oss-fuzz 6612
	"graphicsmagick/coder_PCX_fuzzer: Use-of-uninitialized-value in
	WriteRLEPixels". (Credit to OSS-Fuzz)

	* coders/wpg.c (ReadWPGImage): Detect unexpected EOF and avoid use
	of uninitialized data.  Fixes oss-fuzz 6601
	"graphicsmagick/enhance_fuzzer: Use-of-uninitialized-value in
	ImportIndexQuantumType". (Credit to OSS-Fuzz)

	* coders/sgi.c (ReadSGIImage): Assure that RLE decode buffer is
	initialized.  Fixes oss-fuzz 6599
	"graphicsmagick/coder_SGI_fuzzer: Use-of-uninitialized-value in
	SyncImageCallBack" and oss-fuzz 6600
	"graphicsmagick/coder_SGI_fuzzer: Use-of-uninitialized-value in
	SGIEncode". (Credit to OSS-Fuzz)

	* coders/viff.c (ReadVIFFImage): Fix blob I/O size validation to
	avoid use of uninitialized data. Fixes oss-fuzz 6597
	"graphicsmagick/coder_VIFF_fuzzer: Use-of-uninitialized-value in
	ThresholdImage". (Credit to OSS-Fuzz)
	(ReadVIFFImage): Don't execute SetImageType(image,BilevelType) on
	an image which has no pixels yet in order to avoid use of
	uninitialized data. Fixes oss-fuzz 6597.  (Credit to OSS-Fuzz)

	* coders/wbmp.c (ReadWBMPImage): Fix blob I/O size validation to
	avoid use of uninitialized data. Fixes oss-fuzz 7047
	"graphicsmagick/coder_WBMP_fuzzer: Use-of-uninitialized-value in
	ReadWBMPImage". (Credit to OSS-Fuzz)

	* coders/wpg.c (ExtractPostscript): Allow non-Postscript content
	but force reading using the magick we already detected.  Also log
	the format that we detected.

	* coders/xcf.c (ReadOneLayer): Reject layer size of 0x0.  Fixes
	oss-fuzz 6636 "graphicsmagick/coder_XCF_fuzzer: Direct-leak in
	MagickMallocAligned". (Credit to OSS-Fuzz)
	(ReadXCFImage): Verify that seek offsets are within the bounds of
	the file data. Fixes oss-fuzz 6682
	"graphicsmagick/coder_XCF_fuzzer: Out-of-memory in
	graphicsmagick_coder_XCF_fuzzer". (Credit to OSS-Fuzz)

	* magick/pixel_cache.c (ModifyCache): Destroy CacheInfo if
	OpenCache() fails so it is not leaked.

	* coders/wpg.c (ExtractPostscript): Enforce that embedded file is
	a Postscript file.  Fixes oss-fuzz 7235
	"graphicsmagick/coder_WPG_fuzzer: Indirect-leak in MagickRealloc".
	This is indicated to be a regression. (Credit to OSS-Fuzz)

2018-03-30  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/pict.c (ReadPICTImage): Check image pixel limits before
	allocating memory for tile.  Fixes oss-fuzz 7217
	"graphicsmagick/coder_PICT_fuzzer: Out-of-memory in
	graphicsmagick_coder_PICT_fuzzer".

2018-03-29  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/pcd.c (ReadPCDImage): Add checks for EOF. Fixes oss-fuzz
	issue 7180 "graphicsmagick/coder_PCDS_fuzzer: Timeout in
	graphicsmagick_coder_PCDS_fuzzer".  (Credit to OSS-Fuzz)

2018-03-29  Greg Wolfe  <gregory.wolfe@kodakalaris.com>

	* coders/svg.c (SVGStartElement, SVGEndElement),
	magick/render.c (DrawImage): This changeset implements the SVG
	"use" element.  Graphical elements (e.g., "rect", "text", etc.)
	can be tagged with an identifier using 'id="identifier"' when
	defined within the "defs" section.  They can then be referenced
	elsewhere in the SVG file using:

	<use xlink:href="#identifier" ... />

	When referencing a graphical element by its identifier, the
	following syntaxes are now treated as being the same:

	href="#identifier"
	href="url(#identifier)"
	xlink:href="#identifier"
	xlink:href="url(#identifier)"

2018-03-27  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/tim.c (ReadTIMImage): Reader was not observing subimage
	and subrange to quit after the specified frame range.  Inspired by
	oss-fuzz 7132 "graphicsmagick/coder_TIM_fuzzer: Timeout in
	graphicsmagick_coder_TIM_fuzzer" (Credit to OSS-Fuzz)

2018-03-27  Greg Wolfe  <gregory.wolfe@kodakalaris.com>

	* coders/svg.c (SVGStartElement): Enable setting the
	background color from the SVG file when the client
	specifies style="background:color" inside the <svg>
	... </svg> element.

2018-03-25  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/mtv.c (ReadMTVImage): Add some elementary tracing to MTV
	reader.

	* coders/png.c (ReadMNGImage): Fix SourceForge issue 554
	"Divide-by-zero in ReadMNGImage (coders/png.c)".  (Credit to Trace
	Probe)

	* coders/bmp.c (ReadBMPImage): Assure that start position always
	advances to avoid looping BMPs.  Fixes oss-fuzz 7045
	"graphicsmagick/coder_BMP_fuzzer: Timeout in
	graphicsmagick_coder_BMP_fuzzer". (Credit to OSS-Fuzz)

	* coders/pict.c (DecodeImage): Verify that sufficient backing data
	exists before allocating memory to read it.  Fixes oss-fuzz 6629
	"graphicsmagick/coder_PCT_fuzzer: Out-of-memory in
	graphicsmagick_coder_PCT_fuzzer".
	(ReadPICTImage): Destroy tile_image in ThrowPICTReaderException()
	macro to simplify logic.

