chinwagsocial/lib/paperclip
Pierre Bourdon 7b466291fd blurhash_transcoder: prevent out-of-bound reads with <8bpp images (#20388)
The Blurhash library used by Mastodon requires an input encoded as 24
bits raw RGB data. The conversion to raw RGB using Imagemagick did not
previously specify the desired bit depth. In some situations, this leads
Imagemagick to output in a pixel format using less bpp than expected.
This then manifested as segfaults of the Sidekiq process due to
out-of-bounds read, or potentially a (highly noisy) memory infoleak.

Fixes #19235.
2022-11-14 10:54:30 +01:00
..
attachment_extensions.rb Fix media processing getting stuck on too much stdin/stderr (#16136) 2021-05-05 19:44:01 +02:00
blurhash_transcoder.rb blurhash_transcoder: prevent out-of-bound reads with <8bpp images (#20388) 2022-11-14 10:54:30 +01:00
color_extractor.rb Fixed code quality issues (#15541) 2021-01-31 21:26:09 +01:00
gif_transcoder.rb Fix animated GIF generates animated thumbnail (#16216) 2021-05-11 19:15:11 +02:00
image_extractor.rb Fix media processing getting stuck on too much stdin/stderr (#16136) 2021-05-05 19:44:01 +02:00
lazy_thumbnail.rb Update ESLint and RuboCop in Code Climate (#12534) 2019-12-02 18:25:43 +01:00
media_type_spoof_detector_extensions.rb Fix mimetype returning nil (#14356) 2020-07-19 13:09:47 +02:00
response_with_limit_adapter.rb Fix upload of remote media with OpenStack Swift sometimes failing (#16998) 2021-11-26 01:21:43 +01:00
schema_extensions.rb Fix older migrations on Ruby 3 (#16174) 2021-05-07 15:56:45 +02:00
transcoder.rb Fix media processing getting stuck on too much stdin/stderr (#16136) 2021-05-05 19:44:01 +02:00
type_corrector.rb Add customizable thumbnails for audio and video attachments (#14145) 2020-06-29 13:56:55 +02:00
url_generator_extensions.rb Change REST API to return empty data for suspended accounts (#14765) 2020-09-11 15:16:29 +02:00
validation_extensions.rb Add Ruby 3.0 support (#16046) 2021-05-06 14:22:54 +02:00