Support "module" security policy

author: Cristy <urban-warrior@imagemagick.org> 2018-08-24 20:43:50 -0400
committer: Cristy <urban-warrior@imagemagick.org> 2018-08-24 20:44:35 -0400
commit: c809ff7b9a0298cb5288399dd1ae495e2712d4ef (patch)
tree: 8393a7c1f94a7316c53697b8df838ebe9ca9068f
parent: fd9289abe5e4b71273c9856a9df371319adb5a8c (diff)
download: ImageMagick-c809ff7b9a0298cb5288399dd1ae495e2712d4ef.tar.gz
5 files changed, 24 insertions, 9 deletions
diff --git a/MagickCore/module.c b/MagickCore/module.c
index 29cf57672..2baffed84 100644
--- a/MagickCore/module.c
+++ b/MagickCore/module.c
@@ -959,6 +959,14 @@ MagickExport MagickBooleanType InvokeDynamicImageFilter(const char *tag,
   if ((*images)->debug != MagickFalse)
     (void) LogMagickEvent(TraceEvent,GetMagickModule(),"%s",
       (*images)->filename);
+  rights=ReadPolicyRights;
+  if (IsRightsAuthorized(FilterPolicyDomain,rights,tag) == MagickFalse)
+    {
+      errno=EPERM;
+      (void) ThrowMagickException(exception,GetMagickModule(),PolicyError,
+        "NotAuthorized","`%s'",tag);
+      return(MagickFalse);
+    }
 #if !defined(MAGICKCORE_BUILD_MODULES)
   {
     MagickBooleanType
@@ -969,14 +977,6 @@ MagickExport MagickBooleanType InvokeDynamicImageFilter(const char *tag,
       return(status);
   }
 #endif
-  rights=ReadPolicyRights;
-  if (IsRightsAuthorized(FilterPolicyDomain,rights,tag) == MagickFalse)
-    {
-      errno=EPERM;
-      (void) ThrowMagickException(exception,GetMagickModule(),PolicyError,
-        "NotAuthorized","`%s'",tag);
-      return(MagickFalse);
-    }
   TagToFilterModuleName(tag,name);
   status=GetMagickModulePath(name,MagickImageFilterModule,path,exception);
   if (status == MagickFalse)
@@ -1234,6 +1234,9 @@ MagickPrivate MagickBooleanType OpenModule(const char *module,
   ModuleInfo
     *module_info;
 
+  PolicyRights
+    rights;
+
   register const CoderInfo
     *p;
 
@@ -1247,6 +1250,14 @@ MagickPrivate MagickBooleanType OpenModule(const char *module,
   module_info=(ModuleInfo *) GetModuleInfo(module,exception);
   if (module_info != (ModuleInfo *) NULL)
     return(MagickTrue);
+  rights=ReadPolicyRights;
+  if (IsRightsAuthorized(ModulePolicyDomain,rights,tag) == MagickFalse)
+    {
+      errno=EPERM;
+      (void) ThrowMagickException(exception,GetMagickModule(),PolicyError,
+        "NotAuthorized","`%s'",tag);
+      return(MagickFalse);
+    }
   (void) CopyMagickString(module_name,module,MagickPathExtent);
   p=GetCoderInfo(module,exception);
   if (p != (CoderInfo *) NULL)
diff --git a/MagickCore/option.c b/MagickCore/option.c
index c3c5c7fb9..78c90b42c 100644
--- a/MagickCore/option.c
+++ b/MagickCore/option.c
@@ -1834,6 +1834,7 @@ static const OptionInfo
     { "Coder", CoderPolicyDomain, UndefinedOptionFlag, MagickFalse },
     { "Delegate", DelegatePolicyDomain, UndefinedOptionFlag, MagickFalse },
     { "Filter", FilterPolicyDomain, UndefinedOptionFlag, MagickFalse },
+    { "Module", ModulePolicyDomain, UndefinedOptionFlag, MagickFalse },
     { "Path", PathPolicyDomain, UndefinedOptionFlag, MagickFalse },
     { "Resource", ResourcePolicyDomain, UndefinedOptionFlag, MagickFalse },
     { "System", SystemPolicyDomain, UndefinedOptionFlag, MagickFalse },
diff --git a/MagickCore/policy.c b/MagickCore/policy.c
index 1c47c746f..b17ac4649 100644
--- a/MagickCore/policy.c
+++ b/MagickCore/policy.c
@@ -1254,6 +1254,7 @@ MagickExport MagickBooleanType SetMagickSecurityPolicyValue(
     case CoderPolicyDomain:
     case DelegatePolicyDomain:
     case FilterPolicyDomain:
+    case ModulePolicyDomain:
     case PathPolicyDomain:
     default:
       break;
diff --git a/MagickCore/policy.h b/MagickCore/policy.h
index c29af372b..363a0c3cb 100644
--- a/MagickCore/policy.h
+++ b/MagickCore/policy.h
@@ -34,7 +34,8 @@ typedef enum
   PathPolicyDomain,
   ResourcePolicyDomain,
   SystemPolicyDomain,
-  CachePolicyDomain
+  CachePolicyDomain,
+  ModulePolicyDomain
 } PolicyDomain;
 
 typedef enum
diff --git a/config/policy.xml b/config/policy.xml
index 0d854269d..49e600e1a 100644
--- a/config/policy.xml
+++ b/config/policy.xml
@@ -69,6 +69,7 @@
   <!-- <policy domain="resource" name="throttle" value="0"/> -->
   <!-- <policy domain="resource" name="time" value="3600"/> -->
   <!-- <policy domain="coder" rights="none" pattern="MVG" /> -->
+  <!-- <policy domain="module" rights="none" pattern="{ps,pdf,xps}" /> -->
   <!-- <policy domain="delegate" rights="none" pattern="HTTPS" /> -->
   <!-- <policy domain="path" rights="none" pattern="@*" /> -->
   <!-- <policy domain="cache" name="memory-map" value="anonymous"/> -->
author	Cristy <urban-warrior@imagemagick.org>	2018-08-24 20:43:50 -0400
committer	Cristy <urban-warrior@imagemagick.org>	2018-08-24 20:44:35 -0400
commit	c809ff7b9a0298cb5288399dd1ae495e2712d4ef (patch)
tree	8393a7c1f94a7316c53697b8df838ebe9ca9068f
parent	fd9289abe5e4b71273c9856a9df371319adb5a8c (diff)
download	ImageMagick-c809ff7b9a0298cb5288399dd1ae495e2712d4ef.tar.gz