2018-03-25  Fojtik Jaroslav  <JaFojtik@seznam.cz>

	* coders/mat.c Check whether datablock is really read.
	Fixes oss-fuzz 7056 (Credit to OSS-Fuzz)

	* coders/txt.c Duplicate image check for data with fixed geometry
	previous check is skipped. Fixes oss-fuzz 7090.

2018-03-24  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/dcm.c (ReadDCMImage): Validate that samples per pixel is
	in valid range.  Fixes oss-fuzz 6260
	"graphicsmagick/coder_DCM_fuzzer: Out-of-memory in
	graphicsmagick_coder_DCM_fuzzer". (Credit to OSS-Fuzz)

	* coders/meta.c (format8BIM): Allocate space for null termination
	and null terminate string.  Fixes oss-fuzz 5985
	"graphicsmagick/coder_8BIMTEXT_fuzzer: Heap-buffer-overflow in
	formatIPTCfromBuffer". (Credit to OSS-Fuzz)

	* coders/fits.c (ReadFITSImage): Include number of FITS scenes in
	file size validations.  Fixes oss-fuzz 6781
	"graphicsmagick/coder_FITS_fuzzer: Timeout in
	graphicsmagick_coder_FITS_fuzzer". (Credit to OSS-Fuzz)

2018-03-23  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/meta.c (format8BIM): Validate size request prior to
	allocation. Fixes oss-fuzz issue 5974
	"graphicsmagick/coder_8BIMTEXT_fuzzer: Out-of-memory in
	graphicsmagick_coder_8BIMTEXT_fuzzer". (Credit to OSS-Fuzz)

2018-03-23  Fojtik Jaroslav  <JaFojtik@seznam.cz>

	* coders/mat.c Fix forged amount of frames 7076. (Credit to OSS-Fuzz)

        * coders/topol.c Check for forged image that overflows file size
        (fuzz 6836).

2018-03-23  Greg Wolfe  <gregory.wolfe@kodakalaris.com>

	* magick/render.c, render.h (DrawInfo, CloneDrawInfo,
	DrawClipPath, DrawImage, GetDrawInfo): According to the SVG
	spec, a clipping path is defined only by the geometry of its
	constituent elements, and is not dependent on fill color/opacity,
	stroke color/opacity, or stroke width.  To ensure conformity
	with the spec, when a clipping path is created, these SVG
	elements are set to appropriate values, and any attempt to
	modify them is ignored.

	Also, whenever a clipping path is drawn, the associated image
	attributes are now updated from the parent image structure.
	This ensures that any added or modified attributes are up to
	date.

2018-03-22  Fojtik Jaroslav  <JaFojtik@seznam.cz>

	* coders/topol.c Use rather MagickSwabArrayOfUInt32() to
        flip all array elements at once.

        * magick/annotate.c Compilation issue - using C++ syntax in C code.

2018-03-20  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/dpx.c (ReadDPXImage): Validate header length and offset
	properties.  Fixes oss-fuzz "graphicsmagick/coder_DPX_fuzzer:
	Use-of-uninitialized-value in WriteDPXImage". (Credit to OSS-Fuzz)

2018-03-20  Greg Wolfe  <gregory.wolfe@kodakalaris.com>

	* magick/annotate.c (RenderType): According to the SVG
	spec, the 'font-family' element can be a comma-separated
	list of one or more font family names.  Function RenderType
	in file annotate.c has been modified to support multiple
	font family names as follows.  The comma-separated list is
	processed until the first available font family is found.
	If no font family is found, or if font substitution occurred,
	then the entire font family string is tested to see if it
	exactly matches a font name, or if the font family string
	with blanks changed to hypens exactly matches a font name.
	If a font name match is found, the matched font overrides
	the font substution.  The font name matching functionality
	is beyond what's in the SVG spec and is provided as a
	convenience to the user.

2018-03-20  Fojtik Jaroslav  <JaFojtik@seznam.cz>

	* coders/mat.c Fix forged amount of frames 6755. (Credit to OSS-Fuzz)

2018-03-20  Fojtik Jaroslav  <JaFojtik@seznam.cz>

	* coders/topol.c Redesign ReadBlobDwordLSB() to be more effective.

2018-03-19  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/xpm.c (ReadXPMImage): Reject XPM if its condensed version
	contains non-whitespace control characters.  Fixes oss-fuzz 7027
	"graphicsmagick/coder_XPM_fuzzer: Timeout in
	graphicsmagick_coder_XPM_fuzzer". (Credit to OSS-Fuzz)

2018-03-19  Fojtik Jaroslav  <JaFojtik@seznam.cz>

	* coders/topol.c Fix tile index overflow fuzz 6634. (Credit to OSS-Fuzz)

2018-03-19  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/dcm.c (DCM_ReadGrayscaleImage): Don't use rescale map if
	it was not allocated.  This issue was induced in this development
	cycle due to disabling generating the rescale map.  Fixes oss-fuzz
	7021 "graphicsmagick/coder_DCM_fuzzer: Null-dereference READ in
	DCM_ReadGrayscaleImage". (Credit to OSS-Fuzz)

2018-03-18  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* magick/color_lookup.c (QueryColorDatabase): Defend against
	partial scanf() expression matching, resulting in use of
	uninitialized data.  Likely fixes oss-fuzz 6596
	"graphicsmagick/coder_XPM_fuzzer: Use-of-uninitialized-value in
	IsMonochromeImage". (Credit to OSS-Fuzz)

