Bug 22988

Accumulating reproducers for some of the CVEs.  Quite a long list.

Created attachment 10118 [details]
List of reproducers to be run before and after the updates

Continuing with this later.

Created attachment 10119 [details]
Results of running the reproducers before updating GM

Created attachment 10120 [details]
Results from running the PoC tests after updating GM

Comparisons between the PoC tests before and after show that little had changed which might indicate that most of the issues with reproducers had already been fixed.  There is a net positive outcome anyway.

Functionality tests tomorrow aka later.

Found a few more tests by following the seven links in the advisory again - after the update.  The results seem to show that the underlying issues are being dealt with cleanly.  There is general agreement with upstream tests.
Tabulating these later.

Created attachment 10122 [details]
Collection of reproducer files for GraphicsMagick

Created attachment 10123 [details]
Quick conversion utility for images to be animated

$ ruby frames.rb <imagelist> <extension>

Created attachment 10124 [details]
Animation script for a set of images.

Edit as required.  See bug #17714.

In previous testing sessions there has often been trouble with gm conversions from * to TIFF.  That still seems to be the case but IM can handle the conversion OK.

$ gm convert GlenShiel_7.jpg glenshiel.tiff
gm convert: glenshiel.tiff: Invalid tag "Predictor" (not supported by codec). (_TIFFVGetField).
$ convert GlenShiel_7.jpg glenshiel.tiff

Converting back again does not eradicate the message.
$ gm convert glenshiel.tiff glenshiel.jpg
$ gm convert glenshiel.jpg glen.tif
gm convert: glen.tif: Invalid tag "Predictor" (not supported by codec). (_TIFFVGetField).
$ gm display glenshiel.jpg
$ gm display glen.tif
$ gm convert GlenShiel_6.jpg loch.png
$ gm display loch.png
All the displays work fine.

Vector graphics:
$ ls *svg
sample2.svg  sample.svg  test.svg
$ gm display *.svg
That showed sample2.svg.  Left clicking for a menu and then clicking 'Next' advanced to sample.svg; another click for test.svg.

Create an animated GIF from an image list.
(Used the attached ruby script to generate a list of frame images.)
Ran wilcal's animation script from bug #17714 comment 23.
$ perl gmtest.pl
Generated four-frame image frames.gif.
$ gm display -delay 200 frames.gif
Display the sequence with 2 second pauses.  Units of 'delay' are hundredths of a second.
Alternatively:
$ gm display -delay 2.0 frames.gif
for 2 second delays.

$ gm convert -resize 120%x80% Ikapati.tif ikapati.png
Creates a squashed image of a crater on Ceres.

GM does not reproduce all of the IM functions but this works: 
$ gm convert -size 300x400  gradient:olivedrab-steelblue gradient_5.jpg
$ gm display gradient_5.jpg
It does not seem to support a builtin canvas.

Switch an image from left to right.
$ gm mogrify -flop frame5.png
Turn the image upside down.
$ gm mogrify -rotate 180 frame5.png
Return the image to its original state.
$ gm mogrify -flip frame5.png

Looks like it is all working.  Giving this an OK but shall add the latest PoC tests later.  Need to revert for those - for information only - the bug can be validated.

Whiteboard: (none) => MGA6-64-OK

Created attachment 10125 [details]
Convert a set of images to  frame<n>.ext

Attachment 10123 is obsolete: 0 => 1

Created attachment 10126 [details]
Convert a set of images to files names frame<n>.gif|ext

Attachment 10125 is obsolete: 0 => 1

An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2018-0228.html

Resolution: (none) => FIXED
Status: NEW => RESOLVED