ImageMagick: Fix CVE-2025-55160

Backport the fix for CVE-2025-55160 Upstream-Status: Backport [https://github.com/ImageMagick/ImageMagick/commit/63d8769dd6a8f32f4096c71be9e08a2c081e47da] Add below patch to fix 0003-ImageMagick-Fix-CVE-2025-55160.patch Signed-off-by: Divyanshu Rathore <Divyanshu.Rathore@bmwtechworks.in> Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
author: Divyanshu Rathore <Divyanshu.Rathore@bmwtechworks.in> 2025-12-12 20:29:39 +0530
committer: Gyorgy Sarvari <skandigraun@gmail.com> 2025-12-12 22:06:48 +0100
commit: 7b1c9fa6fbefda3514fece16d4bddda4f0fa498b (patch)
tree: 63b4fe7a878d18ca83367209aa17aa96d634221f
parent: bbcd2ab724eef6e844ea439a0032df16ac087ae9 (diff)
download: meta-openembedded-7b1c9fa6fbefda3514fece16d4bddda4f0fa498b.tar.gz
2 files changed, 166 insertions, 0 deletions
diff --git a/meta-oe/recipes-support/imagemagick/files/0003-ImageMagick-Fix-CVE-2025-55160.patch b/meta-oe/recipes-support/imagemagick/files/0003-ImageMagick-Fix-CVE-2025-55160.patch
new file mode 100644
index 0000000000..567eea53af
--- /dev/null
+++ b/meta-oe/recipes-support/imagemagick/files/0003-ImageMagick-Fix-CVE-2025-55160.patch
@@ -0,0 +1,165 @@
+From 6089533c7044416b9ca491d550cfd1c971d39c76 Mon Sep 17 00:00:00 2001
+From: Divyanshu Rathore <divyanshu.rathore@bmwtechworks.in>
+Date: Fri, 3 Oct 2025 20:36:28 +0530
+Subject: [PATCH 03/18] ImageMagick: Fix CVE-2025-55160
+CVE: CVE-2025-55160
+Upstream-Status: Backport [https://github.com/ImageMagick/ImageMagick/commit/63d8769dd6a8f32f4096c71be9e08a2c081e47da]
+Reference: https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-6hgw-6x87-578x
+Comment: Refreshed hunk to match latest kirkstone
+Signed-off-by: Divyanshu Rathore <divyanshu.rathore@bmwtechworks.in>
+---
+ MagickCore/artifact.c | 17 ++++++++++++++++-
+ MagickCore/option.c   | 17 ++++++++++++++++-
+ MagickCore/profile.c  | 19 ++++++++++++++++++-
+ MagickCore/property.c | 18 ++++++++++++++++--
+ 4 files changed, 66 insertions(+), 5 deletions(-)
+diff --git a/MagickCore/artifact.c b/MagickCore/artifact.c
+index 0c376ed98..a27ebb8ec 100644
+--- a/MagickCore/artifact.c
+++ b/MagickCore/artifact.c
+@@ -99,6 +99,21 @@
+ %    o clone_image: the source image for artifacts to clone.
+ %
+ */
+
+typedef char
+  *(*CloneKeyFunc)(const char *),
+  *(*CloneValueFunc)(const char *);
+
+static inline void *CloneArtifactKey(void *key)
+{
+  return((void *) ((CloneKeyFunc) ConstantString)((const char *) key));
+}
+
+static inline void *CloneArtifactValue(void *value)
+{
+  return((void *) ((CloneValueFunc) ConstantString)((const char *) value));
+}
+
+ MagickExport MagickBooleanType CloneImageArtifacts(Image *image,
+   const Image *clone_image)
+ {
+@@ -116,7 +131,7 @@ MagickExport MagickBooleanType CloneImageArtifacts(Image *image,
+       if (image->artifacts != (void *) NULL)
+         DestroyImageArtifacts(image);
+       image->artifacts=CloneSplayTree((SplayTreeInfo *) clone_image->artifacts,
+-        (void *(*)(void *)) ConstantString,(void *(*)(void *)) ConstantString);
+        CloneArtifactKey,CloneArtifactValue);
+     }
+   return(MagickTrue);
+ }
+diff --git a/MagickCore/option.c b/MagickCore/option.c
+index 99b43ac93..7047cf207 100644
+--- a/MagickCore/option.c
+++ b/MagickCore/option.c
+@@ -2187,6 +2187,21 @@ static const OptionInfo
+ %    o clone_info: the source image info for options to clone.