	* coders/rle.c (ReadRLEImage): Validate number of colormap bits to
	avoid undefined shift behavior.  Fixes oss-fuzz 6630
	"graphicsmagick/enhance_fuzzer: Undefined-shift in
	ReadRLEImage". (Credit to OSS-Fuzz)

	* coders/dcm.c (DCM_ReadRGBImage): Don't use rescale map if it was
	not allocated.  This issue was induced in this development cycle
	due to disabling generating the rescale map.  Fixes oss-fuzz 6995
	"graphicsmagick/coder_DCM_fuzzer: Null-dereference READ in
	DCM_ReadRGBImage". (Credit to OSS-Fuzz)

	* coders/dib.c (DecodeImage): Report failure to decode to expected
	amount of pixel data as an error.  Fixes oss-fuzz 7007
	"graphicsmagick/enhance_fuzzer: Use-of-uninitialized-value in
	EnhanceImage". (Credit to OSS-Fuzz)

	* coders/bmp.c (ReadBMPImage): Add file size and offset/seek
	validations.  Fixes oss-fuzz 6623
	"graphicsmagick/coder_BMP_fuzzer: Timeout in
	graphicsmagick_coder_BMP_fuzzer". (Credit to OSS-Fuzz)

2018-03-17  Fojtik Jaroslav  <JaFojtik@seznam.cz>

	* dcraw/dcraw.c Updated to version 9.27

2018-03-15  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/gif.c (ReadGIFImage): Fix botched fixes for use of
	uninitialized data when reading GIF extension blocks.  Hopefully
	ok now.

2018-03-13  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/gif.c (ReadGIFImage): Fix use of uninitialized data when
	reading GIF extension blocks.  Fixes oss-fuzz 6609
	"graphicsmagick/coder_GIF_fuzzer: Use-of-uninitialized-value in
	MagickArraySize". This seems to be a totally benign issue. (Credit
	to OSS-Fuzz)

	* magick/magick.c (MagickSignal): Use an alternate signal stack,
	if available.  This is required for Go lang C language extensions
	since Go lang requests an alternate signal sack, and uses small
	stacks for its threads.  If the library user has not allocated an
	alternate signal stack, then behavior should be just as before.
	Issue was originally reported by yzh杨振宏 on March 1, 2018 via
	the graphicsmagick-help SourceForge mailing list.

2018-02-28  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* magick/pixel_cache.c (AcquireCacheNexus): Add a check that the
	pixel cache is compatible with the image dimensions.  Fixes
	oss-fuzz issues 5978 5988 5989 5990 5993 6016, and 6056, which are
	all related to the PICT writer. (Credit to OSS-Fuzz)

	* magick/draw.c (DrawGetStrokeDashArray): Check for failure to
	allocate memory.  Patch submited by Petr Gajdos via email on
	February 28, 2018.

2018-02-27  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/fits.c (ReadFITSImage): Fix signed integer overflow when
	computing pixels size.  Fixes oss-fuzz 6586
	"graphicsmagick/coder_FITS_fuzzer: Integer-overflow in
	ReadFITSImage". (Credit to OSS-Fuzz)

2018-02-27  Greg Wolfe  <gregory.wolfe@kodakalaris.com>

	* coders/svg.c (SVGStartElement, SVGEndElement): From the
	SVG spec:  "The 'foreignObject' element allows for inclusion
	of a foreign namespace which has its graphical content drawn
	by a different user agent."  Code has been added to consume
	and discard the 'foreignObject' element and any settings (e.g.,
	fill color) internal to it.  Previously, settings internal
	to the 'foreignObject' element would persist and "leak" into
	the graphic elements that followed it, resulting in undesired
	side effects (e.g., fill color other than the expected default).

2018-02-27  Greg Wolfe  <gregory.wolfe@kodakalaris.com>

	* magick/render.c (DrawPolygonPrimitive): Fixed a bug
	introduced by changeset 39102dd1d456.  For SVG, this
	changeset applied both the group AND the fill opacity
	values to fill patterns (similarly for stroke).  For WMF,
	however, this caused the fill pattern to be rendered as
	100% transparent.  A closer reading of the SVG spec does
	NOT show that the fill opacity should be applied to the
	fill pattern, so as of this latest changeset only the group
	opacity value is applied to fill and stroke patterns.

2018-02-27  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/bmp.c (ReadBMPImage): Fix divide by zero regression added
	by latest fixes.  Fixes oss-fuzz 6583
	"graphicsmagick/coder_BMP_fuzzer: Divide-by-zero in ReadBMPImage".
	(Credit to OSS-Fuzz)

2018-02-26  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/pict.c (ReadPICTImage): Validate that PICT rectangles do
	not have zero dimensions.  Specify expected file type when reading
	from a temporary file.  Trace PICT rectangle dimensions.  More
	detection of blob EOF and more error handling.  Fixes oss-fuzz
	issue 6193 "graphicsmagick/coder_PCT_fuzzer: Unknown signal in
	AllocateImageColormap" and likely many oss-fuzz ASAN/UBSAN issues
	reported against "PCT" and "PICT" since this one problem appears
	to be causing a spew of reports.

	* coders/png.c (ReadMNGImage): Detect and handle failure to
	allocate global PLTE.  Problem was reported via email from Petr
	Gajdos on February 26, 2018.

