[meta-oe,kirkstone,09/12] ImageMagick: Fix CVE-2023-34151

diff --git a/meta-oe/recipes-support/imagemagick/files/0009-ImageMagick-Fix-CVE-2023-34151.patch b/meta-oe/recipes-support/imagemagick/files/0009-ImageMagick-Fix-CVE-2023-34151.patch
new file mode 100644
index 0000000000..dd4802d75f
--- /dev/null
+++ b/meta-oe/recipes-support/imagemagick/files/0009-ImageMagick-Fix-CVE-2023-34151.patch
@@ -0,0 +1,287 @@ 
+From 338a66fd7b9ec918d4a9d31dcce4a7ca04df51bf Mon Sep 17 00:00:00 2001
+From: Divyanshu Rathore <Divyanshu.Rathore@bmwtechworks.in>
+Date: Fri, 24 Oct 2025 16:17:41 +0530
+Subject: [PATCH 3/8] ImageMagick: Fix CVE-2023-34151
+
+CVE: CVE-2023-34151
+Upstream-Status: Backport [https://github.com/ImageMagick/ImageMagick/commit/3d6d98d8a2be30d74172ab43b5b8e874d2deb158]
+
+Comment: Refreshed hunk to match latest kirkstone
+
+Signed-off-by: Divyanshu Rathore <Divyanshu.Rathore@bmwtechworks.in>
+---
+ MagickCore/annotate.c       |  4 ++--
+ MagickCore/draw.c           |  2 +-
+ MagickCore/geometry.c       |  6 +++---
+ MagickCore/shear.c          |  6 +++---
+ MagickCore/visual-effects.c |  4 ++--
+ coders/caption.c            | 10 +++++-----
+ coders/label.c              | 10 +++++-----
+ coders/pcl.c                |  4 ++--
+ coders/pdf.c                |  4 ++--
+ coders/ps.c                 |  4 ++--
+ coders/ps2.c                |  4 ++--
+ coders/ps3.c                |  4 ++--
+ coders/svg.c                |  4 ++--
+ 13 files changed, 33 insertions(+), 33 deletions(-)
+
+diff --git a/MagickCore/annotate.c b/MagickCore/annotate.c
+index 4be938be5..3e8f3aa1b 100644
+--- a/MagickCore/annotate.c
++++ b/MagickCore/annotate.c
+@@ -336,7 +336,7 @@ MagickExport MagickBooleanType AnnotateImage(Image *image,
+     (void) CloneString(&annotate->text,textlist[i]);
+     if ((metrics.width == 0) || (annotate->gravity != NorthWestGravity))
+       (void) GetTypeMetrics(image,annotate,&metrics,exception);
+-    height=(size_t) floor(metrics.ascent-metrics.descent+0.5);
++    height=CastDoubleToUnsigned(metrics.ascent-metrics.descent+0.5);
+     if (height == 0)
+       height=draw_info->pointsize;
+     height+=(size_t) floor(draw_info->interline_spacing+0.5);
+@@ -626,7 +626,7 @@ MagickExport ssize_t FormatMagickCaption(Image *image,DrawInfo *draw_info,
+     status=GetTypeMetrics(image,draw_info,metrics,exception);
+     if (status == MagickFalse)
+       break;
+-    width=(size_t) floor(metrics->width+draw_info->stroke_width+0.5);
++    width=CastDoubleToUnsigned(metrics->width+draw_info->stroke_width+0.5);
+     if (width <= image->columns)
+       continue;
+     if (s != (char *) NULL)
+diff --git a/MagickCore/draw.c b/MagickCore/draw.c
+index facea115e..54286130a 100644
+--- a/MagickCore/draw.c
++++ b/MagickCore/draw.c
+@@ -3478,7 +3478,7 @@ static MagickBooleanType RenderMVGContent(Image *image,
+                 (void) GetNextToken(q,&q,extent,token);
+                 if (*token == ',')
+                   (void) GetNextToken(q,&q,extent,token);
+-                bounds.height=(size_t) floor(GetDrawValue(token,&next_token)+
++                bounds.height=CastDoubleToUnsigned(GetDrawValue(token,&next_token)+
+                   0.5);
+                 if (token == next_token)