+ %
+ */
+
+typedef char
+  *(*CloneKeyFunc)(const char *),
+  *(*CloneValueFunc)(const char *);
+
+static inline void *CloneOptionKey(void *key)
+{
+  return((void *) ((CloneKeyFunc) ConstantString)((const char *) key));
+}
+
+static inline void *CloneOptionValue(void *value)
+{
+  return((void *) ((CloneValueFunc) ConstantString)((const char *) value));
+}
+
+ MagickExport MagickBooleanType CloneImageOptions(ImageInfo *image_info,
+   const ImageInfo *clone_info)
+ {
+@@ -2202,7 +2217,7 @@ MagickExport MagickBooleanType CloneImageOptions(ImageInfo *image_info,
+       if (image_info->options != (void *) NULL)
+         DestroyImageOptions(image_info);
+       image_info->options=CloneSplayTree((SplayTreeInfo *) clone_info->options,
+-        (void *(*)(void *)) ConstantString,(void *(*)(void *)) ConstantString);
+        CloneOptionKey,CloneOptionValue);
+     }
+   return(MagickTrue);
+ }
+diff --git a/MagickCore/profile.c b/MagickCore/profile.c
+index d8924f7e2..254a11b77 100644
+--- a/MagickCore/profile.c
+++ b/MagickCore/profile.c
+@@ -149,6 +149,23 @@ typedef struct _CMSExceptionInfo
+ %    o clone_image: the clone image.
+ %
+ */
+
+typedef char
+  *(*CloneKeyFunc)(const char *);
+
+typedef StringInfo
+  *(*CloneValueFunc)(const StringInfo *);
+
+static inline void *CloneProfileKey(void *key)
+{
+  return((void *) ((CloneKeyFunc) ConstantString)((const char *) key));
+}
+
+static inline void *CloneProfileValue(void *value)
+{
+  return((void *) ((CloneValueFunc) CloneStringInfo)((const StringInfo *) value));
+}
+
+ MagickExport MagickBooleanType CloneImageProfiles(Image *image,
+   const Image *clone_image)
+ {
+@@ -163,7 +180,7 @@ MagickExport MagickBooleanType CloneImageProfiles(Image *image,
+       if (image->profiles != (void *) NULL)
+         DestroyImageProfiles(image);
+       image->profiles=CloneSplayTree((SplayTreeInfo *) clone_image->profiles,
+-        (void *(*)(void *)) ConstantString,(void *(*)(void *)) CloneStringInfo);
+        CloneProfileKey,CloneProfileValue);
+     }
+   return(MagickTrue);
+ }
+diff --git a/MagickCore/property.c b/MagickCore/property.c
+index 9626d079e..1b42adaee 100644
+--- a/MagickCore/property.c
+++ b/MagickCore/property.c
+@@ -131,6 +131,21 @@
+ %    o clone_image: the clone image.