2018-02-25  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* magick/blob.c (ReadBlobLSBDouble): Make sure imported double is
	a normal value.
	(ReadBlobLSBDoubles): Make sure imported doubles are normal
	values.
	(ReadBlobLSBFloat): Make sure imported float is a normal value.
	(ReadBlobLSBFloats): Make sure imported floats are normal values.
	(ReadBlobMSBFloat): Make sure imported float is a normal value.
	(ReadBlobMSBFloats): Make sure imported floats are normal values.
	(ReadBlobMSBDouble): Make sure imported double is a normal value.
	(ReadBlobMSBDoubles): Make sure imported doubles are normal
	values.

	* magick/import.c (ImportFloat32Quantum): Make sure imported float
	is a normal value.
	(ImportFloat64Quantum): Make sure imported double is a normal
	value.

	* magick/image.h (RoundDoubleToQuantum): Restore previous behavior
	(from earlier today).
	(RoundFloatToQuantum): Restore previous behavior (from earlier
	today).

	* coders/bmp.c (ReadBMPImage): Fix UBSAN runtime error: left shift
	of 205 by 24 places cannot be represented in type 'int'.

	* coders/ept.c (ReadEPTImage): Fix dereference of NULL pointer
	which was detected by UBSAN in the test suite.

	* magick/image.h (RoundDoubleToQuantum): Check double value for
	NaN and infinity in order to avoid undefined behavior.
	(RoundFloatToQuantum): Check float value for NaN and infinity in
	order to avoid undefined behavior.

	* magick/common.h (MAGICK_ISNAN): Add a isnan() wrapper macro.
	(MAGICK_ISINF): Add a isinf() wrapper macro.

2018-02-25  Fojtik Jaroslav  <JaFojtik@seznam.cz>

	* coders/mat.c Fix oss-fuzz issue 6273 - Heap-use-after-free in
	GetLocaleExceptionMessage. (Credit to OSS-Fuzz)

2018-02-24  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/dcm.c (DCM_PostRescaleImage): Remove use of
	DCM_PostRescaleImage() since its implementation is wrong and
	accesses non-allocated heap memory.  Problem was reported by Petr
	Gajdos via email on February 8, 2018.

	* coders/jp2.c (ReadJP2Image): Use a ThrowJP2ReaderException macro
	to automatically clean up when throwing an exception.

	* coders/bmp.c (ReadBMPImage): Report an error if RLE decode does
	not produce the expected number of bytes.  Fixes oss-fuzz issue
	6015 "graphicsmagick/coder_BMP_fuzzer: Out-of-memory in
	graphicsmagick_coder_BMP_fuzzer". (Credit to OSS-Fuzz)

2018-02-23  Greg Wolfe  <gregory.wolfe@kodakalaris.com>

	* magick/render.c (DrawImage): Fixed a bug in which graphical
	elements defined within <defs> ... </defs> were being rendered,
	contrary to the SVG spec.

2018-02-23  Greg Wolfe  <gregory.wolfe@kodakalaris.com>

	* magick/render.c (DrawPolygonPrimitive): When filling or
	stroking a polygon using a pattern, the fill (or stroke)
	and group/object opacity values were not being applied to
	the pattern (fixed).

2018-02-23  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/bmp.c (ReadBMPImage): Fix SeekBlob() return value checks.
	Add more EOF checks.  Require that a provided ba_offset be a
	forward seek in order to avoid the possibility of endless looping.

2018-02-23  Fojtik Jaroslav  <JaFojtik@seznam.cz>

	* coders/mat.c Fix oss-fuzz issue 6301. (Credit to OSS-Fuzz)

2018-02-22  Greg Wolfe  <gregory.wolfe@kodakalaris.com>

	* magick/alpha_composite.c (BlendQuantumOpacity): The
	pixel compositing equation used when compositing an
	image into the output was incorrect and has been fixed.

	* magick/render.c (DrawPolygonPrimitive): When
	compositing polygon edge pixels over a transparent
	black background, the code would composite as if the
	background were opaque black, resulting in the edge
	pixels being too dark (fixed).

2018-02-21  Greg Wolfe  <gregory.wolfe@kodakalaris.com>

	* magick/render.c (DrawImage): Per the SVG spec, opacity,
	fill-opacity, and stroke-opacity values are now clamped
	to [0,1].

	Also fixed two bugs introduced by changeset 91de8039f27d
	(dated 2018-02-12): (1) a group/object opacity value
	specified using a percentage was not being converted to a
	value in [0,1]; (2) if fill-opacity or stroke-opacity was
	1, and the group/object opacity value was set to 1, the
	resulting fill-opacity or stroke-opacity value would be
	set to 0 instead of 1.
	
2018-02-19  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/viff.c (ReadVIFFImage): Fix excessive memory usage.
	Fixes oss-fuzz 6006 "graphicsmagick/coder_XV_fuzzer: Out-of-memory
	in graphicsmagick_coder_XV_fuzzer". (Credit to OSS-Fuzz)

	* coders/txt.c (ReadInt): Avoid benign signed integer overflow due
	to accepting an arbitrary number of digits.  Fixes oss-fuzz 6002
	"graphicsmagick/coder_TEXT_fuzzer: Integer-overflow in
	ReadInt". (Credit to OSS-Fuzz)

	* coders/viff.c (ReadVIFFImage): Verify that there is sufficient
	data to back up colormap allocation request.  Fixes oss-fuzz 5986
	"graphicsmagick/coder_VIFF_fuzzer: Out-of-memory in
	graphicsmagick_coder_VIFF_fuzzer". (Credit to OSS-Fuzz)

	* magick/memory.c: Define MAGICK_MEMORY_HARD_LIMIT=value to abort
	when memory request exceeds value.  Useful to find location of
	excessive memory requests.

