kuburitswa kutsva kwepakeji yekugadziriswa kwemifananidzo uye kushandura
, iyo inobvisa makumi mashanu nembiri anogona kusasimba akaonekwa panguva yekuyedzwa kwekufungidzira neprojekiti .
Pakazara, kubva munaFebruary 2018, OSS-Fuzz yakaratidza matambudziko makumi matatu nemakumi mana nematatu, ayo 343 akatogadziriswa muGraphicsMagick (kune gumi nemaviri asara, iyo 331-mazuva ekugadzirisa nguva haisati yapera). Takaparadzana
iyo OSS-Fuzz inoshandiswawo kutarisa chirongwa chakabatana , umo matambudziko anopfuura 100 iye zvino anoramba asina kugadziriswa, ruzivo pamusoro peiyo yatove iripo pachena mushure mekunge nguva yekururamisa yapera.
Kuwedzera kune zvingangoitika zvakaonekwa neOSS-Fuzz purojekiti, GraphicsMagick 1.3.32 inogadzirisawo gumi nemana buffer kupfachuka kusagadzikana paunenge uchigadzira mifananidzo yakasarudzika muSVG, BMP, DIB, MIFF, MAT, MNG, TGA,
TIFF, WMF uye XWD. Kuvandudza kusiri kwekuchengetedza kunosanganisira kutsigirwa kwakawedzerwa kweWebP uye kugona kurekodha mifananidzo muBraille fomati kuti ionekwe nemapofu.
Zvakare zvinocherechedzwa kubviswa kubva kuGraphicsMagick 1.3.32 yechinhu chinogona kushandiswa kukonzera kudonha kwedata. Nyaya ine chekuita nekubata kwe "@filename" notation yeSVG neWMF mafomati, iyo inobvumira mavara aripo mufaira rakatsanangurwa kuti aonekwe pamusoro pemufananidzo kana kuisirwa mune metadata. Zvichida, kana mawebhusaiti asina kusimbiswa kwakakodzera kweiyo paramita yekupinda, vanorwisa vanogona kushandisa chimiro ichi kuti vawane zviri mukati memafaira kubva kuseva, semuenzaniso, makiyi ekuwana uye mapassword akachengetwa. Dambudziko rinowanikwawo muImageMagick.
Source: opennet.ru