+ %
+ */
+
+typedef char
+  *(*CloneKeyFunc)(const char *),
+  *(*CloneValueFunc)(const char *);
+
+static inline void *ClonePropertyKey(void *key)
+{
+  return((void *) ((CloneKeyFunc) ConstantString)((const char *) key));
+}
+
+static inline void *ClonePropertyValue(void *value)
+{
+  return((void *) ((CloneValueFunc) ConstantString)((const char *) value));
+}
+
+ MagickExport MagickBooleanType CloneImageProperties(Image *image,
+   const Image *clone_image)
+ {
+@@ -194,8 +209,7 @@ MagickExport MagickBooleanType CloneImageProperties(Image *image,
+       if (image->properties != (void *) NULL)
+         DestroyImageProperties(image);
+       image->properties=CloneSplayTree((SplayTreeInfo *)
+-        clone_image->properties,(void *(*)(void *)) ConstantString,
+-        (void *(*)(void *)) ConstantString);
+        clone_image->properties,ClonePropertyKey,ClonePropertyValue);
+     }
+   return(MagickTrue);
+ }
+-- 
+2.34.1
diff --git a/meta-oe/recipes-support/imagemagick/imagemagick_7.0.10.bb b/meta-oe/recipes-support/imagemagick/imagemagick_7.0.10.bb
index 4337a405a3..305ecee8c3 100644
--- a/meta-oe/recipes-support/imagemagick/imagemagick_7.0.10.bb
+++ b/meta-oe/recipes-support/imagemagick/imagemagick_7.0.10.bb
@@ -28,6 +28,7 @@ SRC_URI = "git://github.com/ImageMagick/ImageMagick.git;branch=main;protocol=htt
    file://CVE-2022-28463.patch \
    file://0001-ImageMagick-Fix-CVE-2025-53014.patch \
    file://0002-ImageMagick-Fix-CVE-2025-53101.patch \
+    file://0003-ImageMagick-Fix-CVE-2025-55160.patch \
 "
 SRCREV = "35b4991eb0939a327f3489988c366e21068b0178"
author	Divyanshu Rathore <Divyanshu.Rathore@bmwtechworks.in>	2025-12-12 20:29:39 +0530
committer	Gyorgy Sarvari <skandigraun@gmail.com>	2025-12-12 22:06:48 +0100
commit	7b1c9fa6fbefda3514fece16d4bddda4f0fa498b (patch)
tree	63b4fe7a878d18ca83367209aa17aa96d634221f
parent	bbcd2ab724eef6e844ea439a0032df16ac087ae9 (diff)
download	meta-openembedded-7b1c9fa6fbefda3514fece16d4bddda4f0fa498b.tar.gz

diff --git a/meta-oe/recipes-support/imagemagick/files/0003-ImageMagick-Fix-CVE-2025-55160.patch b/meta-oe/recipes-support/imagemagick/files/0003-ImageMagick-Fix-CVE-2025-55160.patch new file mode 100644 index 0000000000..567eea53af --- /dev/null +++ b/meta-oe/recipes-support/imagemagick/files/0003-ImageMagick-Fix-CVE-2025-55160.patch
@@ -0,0 +1,165 @@
		1	From 6089533c7044416b9ca491d550cfd1c971d39c76 Mon Sep 17 00:00:00 2001
		2	From: Divyanshu Rathore <divyanshu.rathore@bmwtechworks.in>
		3	Date: Fri, 3 Oct 2025 20:36:28 +0530
		4	Subject: [PATCH 03/18] ImageMagick: Fix CVE-2025-55160
		5
		6	CVE: CVE-2025-55160
		7	Upstream-Status: Backport [https://github.com/ImageMagick/ImageMagick/commit/63d8769dd6a8f32f4096c71be9e08a2c081e47da]
		8	Reference: https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-6hgw-6x87-578x
		9
		10	Comment: Refreshed hunk to match latest kirkstone
		11
		12	Signed-off-by: Divyanshu Rathore <divyanshu.rathore@bmwtechworks.in>
		13	---
		14	MagickCore/artifact.c \| 17 ++++++++++++++++-
		15	MagickCore/option.c \| 17 ++++++++++++++++-
		16	MagickCore/profile.c \| 19 ++++++++++++++++++-
		17	MagickCore/property.c \| 18 ++++++++++++++++--
		18	4 files changed, 66 insertions(+), 5 deletions(-)
		19
		20	diff --git a/MagickCore/artifact.c b/MagickCore/artifact.c
		21	index 0c376ed98..a27ebb8ec 100644
		22	--- a/MagickCore/artifact.c
		23	+++ b/MagickCore/artifact.c
		24	@@ -99,6 +99,21 @@
		25	% o clone_image: the source image for artifacts to clone.