2018-02-19  Greg Wolfe  <gregory.wolfe@kodakalaris.com>

	* coders/svg.c (SVGStartElement): Per the SVG spec, the
	SVG coder now initializes the MVG coder (which renders
	SVG graphical elements) with the the SVG defaults for
	fill color, fill-opacity, stroke color, stroke-opacity,
	and stroke-width.  This makes the SVG coder independent
	of the MVG coder intial state.

2018-02-19  Greg Wolfe  <gregory.wolfe@kodakalaris.com>

	* coders/svg.c (SVGStartElement): Fixed initialization of
	x and y attributes per the SVG spec:  for graphical elements
	"image", "pattern", "text", "rect", and "use", if the x or y
	attribute is not specified, the effect is as if a value of
	"0" were specified.

2018-02-18  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/sun.c (ReadSUNImage): Fix edge case which broke file-size
	validation logic.  Fixes oss-fuzz issue 5981
	"graphicsmagick/coder_SUN_fuzzer: Out-of-memory in
	graphicsmagick_coder_SUN_fuzzer". (Credit to OSS-Fuzz)

	* coders/txt.c (ReadTXTImage): Validate that file size is
	sufficient for claimed image properties.  Fixes oss-fuzz issue
	5960 "graphicsmagick/coder_TXT_fuzzer: Out-of-memory in
	graphicsmagick_coder_TXT_fuzzer". (Credit to OSS-Fuzz)

	* coders/tga.c (ReadTGAImage): Only allow 1 and 8 bit
	colormapped/grey images. Fixes oss-fuzz issue 6314
	"graphicsmagick/coder_ICB_fuzzer: Undefined-shift in
	ReadTGAImage". (Credit to OSS-Fuzz)

	* coders/bmp.c (ReadBMPImage): Detect and report when BMP height
	value is out of range (too negative). Fixes oss-fuzz issue 6394
	"graphicsmagick/coder_BMP_fuzzer: Integer-overflow in
	ReadBMPImage". (Credit to OSS-Fuzz)

	* coders/rla.c (ReadRLAImage): Detect when RLE decoding is
	producing too many samples and report as an error.  Fixes oss-fuzz
	issue 6312 "graphicsmagick/coder_RLA_fuzzer: Timeout in
	graphicsmagick_coder_RLA_fuzzer". (Credit to OSS-Fuzz)

	* coders/fits.c (ReadFITSImage): Validate that file size is
	sufficient for claimed image properties.  Fixes oss-fuzz issue
	6429 "graphicsmagick/coder_FITS_fuzzer: Timeout in
	graphicsmagick_coder_FITS_fuzzer". (Credit to OSS-Fuzz)

	* magick/image.c (CloneImage): Check image pixel limits in
	CloneImage() when it is used to change the image dimensions.  This
	avoids depending on the using code to detect and report such
	issues.

	* coders/xcf.c (ReadXCFImage): Check image pixel limits after each
	CloneImage() to assure that image is within specified resource
	limits.  Fixes oss-fuzz issue 6399 "graphicsmagick/enhance_fuzzer:
	Timeout in graphicsmagick_enhance_fuzzer". (Credit to OSS-Fuzz)

2018-02-16  Greg Wolfe  <gregory.wolfe@kodakalaris.com>

	* magick/render.c (TracePath): TracePath() was not
	correctly processing multiple sets of cubic or quadratic
	Bezier coordinates when the previous path data command was
	not a cubic or quadratic Bezier command.  This would result
	in the first control point being equal to the current path
	point instead of being computed using the current path
	point and the second control point of the previous Bezier
	command.

2018-02-15  Greg Wolfe  <gregory.wolfe@kodakalaris.com>

	* magick/render.c (TracePath): TracePath() was not
	consuming commas (if present) at the end of a set of
	points when multiple sets of points were specified for
	various path commands (e.g., line, Bezier). This
	resulted in the remaining sets of points being ignored
	(fixed).

2018-02-15  Greg Wolfe  <gregory.wolfe@kodakalaris.com>

	* magick/render.c (TraceArcPath): No points are generated
	by TraceArcPath() if the starting and ending arc points
	are the same.  For this case, the coordinate count was not
	being set to zero before returning (fixed).

2018-02-15  Greg Wolfe  <gregory.wolfe@kodakalaris.com>

	* magick/render.c (DrawImage): Clipping of polygons in
	DrawImage() would sometime result in a starting pixel
	location that was greater than the ending pixel location,
	causing a subsequent call to GetImagePixelsEx() to fail
	due a column count <= 0.  Modified the clipping code to
	eliminate this condition, and also to return early if
	the polygon lies completely outside the image boundaries.
	Also fixed variable declarations from a previous commit
	that were causing problems for the C89 compiler.

2018-02-13  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/topol.c (ReadTOPOLImage): Detect EOF immediately rather
	than spinning.  Fixes oss-fuzz issue 6303
	"graphicsmagick/coder_TOPOL_fuzzer: Timeout in
	graphicsmagick_coder_TOPOL_fuzzer". (Credit to OSS-Fuzz)

	* coders/dcm.c (DCM_SetupRescaleMap): Avoid excessive left shift.
	Fixes oss-fuzz issue 6256 "graphicsmagick/coder_DCM_fuzzer:
	Undefined-shift in DCM_SetupRescaleMap". (Credit to OSS-Fuzz)

2018-02-12  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/wpg.c (ExtractPostscript): Detect EOF on input while
	transferring bytes to Postscript file.  Fixes oss-fuzz issue 6087
	"graphicsmagick/coder_WPG_fuzzer: NULL".  Later identified to be
	CVE-2017-17682 as previously discovered in ImageMagick.  (Credit to
	OSS-Fuzz)

