On Sat, Jul 02, 2022 at 01:30:26AM +0200, Andreas Rönnquist wrote: > Hello - > > I have updated the imagemagick package in LTS, with fixes for some > CVE's, but then it doesn't build properly on the buildd - some tests > fail on the XBM format - > > The frustrating thing is that it builds just fine locally, both on > amd64 and on i386, but on the buildd it has built finally on amd64 (on > the third try, but on i386 it has done 5 without succeeding). [1] > > And I do not believe it is my changes that does it - it has failed > similarly on earlier versions, but there it hasn't required as many > rebuilds to succeed, so I don't believe that my changes are the cause - > the test failures on the version before the one I uploaded are identical. > > I ask here for help now, after asking on the imagemagick mailinglist > [2] without a reply for some time - so I am getting out of options - > > Help would be very much appreciated. > Hi Andreas,
I have looked at your patches for ImageMagick 8:6.9.7.4+dfsg-11+deb9u14 and it appears that the patch for CVE-2021-3596 may have an error in the way it was backported. After the commit in question (27f314e2e6), the upstream code has this structure starting at line 3605: if (n > 0) { ... } if (svg_info->parser == (xmlParserCtxtPtr) NULL) { ... } However, your patch puts the second if statement within the scope of the first, like this: if (n > 0) { ... if (svg_info->parser == (xmlParserCtxtPtr) NULL) { ... } } I suspect that may have something to do with the test failures you are observing. It may be necessary to correct the patch and upload again. Regards, -Roberto -- Roberto C. Sánchez