I want to create a captcha pic by use convert from ImageMagick.
And I follow this, but there are some problem .
Input In my linux shell:
convert -background white -fill black -font FreeSerif-Bold -pointsize 36 label:'adfgh' ./test.png
The Error is:
convert:not authorized
adfgh@ error/constitute.c/ReadImage/453. convert:missing an image filename./test.png@ error/convert.c/ConvertImageCommand/3015
My ImageMagick: Version:6.7.2-7 , I install it with yum install ImageMagick .
I'm clueless. Any advice please?
Note: the solution in this and other answers involves disabling safety measures that are there to fix arbitrary code execution vulnerabilities. See for instance this ghostscript-related and this ubuntu-related announcement. Only go forward with these solutions if the input to
convertcomes from a trusted source.
I use ImageMagick in php (v.7.1) to slice PDF file to images.
First I got errors like:
Exception type: ImagickException
Exception message: not authorized ..... @ error/constitute.c/ReadImage/412
After some changes in /etc/ImageMagick-6/policy.xml I start getting erroes like:
Exception type: ImagickException
Exception message: unable to create temporary file ..... Permission denied @ error/pdf.c/ReadPDFImage/465
My fix:
In file /etc/ImageMagick-6/policy.xml (or /etc/ImageMagick/policy.xml)
comment line
<!-- <policy domain="coder" rights="none" pattern="MVG" /> -->change line
<policy domain="coder" rights="none" pattern="PDF" />to
<policy domain="coder" rights="read|write" pattern="PDF" />add line
<policy domain="coder" rights="read|write" pattern="LABEL" />
Then restart your web server (nginx, apache).
I use many times the ImageMagic convert command to convert *.tif files to *.pdf files.
I don't know why but today I began to receive the following error:
convert: not authorized `a.pdf' @ error/constitute.c/WriteImage/1028.
After issuing the command:
convert a.tif a.pdf
After reading the above answers I edited the file /etc/ImageMagick-6/policy.xml
and changed the line:
policy domain="coder" rights="none" pattern="PDF"
to
policy domain="coder" rights="read|write" pattern="PDF"
and now everything works fine.
I have "ImageMagick 6.8.9-9 Q16 x86_64 2018-09-28" on "Ubuntu 16.04.5 LTS".
There is an /etc/ImageMagick/policy.xml file that is installed by yum. It disallows almost everything (for security and to protect your system from getting overloaded with ImageMagick calls).
If you're getting a ReadImage error as above, you can change the line to:
<policy domain="coder" rights="read" pattern="LABEL" />
which should fix the issue.
The file has a bunch of documentation in it, so you should read that. For example, if you need more permissions, you can combine them like:
<policy domain="coder" rights="read|write" pattern="LABEL" />
...which is preferable to removing all permissions checks (i.e., deleting or commenting out the line).
If someone need to do it with one command after install, run this !
sed -i 's/<policy domain="coder" rights="none" pattern="PDF" \/>/<policy domain="coder" rights="read|write" pattern="PDF" \/>/g' /etc/ImageMagick-6/policy.xml
The answer with highest votes (I have not enough reputation to add comment there) suggests to comment out the MVG line, but have in mind this:
CVE-2016-3714
ImageMagick supports ".svg/.mvg" files which means that attackers can craft code in a scripting language, e.g. MSL (Magick Scripting Language) and MVG (Magick Vector Graphics), upload it to a server disguised as an image file and force the software to run malicious commands on the server side as described above. For example adding the following commands in a file and uploading it to a webserver that uses a vulnerable ImageMagick version will result in running the command "ls -la" on the server.
exploit.jpg:
push graphic-context viewbox 0 0 640 480 fill 'url(https://website.com/image.png"|ls "-la)' pop graphic-context
And
Any version below 7.0.1-2 or 6.9.4-0 is potentially vulnerable and affected parties should as soon as possible upgrade to the latest ImageMagick version.
After a recent update on my Ubuntu 16.04 system I have also started getting this error when trying to run convert on .ps files to convert them into pdfs.
This fix worked for me:
In a terminal run:
sudo gedit /etc/ImageMagick-6/policy.xml
This should open the policy.xml file in the gedit text editor. If it doesn't, your image magick might be installed in a different place. Then change
rights="none"
to
rights="read | write"
for PDF, EPS and PS lines near the bottom of the file. Save and exit, and image magick should then work again.
Just delete /etc/ImageMagick/policy.xml file.
I also had the error error/constitute.c/ReadImage/453 when trying to convert an eps to a gif with image magick. I tried the solution proposed by sNICkerssss but still had errors (though different from the first one)e error/constitute.c/ReadImage/412
What solved the problem was to put read to other entries
<policy domain="coder" rights="read" pattern="PS" />
<policy domain="coder" rights="read" pattern="EPS" />
<policy domain="coder" rights="read" pattern="PDF" />
<policy domain="coder" rights="read" pattern="XPS" />
<policy domain="coder" rights="read|write" pattern="LABEL" />
来源:https://stackoverflow.com/questions/42928765/convertnot-authorized-aaaa-error-constitute-c-readimage-453