	* coders/pdb.c (ReadPDBImage): Quit attempting to read image data
	immediately at EOF. Fixes oss-fuzz issue 6252
	"graphicsmagick/coder_PDB_fuzzer: Timeout in
	graphicsmagick_coder_PDB_fuzzer".  (Credit to OSS-Fuzz)

2018-02-12  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/topol.c (ReadTOPOLImage): Avoid index out of bounds when
	input filename does not use a file extension. Fixes oss-fuzz issue
	6237 "graphicsmagick/coder_TOPOL_fuzzer: Index-out-of-bounds in
	ReadTOPOLImage".  (Credit to OSS-Fuzz)

2018-02-12  Greg Wolfe  <gregory.wolfe@kodakalaris.com>

	* magick/render.c (DrawImage): Object/group opacity,
	when set in DrawImage(), would overwrite the fill
	and stroke opacities. This has been fixed so that
	the object opacity is now combined with the fill
	and stroke opacities per the SVG spec.

2018-02-12  Fojtik Jaroslav  <JaFojtik@seznam.cz>

	* coders/mat.c Fix oss-fuzz issue 6021. (Credit to OSS-Fuzz)

2018-02-11  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/dcm.c (ReadDCMImage): Avoid undefined left shift of
	short.  Fix memory leaks in error reporting paths.  Fixes oss-fuzz
	issue 6217 "graphicsmagick/coder_DCM_fuzzer: Undefined-shift in
	ReadDCMImage". (Credit to OSS-Fuzz)

	* coders/dpx.c (ReadDPXImage): Avoid divide by zero exception in
	the case where reference high equals reference low. Fixes oss-fuzz
	issue 6215 "graphicsmagick/coder_DPX_fuzzer: Divide-by-zero in
	ReadDPXImage". (Credit to OSS-Fuzz)

	* coders/topol.c (ReadTOPOLImage): Avoid index out of bounds when
	input filename does not use a file extension.

	* coders/cut.c (ReadCUTImage): Avoid index out of bounds when
	input filename does not use a file extension. Fixes oss-fuzz issue
	6218 "graphicsmagick/coder_CUT_fuzzer: Index-out-of-bounds in
	ReadCUTImage".  (Credit to OSS-Fuzz)

	* coders/pwp.c (ReadPWPImage): Force temporary file to be read as
	a SFW file rather than autodetecting the format.  Fixes oss-fuzz
	issue 6220 "graphicsmagick/coder_PWP_fuzzer: Indirect-leak in
	AllocateImage".  (Credit to OSS-Fuzz)

2018-02-10  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/pdf.c (WritePDFImage): Assure that xref memory is not
	leaked if an exception is thrown.  Fixes oss-fuzz issue 5968
	"graphicsmagick/coder_EPDF_fuzzer: Direct-leak in MagickRealloc".
	(Credit to OSS-Fuzz)

	* coders/tim.c (ReadTIMImage): Verify that 4/8 bit PSX TIM
	provides a CLUT and verify indexes.  Fixes oss-fuzz issue 5972
	"graphicsmagick/coder_TIM_fuzzer: Null-dereference WRITE in
	ReadTIMImage".  (Credit to OSS-Fuzz)

	* coders/topol.c (ReadTOPOLImage): Add additional header
	validations.  Fixes oss-fuzz issue 5975
	"graphicsmagick/coder_TOPOL_fuzzer: Floating-point-exception in
	ReadTOPOLImage".  (Credit to OSS-Fuzz)

	* coders/bmp.c (ReadBMPImage): Avoid possible division by zero
	when decoding CIE primary values. (Credit to OSS-Fuzz)

	* magick/export.c (ExportViewPixelArea): Only compute
	unsigned_maxvalue if sample_bits <= 32.

	* magick/import.c (ImportViewPixelArea): Assure that
	double_maxvalue minus double_minvalue is not zero, or excessively
	close to zero to avoid divide by zero exception or impossible
	scaling factor. (Credit to OSS-Fuzz)
	(ImportViewPixelArea): Only compute unsigned_maxvalue if
	sample_bits <= 32.

2018-02-09  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/dib.c (ReadDIBImage): Validate that image width is not
	too negative such that it's absolute value can not fit in 32-bit
	unsigned width. Resolves oss-fuzz issue 6179
	"graphicsmagick/coder_ICO_fuzzer: Integer-overflow in
	ReadDIBImage". (Credit to OSS-Fuzz)

	* coders/dcm.c (funcDCM_BitsStored): Validate DICOM datum size.
	Use a different means to determine the maximum value which does
	not use excessive shifting.  Resolves oss-fuzz issue 6165
	"graphicsmagick/coder_DCM_fuzzer: Undefined-shift in
	funcDCM_BitsStored". (Credit to OSS-Fuzz)

2018-02-08  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/dpx.c (ReadWordU32BE): Add casts to avoid default type
	promotion from unsigned char to 'int' leading to undefined
	behavior for 24 bit shift. Fixes oss-fuzz issue 6058
	"graphicsmagick/coder_DPX_fuzzer: Undefined-shift in
	ReadWordU32BE". (Credit to OSS-Fuzz)
	(ReadDPXImage): Require that the file has at least one element.
	Add bountiful casts for values which are left-shifted.  Fixes
	oss-fuzz issue 5962 "graphicsmagick/coder_DPX_fuzzer:
	Undefined-shift in ReadDPXImage". (Credit to OSS-Fuzz)

	* coders/dcm.c (DCM_ReadOffsetTable): Add casts Add casts to avoid
	default type promotion from unsigned char to 'int' leading to
	undefined behavior for 16 bit shift. Fixes oss-fuzz issue 5980
	"graphicsmagick/coder_DCM_fuzzer: Undefined-shift in
	DCM_ReadOffsetTable". (Credit to OSS-Fuzz)

	* magick/module_aliases.h (ModuleAliases): Add missing mapping
	from "ICODIB" format to "DIB" module.