+                   ThrowPointExpectedException(token,exception);
+diff --git a/MagickCore/geometry.c b/MagickCore/geometry.c
+index 5c6e2ad69..6541db8f4 100644
+--- a/MagickCore/geometry.c
++++ b/MagickCore/geometry.c
+@@ -1424,8 +1424,8 @@ MagickExport MagickStatusType ParseMetaGeometry(const char *geometry,ssize_t *x,
+       scale.y=geometry_info.sigma;
+       if ((percent_flags & SigmaValue) == 0)
+         scale.y=scale.x;
+-      *width=(size_t) floor(scale.x*former_width/100.0+0.5);
+-      *height=(size_t) floor(scale.y*former_height/100.0+0.5);
++      *width=CastDoubleToUnsigned(scale.x*former_width/100.0+0.5);
++      *height=CastDoubleToUnsigned(scale.y*former_height/100.0+0.5);
+       former_width=(*width);
+       former_height=(*height);
+     }
+@@ -1445,7 +1445,7 @@ MagickExport MagickStatusType ParseMetaGeometry(const char *geometry,ssize_t *x,
+       if (geometry_ratio >= image_ratio)
+         {
+           *width=former_width;
+-          *height=(size_t) floor((double) (PerceptibleReciprocal(
++          *height=CastDoubleToUnsigned((double) (PerceptibleReciprocal(
+             geometry_ratio)*former_height*image_ratio)+0.5);
+         }
+       else
+diff --git a/MagickCore/shear.c b/MagickCore/shear.c
+index 05703ca34..a4c75431f 100644
+--- a/MagickCore/shear.c
++++ b/MagickCore/shear.c
+@@ -1766,9 +1766,9 @@ MagickExport Image *ShearRotateImage(const Image *image,const double degrees,
+   */
+   width=integral_image->columns;
+   height=integral_image->rows;
+-  bounds.width=(size_t) floor(fabs((double) height*shear.x)+width+0.5);
+-  bounds.height=(size_t) floor(fabs((double) bounds.width*shear.y)+height+0.5);
+-  shear_width=(size_t) floor(fabs((double) bounds.height*shear.x)+
++  bounds.width=CastDoubleToUnsigned(fabs((double) height*shear.x)+width+0.5);
++  bounds.height=CastDoubleToUnsigned(fabs((double) bounds.width*shear.y)+height+0.5);
++  shear_width=CastDoubleToUnsigned(fabs((double) bounds.height*shear.x)+
+     bounds.width+0.5);
+   bounds.x=CastDoubleToLong(floor((double) ((shear_width > bounds.width) ?
+     width : bounds.width-shear_width+2)/2.0+0.5));
+diff --git a/MagickCore/visual-effects.c b/MagickCore/visual-effects.c
+index 789660231..3f5a5ee5e 100644
+--- a/MagickCore/visual-effects.c
++++ b/MagickCore/visual-effects.c
+@@ -2062,8 +2062,8 @@ MagickExport Image *ShadowImage(const Image *image,const double alpha,
+     (void) SetImageColorspace(clone_image,sRGBColorspace,exception);
+   (void) SetImageVirtualPixelMethod(clone_image,EdgeVirtualPixelMethod,
+     exception);
+-  border_info.width=(size_t) floor(2.0*sigma+0.5);
+-  border_info.height=(size_t) floor(2.0*sigma+0.5);
++  border_info.width=CastDoubleToUnsigned(2.0*sigma+0.5);
++  border_info.height=CastDoubleToUnsigned(2.0*sigma+0.5);
+   border_info.x=0;
+   border_info.y=0;
+   (void) QueryColorCompliance("none",AllCompliance,&clone_image->border_color,
+diff --git a/coders/caption.c b/coders/caption.c
+index 67a3fb48c..cff07fd10 100644
+--- a/coders/caption.c
++++ b/coders/caption.c
+@@ -155,7 +155,7 @@ static Image *ReadCAPTIONImage(const ImageInfo *image_info,
+     return(DestroyImageList(image));