		26	%
		27	*/
		28	+
		29	+typedef char
		30	+ (CloneKeyFunc)(const char *),
		31	+ (CloneValueFunc)(const char *);
		32	+
		33	+static inline void CloneArtifactKey(void key)
		34	+{
		35	+ return((void ) ((CloneKeyFunc) ConstantString)((const char ) key));
		36	+}
		37	+
		38	+static inline void CloneArtifactValue(void value)
		39	+{
		40	+ return((void ) ((CloneValueFunc) ConstantString)((const char ) value));
		41	+}
		42	+
		43	MagickExport MagickBooleanType CloneImageArtifacts(Image *image,
		44	const Image *clone_image)
		45	{
		46	@@ -116,7 +131,7 @@ MagickExport MagickBooleanType CloneImageArtifacts(Image *image,
		47	if (image->artifacts != (void *) NULL)
		48	DestroyImageArtifacts(image);
		49	image->artifacts=CloneSplayTree((SplayTreeInfo *) clone_image->artifacts,
		50	- (void ()(void )) ConstantString,(void ()(void )) ConstantString);
		51	+ CloneArtifactKey,CloneArtifactValue);
		52	}
		53	return(MagickTrue);
		54	}
		55	diff --git a/MagickCore/option.c b/MagickCore/option.c
		56	index 99b43ac93..7047cf207 100644
		57	--- a/MagickCore/option.c
		58	+++ b/MagickCore/option.c
		59	@@ -2187,6 +2187,21 @@ static const OptionInfo
		60	% o clone_info: the source image info for options to clone.
		61	%
		62	*/
		63	+
		64	+typedef char
		65	+ (CloneKeyFunc)(const char *),
		66	+ (CloneValueFunc)(const char *);
		67	+
		68	+static inline void CloneOptionKey(void key)
		69	+{
		70	+ return((void ) ((CloneKeyFunc) ConstantString)((const char ) key));
		71	+}
		72	+
		73	+static inline void CloneOptionValue(void value)
		74	+{
		75	+ return((void ) ((CloneValueFunc) ConstantString)((const char ) value));
		76	+}
		77	+
		78	MagickExport MagickBooleanType CloneImageOptions(ImageInfo *image_info,
		79	const ImageInfo *clone_info)
		80	{
		81	@@ -2202,7 +2217,7 @@ MagickExport MagickBooleanType CloneImageOptions(ImageInfo *image_info,
		82	if (image_info->options != (void *) NULL)
		83	DestroyImageOptions(image_info);
		84	image_info->options=CloneSplayTree((SplayTreeInfo *) clone_info->options,
		85	- (void ()(void )) ConstantString,(void ()(void )) ConstantString);
		86	+ CloneOptionKey,CloneOptionValue);
		87	}
		88	return(MagickTrue);
		89	}
		90	diff --git a/MagickCore/profile.c b/MagickCore/profile.c
		91	index d8924f7e2..254a11b77 100644
		92	--- a/MagickCore/profile.c
		93	+++ b/MagickCore/profile.c
		94	@@ -149,6 +149,23 @@ typedef struct _CMSExceptionInfo
		95	% o clone_image: the clone image.
