The "display" command from imagemagick-6.1.3.2 doesn't display some (but not all) PNGs correctly. The PNGs that aren't displayed correctly appear as if some very extreme contrast filter has been applied to them -- parts are pitch black, and other parts appear to be the maximum brightness allowed without distorting the color. I have tested ImageMagick on several XCFs and PSDs I have on my hard drive as well as a few dozen JPGs and GIFs, and it didn't exhibit this problem with any of them. It's also notable that on PNGs it exhibits this problem on that have transparency, the transparent portions show as black, whereas on the images it does work on, it shows transparent portions as the familiar "gray checkerboard" background as it does normally on files with transparency. I know this problem isn't in libpng because this problem began when I upgraded imagemagick to 6.1.3.2. My last libpng upgrade was in early October, and I am absolutely positive that I have not had this issue with exactly the same PNGs. Additionally, all PNGs display properly in Mozilla when I supply it a proper file:// URL. The convert, mogrify, and other Magick commands work fine with the PNGs that display exhibits this problem on. You can even convert a PNG file exhibiting this problem to BMP or another format, then convert it back, and the resulting PNG displays in Magick properly. In fact, that's exactly what I did, and then diffed the output of identify -verbose on each. Maybe the output could be of use. roothorick@Delacroix ~/stepmania/Themes/default/Graphics $ convert ScreenSelectStyle\ info1.png testing.bmp roothorick@Delacroix ~/stepmania/Themes/default/Graphics $ convert testing.bmp testing.png roothorick@Delacroix ~/stepmania/Themes/default/Graphics $ identify -verbose ScreenSelectStyle\ info1.png > bad.out roothorick@Delacroix ~/stepmania/Themes/default/Graphics $ identify -verbose testing.png > good.out roothorick@Delacroix ~/stepmania/Themes/default/Graphics $ diff -u bad.out good.out --- bad.out 2004-11-06 15:26:52.528650008 -0600 +++ good.out 2004-11-06 15:27:04.506829048 -0600 @@ -1,4 +1,4 @@ -Image: ScreenSelectStyle info1.png +Image: testing.png Format: PNG (Portable Network Graphics) Geometry: 286x164 Class: DirectClass @@ -242,17 +242,11 @@ 3: (255,254,254, 0) #FFFEFE00 646: (255,255,255,255) #FFFFFFFF Rendering-intent: Undefined - Gamma: 0.45454 - Chromaticity: - red primary: (0.63999,0.33001) - green primary: (0.3,0.6) - blue primary: (0.15,0.05999) - white point: (0.31269,0.32899) - Resolution: 28.35x28.35 - Units: PixelsPerCentimeter - Filesize: 9kb + Resolution: 28x28 + Units: Undefined + Filesize: 18kb Interlace: None - Background Color: white + Background Color: #00000000 Border Color: #DFDFDF00 Matte Color: grey74 Dispose: Undefined Additional information is available upon request, as always.
It appears I made a semantic typographical error. >My last libpng upgrade was in early October, and I am absolutely positive that I have not had this issue with exactly the same PNGs. I intended to say "My last libpng upgrade was in early October, and I have not had this problem with ImageMagick after that upgrade but before the recent upgrade to 6.1.3.2." For what it's worth, my last imagemagick upgrade before 6.1.3.2 was to 6.1.0.1, around the middle of October. That version did not exhibit this problem.
Please, attach a vulnerable file.
In searching for a vulnerable file, I discovered that in the version of ImageMagick currently on my system (6.1.3.4), this bug has been solved. With this known, do you still need a vulnerable file?
OK then, closing.