2019-02-26  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* magick/image.h ("C"): Include as "magick/image-private.h" as the
	other headers are.
	("C"): Include "magick/image-private.h" inside the protective
	MAGICK_IMPLEMENTATION guard, as it should have been.  This error
	broke the oss-fuzz build.

2019-02-24  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* magick/image-private.h (_ImageExtra): Put ImageExtra definition
	in a private header file so that its definition may be accessed
	directly by library internals.  Add some accessor macros to
	provide access and update code to use them.

	* coders/wpg.c (ReallocColormap): Make sure that there is not a
	heap overwrite if the number of colors has been reduced.  Thanks
	to Jaroslav Fojtik for giving me a heads up about this.

2019-02-23  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* magick/monitor.c (MagickMonitorActive): Add new private function
	to test if a progress monitor is active.  Update all progress
	monitor code in loops to use this information, while also updating
	code to hopefully address concerns expressed by Hongxu Chen about
	data races on the graphicsmagick-bugs mailing list starting on
	February 6, 2019.

2019-02-21  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/mpc.c (ReadMPCImage): Tally directory length to avoid
	death by strlen().

	* coders/miff.c (ReadMIFFImage): Tally directory length to avoid
	death by strlen().  Fixes oss-fuzz 13190
	"graphicsmagick/coder_MIFF_fuzzer: Timeout in
	graphicsmagick_coder_MIFF_fuzzer". (Credit to OSS-Fuzz)

2019-02-17  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/svg.c (ReadSVGImage): Don't call xmlCleanupParser()
	in module code since this may cause other libxml users to fail.

	* coders/msl.c (ProcessMSLScript): Don't call xmlCleanupParser()
	in module code since this may cause other libxml users to fail.

	* magick/render.c (DrawDashPolygon): (DrawDashPolygon): Don't read
	beyond end of dash pattern array.  This is a second instance of
	issue identified by SourceForge issue #591.  Fixes oss-fuzz 13160
	"graphicsmagick/coder_MVG_fuzzer: Heap-buffer-overflow in
	DrawDashPolygon".  The earlier attempt to fix this problem today
	broke dash patterns entirely.  (Credit to OSS-Fuzz)

	* magick/annotate.c (RenderFreetype): Eliminate memory leak of
	GlyphInfo.image (type FT_Glyph) while rendering some FreeType
	fonts such as the one we use now in the Magick++ test suite.

2019-02-16  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* magick/render.c (DrawDashPolygon): Avoid reading one beyond
	length of dash pattern array, which is terminated by value 0.0.
	Fixes SourceForge issue #591 "Heap buffer overflow in
	DrawDashPolygon when parsing SVG images".
	(DrawPrimitive): Add arithmetic overflow checks when converting
	computed coordinates from 'double' to 'long'.
	(DrawImage): Don't destroy draw_info in graphic_context when
	draw_info has not been allocated yet.  Problem reported via email
	by Sami Supperi on Thu, 14 Feb 2019.

	* coders/jpeg.c (ReadJPEGImage): JPEG files are observed to
	provide compression ratios as high as 2500 so allow for that.
	Also, the test for "Unreasonable dimensions" delivered yesterday
	was flawed since magick_rows and magick_columns are only set if a
	desired image size was provided.  Fixes SourceForge issue 592
	"Non-malicious JPEG file fails with "Unreasonable dimensions"".

	* coders/tiff.c (ReadTIFFImage): Only disassociate alpha channel
	for images where photometic is PHOTOMETRIC_RGB. Fixes oss-fuzz
	13115 "graphicsmagick/coder_PTIF_fuzzer:
	Use-of-uninitialized-value in DisassociateAlphaRegion". (Credit to
	OSS-Fuzz)

2019-02-15  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/jpeg.c (ReadJPEGImage): Base test for "Unreasonable
	dimensions" on original JPEG dimensions and not the scaled
	dimensions.  Fixes SourceForge issue 593 "gm convert: Insufficient
	image data in file when hinting input image".

2019-02-13  Troy Patteson  <troyp@ieee.org>

	* PerlMagick/Magick.xs (Mogrify): Add decorate argument to Annotate.

	* PerlMagick/Magick.xs (Mogrify): Remove reference to undefined
	Annotate argument.

2019-02-12  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/tiff.c (ReadTIFFImage): For planar TIFF, make sure that
	pixels are initialized in case some planes are missing.  Fixes
	oss-fuzz 13046 "graphicsmagick/coder_PTIF_fuzzer:
	Use-of-uninitialized-value in DisassociateAlphaRegion". (Credit to
	OSS-Fuzz)

2019-02-11  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/pdf.c (WritePDFImage): Make sure to free 'xref' before
	returning.  Similar to ImageMagick CVE-2019-7397 "In ImageMagick
	before 7.0.8-25, several memory leaks exist in WritePDFImage in
	coders/pdf.c.".  Thanks to Petr Gajdos for bringing this issue to
	our attention.