		96	%
		97	*/
		98	+
		99	+typedef char
		100	+ (CloneKeyFunc)(const char *);
		101	+
		102	+typedef StringInfo
		103	+ (CloneValueFunc)(const StringInfo *);
		104	+
		105	+static inline void CloneProfileKey(void key)
		106	+{
		107	+ return((void ) ((CloneKeyFunc) ConstantString)((const char ) key));
		108	+}
		109	+
		110	+static inline void CloneProfileValue(void value)
		111	+{
		112	+ return((void ) ((CloneValueFunc) CloneStringInfo)((const StringInfo ) value));
		113	+}
		114	+
		115	MagickExport MagickBooleanType CloneImageProfiles(Image *image,
		116	const Image *clone_image)
		117	{
		118	@@ -163,7 +180,7 @@ MagickExport MagickBooleanType CloneImageProfiles(Image *image,
		119	if (image->profiles != (void *) NULL)
		120	DestroyImageProfiles(image);
		121	image->profiles=CloneSplayTree((SplayTreeInfo *) clone_image->profiles,
		122	- (void ()(void )) ConstantString,(void ()(void )) CloneStringInfo);
		123	+ CloneProfileKey,CloneProfileValue);
		124	}
		125	return(MagickTrue);
		126	}
		127	diff --git a/MagickCore/property.c b/MagickCore/property.c
		128	index 9626d079e..1b42adaee 100644
		129	--- a/MagickCore/property.c
		130	+++ b/MagickCore/property.c
		131	@@ -131,6 +131,21 @@
		132	% o clone_image: the clone image.
		133	%
		134	*/
		135	+
		136	+typedef char
		137	+ (CloneKeyFunc)(const char *),
		138	+ (CloneValueFunc)(const char *);
		139	+
		140	+static inline void ClonePropertyKey(void key)
		141	+{
		142	+ return((void ) ((CloneKeyFunc) ConstantString)((const char ) key));
		143	+}
		144	+
		145	+static inline void ClonePropertyValue(void value)
		146	+{
		147	+ return((void ) ((CloneValueFunc) ConstantString)((const char ) value));
		148	+}
		149	+
		150	MagickExport MagickBooleanType CloneImageProperties(Image *image,
		151	const Image *clone_image)
		152	{
		153	@@ -194,8 +209,7 @@ MagickExport MagickBooleanType CloneImageProperties(Image *image,
		154	if (image->properties != (void *) NULL)
		155	DestroyImageProperties(image);
		156	image->properties=CloneSplayTree((SplayTreeInfo *)
		157	- clone_image->properties,(void ()(void *)) ConstantString,
		158	- (void ()(void *)) ConstantString);
		159	+ clone_image->properties,ClonePropertyKey,ClonePropertyValue);
		160	}
		161	return(MagickTrue);
		162	}
		163	--
		164	2.34.1
		165


diff --git a/meta-oe/recipes-support/imagemagick/imagemagick_7.0.10.bb b/meta-oe/recipes-support/imagemagick/imagemagick_7.0.10.bb index 4337a405a3..305ecee8c3 100644 --- a/meta-oe/recipes-support/imagemagick/imagemagick_7.0.10.bb +++ b/meta-oe/recipes-support/imagemagick/imagemagick_7.0.10.bb
@@ -28,6 +28,7 @@ SRC_URI = "git://github.com/ImageMagick/ImageMagick.git;branch=main;protocol=htt
28	file://CVE-2022-28463.patch \	28	file://CVE-2022-28463.patch \
29	file://0001-ImageMagick-Fix-CVE-2025-53014.patch \	29	file://0001-ImageMagick-Fix-CVE-2025-53014.patch \
30	file://0002-ImageMagick-Fix-CVE-2025-53101.patch \	30	file://0002-ImageMagick-Fix-CVE-2025-53101.patch \
		31	file://0003-ImageMagick-Fix-CVE-2025-55160.patch \
31	"	32	"
32		33
33	SRCREV = "35b4991eb0939a327f3489988c366e21068b0178"	34	SRCREV = "35b4991eb0939a327f3489988c366e21068b0178"