diff mbox series

[meta-oe,walnascar,09/11] imagemagick: patch CVE-2025-55212

Message ID 20251008205914.598660-9-skandigraun@gmail.com
State New
Headers show
Series [meta-oe,walnascar,01/11] imagemagick: patch CVE-2025-53014 | expand

Commit Message

Gyorgy Sarvari Oct. 8, 2025, 8:59 p.m. UTC 
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-55212

Pick the patch that mentions the related github advisory in its commit message.

Also backport the missing function that the fix uses.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
---
 .../imagemagick/0001-CVE-2025-55212.patch     | 56 +++++++++++++++++++
 .../imagemagick/imagemagick_7.1.1-43.bb       |  1 +
 2 files changed, 57 insertions(+)
 create mode 100644 meta-oe/recipes-support/imagemagick/imagemagick/0001-CVE-2025-55212.patch
diff mbox series

Patch

diff --git a/meta-oe/recipes-support/imagemagick/imagemagick/0001-CVE-2025-55212.patch b/meta-oe/recipes-support/imagemagick/imagemagick/0001-CVE-2025-55212.patch
new file mode 100644
index 0000000000..c409dc807d
--- /dev/null
+++ b/meta-oe/recipes-support/imagemagick/imagemagick/0001-CVE-2025-55212.patch
@@ -0,0 +1,56 @@ 
+From a5acb50364cfa7fa6cfb56af9b2c1ac3d7efce93 Mon Sep 17 00:00:00 2001
+From: Cristy <urban-warrior@imagemagick.org>
+Date: Sun, 17 Aug 2025 14:33:44 -0400
+Subject: [PATCH] CVE-2025-55212
+
+https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-fh55-q5pj-pxgw
+
+CVE: CVE-2025-55212
+Upstream-Status: Backport [https://github.com/ImageMagick/ImageMagick/commit/5f0bcf986b8b5e90567750d31a37af502b73f2af]
+Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
+---
+ MagickCore/resize.c | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/MagickCore/resize.c b/MagickCore/resize.c
+index 381b3a663..d34c5e23a 100644
+--- a/MagickCore/resize.c
++++ b/MagickCore/resize.c
+@@ -74,6 +74,7 @@
+ #include "MagickCore/resize.h"
+ #include "MagickCore/resize-private.h"
+ #include "MagickCore/resource_.h"
++#include "MagickCore/statistic-private.h"
+ #include "MagickCore/string_.h"
+ #include "MagickCore/string-private.h"
+ #include "MagickCore/thread-private.h"
+@@ -4602,8 +4602,10 @@ MagickExport Image *ThumbnailImage(const Image *image,const size_t columns,
+         x_factor,
+         y_factor;
+ 
+-      x_factor=(ssize_t) image->columns/(ssize_t) columns;
++      x_factor=(ssize_t) (image->columns*MagickSafeReciprocal((double) 
++        columns));
+       y_factor=(ssize_t) image->rows/(ssize_t) rows;
++      y_factor=(ssize_t) (image->rows*MagickSafeReciprocal((double) rows));
+       if ((x_factor > 4) && (y_factor > 4))
+         {
+           thumbnail_image=SampleImage(clone_image,4*columns,4*rows,exception);
+diff --git a/MagickCore/statistic-private.h b/MagickCore/statistic-private.h
+index f873a472b..0c9a6843d 100644
+--- a/MagickCore/statistic-private.h
++++ b/MagickCore/statistic-private.h
+@@ -29,6 +29,13 @@ static inline double MagickLog10(const double x)
+   return(log10(fabs(x)));
+ }
+ 
++static inline double MagickSafeReciprocal(const double x)
++{
++  if ((x > -MagickEpsilon) && (x < MagickEpsilon))
++    return(1.0/MagickEpsilon);
++  return(1.0/x);
++}
++
+ #if defined(__cplusplus) || defined(c_plusplus)
+ }
+ #endif
diff --git a/meta-oe/recipes-support/imagemagick/imagemagick_7.1.1-43.bb b/meta-oe/recipes-support/imagemagick/imagemagick_7.1.1-43.bb
index 8c83d018cc..eed07642d9 100644
--- a/meta-oe/recipes-support/imagemagick/imagemagick_7.1.1-43.bb
+++ b/meta-oe/recipes-support/imagemagick/imagemagick_7.1.1-43.bb
@@ -22,6 +22,7 @@  SRC_URI = "git://github.com/ImageMagick/ImageMagick.git;branch=main;protocol=htt
            file://0001-CVE-2025-55005.patch \
            file://0001-CVE-2025-55154.patch \
            file://0001-CVE-2025-55160.patch \
+           file://0001-CVE-2025-55212.patch \
            "
 SRCREV = "a2d96f40e707ba54b57e7d98c3277d3ea6611ace"