+   (void) SetImageProperty(image,"caption",caption,exception);
+   draw_info=CloneDrawInfo(image_info,(DrawInfo *) NULL);
+-  width=(size_t) floor(draw_info->pointsize*strlen(caption)+0.5);
++  width=CastDoubleToUnsigned(draw_info->pointsize*strlen(caption)+0.5);
+   if (AcquireMagickResource(WidthResource,width) == MagickFalse)
+     {
+       caption=DestroyString(caption);
+@@ -249,8 +249,8 @@ static Image *ReadCAPTIONImage(const ImageInfo *image_info,
+             status=GetMultilineTypeMetrics(image,draw_info,&metrics,exception);
+             if (status == MagickFalse)
+               break;
+-            width=(size_t) floor(metrics.width+draw_info->stroke_width+0.5);
+-            height=(size_t) floor(metrics.height+draw_info->interline_spacing+
++            width=CastDoubleToUnsigned(metrics.width+draw_info->stroke_width+0.5);
++            height=CastDoubleToUnsigned(metrics.height+draw_info->interline_spacing+
+               draw_info->stroke_width+0.5);
+             if ((image->columns != 0) && (image->rows != 0))
+               {
+@@ -279,8 +279,8 @@ static Image *ReadCAPTIONImage(const ImageInfo *image_info,
+         status=GetMultilineTypeMetrics(image,draw_info,&metrics,exception);
+         if (status == MagickFalse)
+           break;
+-        width=(size_t) floor(metrics.width+draw_info->stroke_width+0.5);
+-        height=(size_t) floor(metrics.height+draw_info->interline_spacing+
++        width=CastDoubleToUnsigned(metrics.width+draw_info->stroke_width+0.5);
++        height=CastDoubleToUnsigned(metrics.height+draw_info->interline_spacing+
+           draw_info->stroke_width+0.5);
+         if ((image->columns != 0) && (image->rows != 0))
+           {
+diff --git a/coders/label.c b/coders/label.c
+index b6c25036f..cd76961f7 100644
+--- a/coders/label.c
++++ b/coders/label.c
+@@ -135,7 +135,7 @@ static Image *ReadLABELImage(const ImageInfo *image_info,
+     return(DestroyImageList(image));
+   (void) SetImageProperty(image,"label",label,exception);
+   draw_info=CloneDrawInfo(image_info,(DrawInfo *) NULL);
+-  width=(size_t) floor(draw_info->pointsize*strlen(label)+0.5);
++  width=CastDoubleToUnsigned(draw_info->pointsize*strlen(label)+0.5);
+   if (AcquireMagickResource(WidthResource,width) == MagickFalse)
+     {
+       label=DestroyString(label);
+@@ -174,8 +174,8 @@ static Image *ReadLABELImage(const ImageInfo *image_info,
+           status=GetMultilineTypeMetrics(image,draw_info,&metrics,exception);
+           if (status == MagickFalse)
+             break;
+-          width=(size_t) floor(metrics.width+draw_info->stroke_width+0.5);
+-          height=(size_t) floor(metrics.height+draw_info->stroke_width+0.5);
++          width=CastDoubleToUnsigned(metrics.width+draw_info->stroke_width+0.5);
++          height=CastDoubleToUnsigned(metrics.height+draw_info->stroke_width+0.5);
+           if ((image->columns != 0) && (image->rows != 0))
+             {
+               if ((width >= image->columns) && (height >= image->rows))
+@@ -204,8 +204,8 @@ static Image *ReadLABELImage(const ImageInfo *image_info,
+           status=GetMultilineTypeMetrics(image,draw_info,&metrics,exception);
+           if (status == MagickFalse)
+             break;