2019-02-10  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/wpg.c (ReadWPGImage): Use a different way to reallocate
	the colormap which preserves existing content, but also updates
	image->colors and assures that added palette entries are
	initialized.

	* coders/png.c (ReadMNGImage): Bound maximum loop iterations by
	subrange as a primitive means of limiting resource consumption.
	This should finally resolve oss-fuzz 12738
	"graphicsmagick/enhance_fuzzer: Out-of-memory in
	graphicsmagick_enhance_fuzzer". (Credit to OSS-Fuzz)

	* coders/tiff.c (ReadTIFFImage): Assure that opacity channel is
	initialized in the RGBAStrippedMethod case.  Convert
	'CorruptImageError' encountered while testing for more frames to
	'CorruptImageWarning' so we return the frames already read.
	Second try at fixing oss-fuzz 11896
	"graphicsmagick/coder_PTIF_fuzzer: Use-of-uninitialized-value in
	VerticalFilter".

	* coders/dpx.c (AttributeToString): Eliminate clang
	"-Wstring-plus-int" warning observed in oss-fuzz build.

	* coders/cineon.c (AttributeToString): Eliminate clang
	"-Wstring-plus-int" warning observed in oss-fuzz build.

2019-02-09  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/pict.c (DecodeImage): Avoide a one-byte over-read of
	pixels heap allocation.  The cause of the over-read is not yet
	understood.  Fixes oss-fuzz 12019
	"graphicsmagick/coder_PICT_fuzzer: Heap-buffer-overflow in
	ExpandBuffer". (Credit to OSS-Fuzz)

	* coders/wpg.c (ReadWPGImage): Assure that all colormap entries
	are initialized.  Fixes oss-fuzz 12614
	"graphicsmagick/enhance_fuzzer: Use-of-uninitialized-value in
	EnhanceImage". (Credit to OSS-Fuzz)

	* coders/tiff.c (ReadTIFFImage): Make sure that image is in
	DirectClass mode and ignore any claimed colormap when the image is
	read using the RGBAStrippedMethod, RGBATiledMethod, or
	RGBAPuntMethod cases.  Fixes oss-fuzz 12195
	"graphicsmagick/coder_PTIF_fuzzer: Use-of-uninitialized-value in
	ExportGrayQuantumType". (Credit to OSS-Fuzz)

	* coders/miff.c (ReadMIFFImage): Improve pixel buffer calculations
	to defend against overflow.  Assure that zlib and bzlib decode the
	expected number of bytes for a pixel row.  Fixes oss-fuzz issue
	12448 "graphicsmagick/coder_MIFF_fuzzer:
	Use-of-uninitialized-value in RGBTransformPackets". (Credit to
	OSS-Fuzz)

2019-02-08  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/png.c (ReadMNGImage): Quit processing and report error
	upon failure to insert MNG background layer.  Fixes oss-fuzz 12738
	"graphicsmagick/enhance_fuzzer: Out-of-memory in
	graphicsmagick_enhance_fuzzer". (Credit to OSS-Fuzz)

2019-02-03  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/dib.c (ReadDIBImage, WriteDIBImage): Improve buffer-size
	calculations to guard against buffer overflows.  The reader
	version was not as complete as it should have been, whereas the
	writer version did not guard against arithmetic overflow at all.

	* coders/bmp.c (ReadBMPImage, WriteBMPImage): Improve buffer-size
	calculations to guard against buffer overflows.  This is a
	follow-on fix to the previous fix submitted for SourceForge issue
	#582 "heap-buffer-overflow in ReadBMPImage of bmp.c" which is now
	also identified as CVE-2018-20185.

	* www/Hg.rst: Updates to reflect current usage and availability.

	* www/authors.rst: Promote Troy Patteson to the active contributor
	category.

2019-02-01  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* magick/version.h.in: Rotate ChangeLog and update copyright
	statements for the new year.

2019-01-30  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* coders/webp.c (WriteWEBPImage): Patch by Przemysław Sobala to
	support WebP 'use_sharp_yuv' option ("if needed, use sharp (and
	slow) RGB->YUV conversion") via `-define webp:use-sharp-yuv=true`.

2019-01-05  Bob Friesenhahn  <bfriesen@simple.dallas.tx.us>

	* magick/pixel_cache.c (SetNexus): Merge IsNexusInCore()
	implementation code into SetNexus() and add check for if
	cache_info->pixels is null.  Fixes SourceForge issue #588 "Bug in
	IsNexusInCore()".

	* configure.ac (DcrawExtraOptions): Request TIFF output from dcraw
	if build supports TIFF format in order to obtain more metadata.
	This allows obtaining some metadata from standard TIFF tags
	(e.g. camera make, model, and dcraw version), and any attached ICC
	profile, but not specifically EXIF data since we don't support
	extracting EXIF data from TIFF yet. Inspired by SourceForge issue
	589 "Identify lack of data (no Exif) in RAW formats".
