--- ./magick/montage.c.orig 2005-06-23 23:04:33.000000000 -0500 +++ ./magick/montage.c 2006-02-06 16:39:37.000000000 -0600 @@ -528,7 +528,7 @@ /* Form filename for multi-part images. */ - (void) FormatMagickString(filename,MaxTextExtent, + (void) FormatMagickStringNumeric(filename,MaxTextExtent, image_info->filename,scene); if (LocaleCompare(filename,image_info->filename) == 0) (void) FormatMagickString(filename,MaxTextExtent,"%s.%lu", --- ./magick/string.c.orig 2005-06-23 23:04:33.000000000 -0500 +++ ./magick/string.c 2006-02-06 16:39:37.000000000 -0600 @@ -910,6 +910,75 @@ % % % % % % +% F o r m a t M a g i c k S t r i n g N u m e r i c % +% % +% % +% % +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +% +% Method FormatMagickStringNumeric formats output for a single numeric +% argument. It takes into account that the format string given might be +% untrusted user input, and returns the length of the formatted string. +% +% The format of the FormatMagickStringNumeric method is: +% +% long FormatMagickStringNumeric(char *string,const size_t length, +% const char *format,int value) +% +% A description of each parameter follows. +% +% o string: FormatMagickStringNumeric() returns the formatted string in this +% character buffer. +% +% o length: The maximum length of the string. +% +% o format: A string describing the format to use to write the numeric +% argument. Only the first numeric format identifier is replaced. +% +% o value: Numeric value to substitute into format string. +% +% +*/ +MagickExport long FormatMagickStringNumeric(char *string,const size_t length,const char *format,int value) +{ + char + *p; + + (void) CopyMagickString(string, format, length); + + for (p=strchr(format,'%'); p != (char *) NULL; p=strchr(p+1,'%')) + { + char + *q; + + q=(char *) p+1; + if (*q == '0') + (void) strtol(q,&q,10); + if ((*q == '%') || (*q == 'd') || (*q == 'o') || (*q == 'x')) + { + char + c; + + q++; + c=*q; + *q='\0'; + (void) snprintf(string+(p-format),length-(p-format),p,value); + *q=c; + (void) ConcatenateMagickString(string,q,length); + if (*(q-1) == '%') + p++; + else + break; + } + } + return (long)strlen(string); +} + +/* +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +% % +% % +% % % F o r m a t M a g i c k S t r i n g % % % % % --- ./magick/display.c.orig 2005-06-23 23:04:33.000000000 -0500 +++ ./magick/display.c 2006-02-06 16:39:37.000000000 -0600 @@ -1981,7 +1981,7 @@ /* Form filename for multi-part images. */ - (void) FormatMagickString(filename,MaxTextExtent, + (void) FormatMagickStringNumeric(filename,MaxTextExtent, image_info->filename,scene); if (LocaleCompare(filename,image_info->filename) == 0) (void) FormatMagickString(filename,MaxTextExtent,"%s.%lu", --- ./magick/blob.c.orig 2005-06-23 23:04:33.000000000 -0500 +++ ./magick/blob.c 2006-02-06 16:39:37.000000000 -0600 @@ -2116,25 +2116,8 @@ /* Form filename for multi-part images. */ - (void) CopyMagickString(filename,image->filename,MaxTextExtent); - for (p=strchr(filename,'%'); p != (char *) NULL; p=strchr(p+1,'%')) - { - char - *q; - - q=p+1; - if (*q == '0') - (void) strtol(q,&q,10); - if ((*q == '%') || (*q == 'd') || (*q == 'o') || (*q == 'x')) - { - char - format[MaxTextExtent]; - - (void) CopyMagickString(format,p,MaxTextExtent); - (void) FormatMagickString(p,MaxTextExtent,format,image->scene); - break; - } - } + (void) FormatMagickStringNumeric(filename,MaxTextExtent,image->filename, + image->scene); if (image_info->adjoin == MagickFalse) if ((image->previous != (Image *) NULL) || (GetNextImageInList(image) != (Image *) NULL)) --- ./magick/animate.c.orig 2005-06-23 23:04:33.000000000 -0500 +++ ./magick/animate.c 2006-02-06 16:39:37.000000000 -0600 @@ -601,7 +601,7 @@ /* Form filename for multi-part images. */ - (void) FormatMagickString(filename,MaxTextExtent, + (void) FormatMagickStringNumeric(filename,MaxTextExtent, image_info->filename,scene); if (LocaleCompare(filename,image_info->filename) == 0) (void) FormatMagickString(filename,MaxTextExtent,"%s[%lu]", --- ./magick/image.c.orig 2005-06-23 23:04:33.000000000 -0500 +++ ./magick/image.c 2006-02-06 16:41:46.000000000 -0600 @@ -2822,25 +2822,8 @@ /* Rectify multi-image file support. */ - (void) CopyMagickString(filename,image_info->filename,MaxTextExtent); - for (p=strchr(filename,'%'); p != (char *) NULL; p=strchr(p+1,'%')) - { - char - *q; - - q=p+1; - if (*q == '0') - (void) strtol(q,&q,10); - if ((*q == '%') || (*q == 'd') || (*q == 'o') || (*q == 'x')) - { - char - format[MaxTextExtent]; - - (void) CopyMagickString(format,p,MaxTextExtent); - (void) FormatMagickString(p,MaxTextExtent,format,image_info->scene); - break; - } - } + (void) FormatMagickStringNumeric(filename,MaxTextExtent, + image_info->filename,image_info->scene); if ((LocaleCompare(filename,image_info->filename) != 0) && (strchr(filename,'%') == (char *) NULL)) image_info->adjoin=MagickFalse; --- ./magick/string_.h.orig 2005-06-23 23:04:33.000000000 -0500 +++ ./magick/string_.h 2006-02-06 16:42:35.000000000 -0600 @@ -60,6 +60,7 @@ magick_attribute((format (printf,3,4))), FormatMagickStringList(char *,const size_t,const char *,va_list) magick_attribute((format (printf,3,0))), + FormatMagickStringNumeric(char *,const size_t,const char *,int), LocaleCompare(const char *,const char *), LocaleNCompare(const char *,const char *,const size_t);