+-          width=(size_t) floor(metrics.width+draw_info->stroke_width+0.5);
+-          height=(size_t) floor(metrics.height+draw_info->stroke_width+0.5);
++          width=CastDoubleToUnsigned(metrics.width+draw_info->stroke_width+0.5);
++          height=CastDoubleToUnsigned(metrics.height+draw_info->stroke_width+0.5);
+           if ((image->columns != 0) && (image->rows != 0))
+             {
+               if ((width < image->columns) && (height < image->rows))
+diff --git a/coders/pcl.c b/coders/pcl.c
+index 8197a0c39..375c8e781 100644
+--- a/coders/pcl.c
++++ b/coders/pcl.c
+@@ -333,8 +333,8 @@ static Image *ReadPCLImage(const ImageInfo *image_info,ExceptionInfo *exception)
+     image->resolution.x,image->resolution.y);
+   if (image_info->ping != MagickFalse)
+     (void) FormatLocaleString(density,MagickPathExtent,"2.0x2.0");
+-  page.width=(size_t) floor(page.width*image->resolution.x/delta.x+0.5);
+-  page.height=(size_t) floor(page.height*image->resolution.y/delta.y+0.5);
++  page.width=CastDoubleToUnsigned(page.width*image->resolution.x/delta.x+0.5);
++  page.height=CastDoubleToUnsigned(page.height*image->resolution.y/delta.y+0.5);
+   (void) FormatLocaleString(options,MagickPathExtent,"-g%.20gx%.20g ",(double)
+     page.width,(double) page.height);
+   image=DestroyImage(image);
+diff --git a/coders/pdf.c b/coders/pdf.c
+index 7792d417a..3e8b3c182 100644
+--- a/coders/pdf.c
++++ b/coders/pdf.c
+@@ -1605,9 +1605,9 @@ static MagickBooleanType WritePDFImage(const ImageInfo *image_info,Image *image,
+     (void) ParseMetaGeometry(page_geometry,&geometry.x,&geometry.y,
+       &geometry.width,&geometry.height);
+     scale.x=(double) (geometry.width*delta.x)/resolution.x;
+-    geometry.width=(size_t) floor(scale.x+0.5);
++    geometry.width=CastDoubleToUnsigned(scale.x+0.5);
+     scale.y=(double) (geometry.height*delta.y)/resolution.y;
+-    geometry.height=(size_t) floor(scale.y+0.5);
++    geometry.height=CastDoubleToUnsigned(scale.y+0.5);
+     (void) ParseAbsoluteGeometry(page_geometry,&media_info);
+     (void) ParseGravityGeometry(image,page_geometry,&page_info,exception);
+     if (image->gravity != UndefinedGravity)
+diff --git a/coders/ps.c b/coders/ps.c
+index 3c18e5a92..9b3f3da88 100644
+--- a/coders/ps.c
++++ b/coders/ps.c
+@@ -1483,9 +1483,9 @@ static MagickBooleanType WritePSImage(const ImageInfo *image_info,Image *image,
+     (void) ParseMetaGeometry(page_geometry,&geometry.x,&geometry.y,
+       &geometry.width,&geometry.height);
+     scale.x=PerceptibleReciprocal(resolution.x)*geometry.width*delta.x;
+-    geometry.width=(size_t) floor(scale.x+0.5);
++    geometry.width=CastDoubleToUnsigned(scale.x+0.5);
+     scale.y=PerceptibleReciprocal(resolution.y)*geometry.height*delta.y;
+-    geometry.height=(size_t) floor(scale.y+0.5);
++    geometry.height=CastDoubleToUnsigned(scale.y+0.5);
+     (void) ParseAbsoluteGeometry(page_geometry,&media_info);
+     (void) ParseGravityGeometry(image,page_geometry,&page_info,exception);
+     if (image->gravity != UndefinedGravity)
+diff --git a/coders/ps2.c b/coders/ps2.c
+index 31e7f75c7..2e713c64a 100644
+--- a/coders/ps2.c
++++ b/coders/ps2.c
+@@ -533,9 +533,9 @@ static MagickBooleanType WritePS2Image(const ImageInfo *image_info,Image *image,