	* magick/import.c (ImportUInt32Quantum): Add casts to avoid
	default type promotion from unsigned char to 'int' leading to
	undefined behavior for 24 bit shift.  Fixes oss-fuzz
	"graphicsmagick/coder_P7_fuzzer: Undefined-shift in
	ImportRGBQuantumType". (Credit to OSS-Fuzz)

2018-02-07  Fojtik Jaroslav  <JaFojtik@seznam.cz>

	* coders/wpg.c Fix oss-fuzz issue 5964
	"graphicsmagick/coder_MAT_fuzzer: Heap-use-after-free in
	GetLocaleExceptionMessage". (Credit to OSS-Fuzz)

2018-02-07	Greg Wolfe  <gregory.wolfe@kodakalaris.com>

	* magick/render.c (IsPoint): Fixed a bug in which
	IsPoint() would reject as a valid coordinate value
	strings that did not begin with an integer: e.g.,
	"0.25" would be accepted, but ".25" would not.

2018-02-07  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/cut.c (ReadCUTImage): Fix DestroyImageInfo() of NULL
	pointer leading to assertion.  Fixes oss-fuzz issue 6067
	"graphicsmagick/coder_CUT_fuzzer: Unknown signal in
	DestroyImageInfo".

	* coders/tga.c (ReadTGAImage): Throw exception rather than
	assertion for unexpected comment size.  Fixes oss-fuzz issue 5961
	"graphicsmagick/coder_ICB_fuzzer: ASSERT: (size_t)
	(tga_info.id_length+1) == commentsize".

2018-02-06  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/pdf.c (WritePDFImage): Free 'xref' allocation before
	error return.  Fixes oss-fuzz issue 5968
	"graphicsmagick/coder_EPDF_fuzzer: Direct-leak in MagickRealloc".

2018-02-04  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/pdb.c (ReadPDBImage): Fix heap buffer overflow if blob is
	already at EOF when comment is read.  Fixes oss-fuzz issue 5997
	"graphicsmagick/coder_PDB_fuzzer: Heap-buffer-overflow in
	SetImageAttribute".

	* coders/dpx.c (ReadDPXImage): Fix memory leak of user data if
	user data is truncated.  Fix consumption of one uninitialized
	stack bytes.  Fixes oss-fuzz issue 5973:
	graphicsmagick/enhance_fuzzer: Direct-leak in ReadDPXImage.

	* coders/pnm.c (ReadPNMImage): Detect and avoid division by zero.
	Fixes Issue 5959 in oss-fuzz: graphicsmagick/coder_P7_fuzzer:
	Divide-by-zero in ReadPNMImage

	* magick/xwindow.c (MagickXClientMessage): Eliminate valgrind
	gripe about use of uninitialized stack data by clearing allocation
	to zero.
	(MagickXMakeImage): Eliminate valgrind gripe about use of
	uninitialized heap data by clearing allocation to zero.

	* coders/pwp.c (ReadPWPImage): Remove bogus EOF test on an image
	with a closed blob.  Fixes Issue 5957 in oss-fuzz:
	graphicsmagick/coder_PWP_fuzzer: ASSERT: image->blob->type !=
	UndefinedStream.

	* www/Changes.rst: Fix typo with spelling "ChangeLog-2017.html".
	Resolves SourceForge issue #544 "dead link 2017 changelog page on
	GraphicsMagick web site".

2018-02-03  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* magick/static.c (OpenModule): Assure that status is initialized.
	Resolves Coverity 261207 "Uninitialized scalar variable".

	* wand/magick_wand.c (MagickHasColormap): New function to test if
	the image has a colormap.
	(MagickIsGrayImage): New function to test if the image uses only
	gray pixels.
	(MagickIsMonochromeImage): New function to test if the image uses
	only monochrome pixels.
	(MagickIsOpaqueImage): New function to test if the image uses only
	opaque pixels.
	(MagickIsPaletteImage): New function to test if the image is based
	on a color palette.  Above functions are written by Troy Patteson
	and submitted via SourceForge patch #54 "Wand API patches: has
	colormap, is gray image, is monochrome image, is opaque image, is
	palette image".

	* fuzzing: Added initial OSS-Fuzz integration by Alex Gaynor.
	From SourceForge patch #55 "OSS-Fuzz integration"

	* coders/png.c (ReadMNGImage): Fix free using possibly unallocated
	pointer value.

	* magick/blob.c (SeekBlob): Remove implicit extension of blob
	allocation size based on seek offset.  Besides making an
	assumption about how the blob memory was allocated, this
	reallocation feature provides a memory DOS opportunity.  Resolves
	issue reported by Alex Gaynor via email entitled "Security issue
	with memory management in Magick++" to the graphicsmagick-security
	list on 31 Jan 2018.
	(SeekBlob):

	* coders/jpeg.c (ReadIPTCProfile): Revert inadvertent wrong return
	codes added by change on December 9, 2017.  Fixes SourceForge bug
	542 "Improper call to JPEG library in state 201" since 1.3.28.

2018-02-01  Greg Wolfe  <gregory.wolfe@kodakalaris.com>

	* magick/annotate.c (RenderFreetype): Fixed the text
	opacity computation in RenderFreeType(). This bug caused
	the text fill color to bleed into the character cell when
	the SVG "fill-opacity" is less than 1.0.