+     (void) ParseMetaGeometry(page_geometry,&geometry.x,&geometry.y,
+       &geometry.width,&geometry.height);
+     scale.x=PerceptibleReciprocal(resolution.x)*geometry.width*delta.x;
+-    geometry.width=(size_t) floor(scale.x+0.5);
++    geometry.width=CastDoubleToUnsigned(scale.x+0.5);
+     scale.y=PerceptibleReciprocal(resolution.y)*geometry.height*delta.y;
+-    geometry.height=(size_t) floor(scale.y+0.5);
++    geometry.height=CastDoubleToUnsigned(scale.y+0.5);
+     (void) ParseAbsoluteGeometry(page_geometry,&media_info);
+     (void) ParseGravityGeometry(image,page_geometry,&page_info,exception);
+     if (image->gravity != UndefinedGravity)
+diff --git a/coders/ps3.c b/coders/ps3.c
+index 62f47c439..beb007587 100644
+--- a/coders/ps3.c
++++ b/coders/ps3.c
+@@ -980,9 +980,9 @@ static MagickBooleanType WritePS3Image(const ImageInfo *image_info,Image *image,
+     (void) ParseMetaGeometry(page_geometry,&geometry.x,&geometry.y,
+       &geometry.width,&geometry.height);
+     scale.x=PerceptibleReciprocal(resolution.x)*geometry.width*delta.x;
+-    geometry.width=(size_t) floor(scale.x+0.5);
++    geometry.width=CastDoubleToUnsigned(scale.x+0.5);
+     scale.y=PerceptibleReciprocal(resolution.y)*geometry.height*delta.y;
+-    geometry.height=(size_t) floor(scale.y+0.5);
++    geometry.height=CastDoubleToUnsigned(scale.y+0.5);
+     (void) ParseAbsoluteGeometry(page_geometry,&media_info);
+     (void) ParseGravityGeometry(image,page_geometry,&page_info,exception);
+     if (image->gravity != UndefinedGravity)
+diff --git a/coders/svg.c b/coders/svg.c
+index 8f80d83e3..5caf8afe7 100644
+--- a/coders/svg.c
++++ b/coders/svg.c
+@@ -2520,10 +2520,10 @@ static void SVGStartElement(void *context,const xmlChar *name,
+             svg_info->view_box=svg_info->bounds;
+           svg_info->width=0;
+           if (svg_info->bounds.width > 0.0)
+-            svg_info->width=(size_t) floor(svg_info->bounds.width+0.5);
++            svg_info->width=CastDoubleToUnsigned(svg_info->bounds.width+0.5);
+           svg_info->height=0;
+           if (svg_info->bounds.height > 0.0)
+-            svg_info->height=(size_t) floor(svg_info->bounds.height+0.5);
++            svg_info->height=CastDoubleToUnsigned(svg_info->bounds.height+0.5);
+           (void) FormatLocaleFile(svg_info->file,"viewbox 0 0 %.20g %.20g\n",
+             (double) svg_info->width,(double) svg_info->height);
+           sx=PerceptibleReciprocal(svg_info->view_box.width)*svg_info->width;
+-- 
+2.34.1
+
diff --git a/meta-oe/recipes-support/imagemagick/imagemagick_7.0.10.bb b/meta-oe/recipes-support/imagemagick/imagemagick_7.0.10.bb
index 905af46f11..bb0c148fd7 100644
--- a/meta-oe/recipes-support/imagemagick/imagemagick_7.0.10.bb
+++ b/meta-oe/recipes-support/imagemagick/imagemagick_7.0.10.bb
@@ -31,6 +31,7 @@  SRC_URI = "git://github.com/ImageMagick/ImageMagick.git;branch=main;protocol=htt
     file://0006-ImageMagick-Fix-CVE-2025-55004.patch \
     file://0007-ImageMagick-Fix-CVE-2025-57803.patch \
     file://0008-ImageMagick-Fix-CVE-2025-57807.patch \
+    file://0009-ImageMagick-Fix-CVE-2023-34151.patch \
 "
 
 SRCREV = "35b4991eb0939a327f3489988c366e21068b0178"