2018-02-01  Greg Wolfe  <gregory.wolfe@kodakalaris.com>

	* magick/attribute.c (CloneImageAttributes): Fixed a bug
	in which the source image attributes would always replace
	the destination image attributes instead of being appended
	to them, and the destination image attributes would become
	a memory leak.

2018-01-31  Greg Wolfe  <gregory.wolfe@kodakalaris.com>

	* coders/svg.c (SVGStartElement): Fixed a bug in which the
	x,y location values for a <text> or <tspan> were overwritten
	by the x,y values for the next <tspan> before the previous
	values were used.  This caused the text associated with the
	previous <text> or <tspan> to appear at the location
	specified for the next <tspan>.

2018-01-30  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* magick/static.c: Use !defined(SupportMagickModules) to enable
	static module loader.  Fixes SourceForge bug #543 "Multiple
	definition of "OpenModule" (etc) when cross-compiling shared".

2018-01-29  Greg Wolfe  <gregory.wolfe@kodakalaris.com>

	* coders/svg.c (SVGStartElement): A terminating '>' in
	a geometry string is interpreted to mean that the dimensions
	of an image should only be changed if its width or height
	exceeds the geometry specification.  For an unapparent and
	undocumented reason, a terminating '>', if present, was
	being nulled out, making this feature unusable for SVG files
	(now fixed).

2018-01-29  Greg Wolfe  <gregory.wolfe@kodakalaris.com>

	* coders/svg.c (ReadSVGImage): If there is a geometry string
	in image_info->size (e.g., gm convert -size "50x50%" in.svg
	out.png), AllocateImage() sets image->columns and image->rows
	to the width and height values from the size string.  However,
	this makes no sense if the size string was something like
	"50x50%" (we'll get columns = rows = 50).  So we set columns
	and rows to 0 after AllocateImage(), which is the same as if
	no size string was supplied by the client.  This also results
	in svg_info.bounds to be set to 0,0 (i.e., unknown), so that
	svg_info.bounds will later be set using the image size
	information from either the svg "canvas" width/height or from
	the viewbox.  Later, variable "page" is set from
	svg_info->bounds. Then the geometry string in image_info->size
	gets applied to the (now known) "page" width and height when
	SvgStartElement() calls GetMagickGeometry(), and the intended
	result is obtained.


2018-01-24  Greg Wolfe  <gregory.wolfe@kodakalaris.com>

	* coders/svg.c (SVGStartElement): When the density (DPI)
	is specified using the ImageInfo::density member, the derived
	scale factor is incorrectly applied a second time to the
	width and height members of variable RectangleInfo page.
	Fixes SourceForge ticket #451.

2018-01-23  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* magick/static.c: Use a lazy-loader for static modules with the
	same external interface as the lazy-loader for dynamic modules.

2018-01-20  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* NEWS.txt: Prepare for 1.3.28 release.

2018-01-17  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* NEWS.txt: Update with changes since previous release.

2018-01-14  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* PerlMagick/Magick.xs: Compiler warnings reduction.

	* magick/pixel_cache.h: Mark GetPixels(), GetIndexes(), and
	GetOnePixel() as deprecated.  Compilers may produce a warning if
	these functions are used.

	* magick/pixel_cache.c (InterpolateColor): Return black pixel if
	InterpolateViewColor() reports failure.

	* coders/png.c (ReadMNGImage): Fix memory leak of chunk and
	mng_info in error path.

	* coders/gif.c (ReadGIFImage): Fix memory leak of global colormap.

2018-01-13  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* magick/symbols.h: Fix SourceForge issue #538 "13 symbols in
	common with ImageMagick despite --enable-symbol-prefix".

	* coders/bmp.c (ReadBMPImage): Fix non-terminal loop due to
	unexpected bit-field mask value.  Fixes SourceForge issue #541
	"Infinite Loop in ReadBMPImage (coders/bmp.c)".

	* coders/jpeg.c (JPEGMessageHandler): Revert code added on
	2017-07-08 to promote certain warnings from libjpeg to errors.
	Add code to rationalize claimed image dimensions based on file
	size.  Resolves SourceForge issue #539 "Images with libjpeg
	warnings result in error".

2018-01-11  Fojtik Jaroslav  <JaFojtik@seznam.cz>

	* coders/wpg.c Recursive ReadImage could return multiple scenes
          fixed.

2018-01-07  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/png.c (ReadOnePNGImage): Quit 'passes' loop if we
	encountered an error

	* magick/pixel_cache.c (SetNexus): Fix heap overwrite in
	AcquireCacheNexus() due to SetNexus() not using an allocated
	staging area for the pixels like it should.  This problem impacts
	all 1.3.X releases.  Resolves SourceForge issues 532
	"heap-buffer-overflow bug in ReadWPGImage" and #531
	"heap-buffer-overflow in AcquireCacheNexus".

	* magick/pixel_cache.c (InterpolateViewColor): Now returns
	MagickPassFail rather than void.  Code using this function is
	updated to check the return status.

2018-01-01  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* magick/describe.c (DescribeImage): Discriminate between
	AcquireImagePixels() returning NULL or finding a transparent
	pixel.  This avoids use of a null pointer in the case where
	AcquireImagePixels() returns NULL.

2017-12-31  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* magick/static.c: Change static module initialization to be based
	on an initialized list rather than a squence of function calls in
	order to simplify maintenance and possibly address future
	requirements.

2017-12-30  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* Copyright.txt: Bump copyright years and rotate ChangeLog.