Even Rouault
221a801a97
Rename mis-named function opj_tcd_get_encoded_tile_size() to opj_tcd_get_encoder_input_buffer_size()
2020-04-16 20:33:22 +02:00
Even Rouault
9c1cfb034a
Merge pull request #1240 from rouault/fix_crash_opj_decompress
...
opj_decompress: add sanity checks to avoid segfault in case of decoding error
2020-04-01 22:00:19 +02:00
Even Rouault
1c54024165
opj_decompress: add sanity checks to avoid segfault in case of decoding error
...
Prevent crashes like:
opj_decompress -i 0722_5-1_2019.jp2 -o out.ppm -r 4 -t 0
where 0722_5-1_2019.jp2 is
https://drive.google.com/file/d/1ZxOUZg2-FKjYwa257VFLMpTXRWxEoP0a/view?usp=sharing
2020-04-01 21:11:36 +02:00
Even Rouault
563ecfb55c
opj_compress: improve help message regarding new IMF switch
2020-02-13 09:59:36 +01:00
Even Rouault
4e5501b3c7
Merge pull request #1235 from rouault/imf
...
Implement writing of IMF profiles
2020-02-13 09:54:20 +01:00
Even Rouault
84f3bebbff
Implement writing of IMF profiles
...
Add -IMF switch to opj_compress as well
2020-02-12 15:55:25 +01:00
Even Rouault
fffe32adcb
openjpeg.h: fix values of OPJ_PROFILE_IMF_ constants
2020-02-12 15:55:02 +01:00
Even Rouault
28881453f6
Merge pull request #1234 from rouault/md5_libtiff_4_1
...
tests: add alternate checksums for libtiff 4.1
2020-02-10 11:20:20 +01:00
Even Rouault
b5cb419faf
tests: add alternate checksums for libtiff 4.1
...
Fixes #1233
libtiff 4.1 slightly modifies the way it generates files. So
add the new expected md5sum.
Not super elegant solution admitedly.
2020-02-07 22:05:55 +01:00
Even Rouault
647f9b118d
Merge pull request #1232 from rouault/fix_1231
...
opj_tcd_init_tile(): avoid integer overflow
2020-01-30 13:07:31 +01:00
Even Rouault
05f9b91e60
opj_tcd_init_tile(): avoid integer overflow
...
That could lead to later assertion failures.
Fixes #1231 / CVE-2020-8112
2020-01-30 00:59:57 +01:00
Max Moroz
b63a433ba1
tests/fuzzers: link fuzz binaries using $LIB_FUZZING_ENGINE. ( #1230 )
...
This was changed some time ago (https://google.github.io/oss-fuzz/getting-started/new-project-guide/ ) but the build didn't fail as there is a fallback mechanism. The main advantage of the new approach is that for libFuzzer this produces more performant binaries (as `$LIB_FUZZING_ENGINE` expands into `-fsanitize=fuzzer`, which links libFuzzer from the compiler-rt, allowing better optimization tricks).
I'm also experimenting with dataflow (https://github.com/google/oss-fuzz/issues/1632 ) on your project, and the dataflow config doesn't have a fallback (as it's a new configuration), therefore I'm proposing a change to migrate from `-lFuzzingEngine` to `$LIB_FUZZING_ENGINE`.
2020-01-13 18:07:54 +01:00
Even Rouault
46c1eff9e9
Merge pull request #1229 from rouault/fix_1228
...
opj_j2k_update_image_dimensions(): reject images whose coordinates are beyond INT_MAX (fixes #1228 )
2020-01-11 11:29:11 +01:00
Even Rouault
024b840739
opj_j2k_update_image_dimensions(): reject images whose coordinates are beyond INT_MAX ( fixes #1228 )
2020-01-11 01:51:58 +01:00
Even Rouault
ac3737372a
Merge pull request #1217 from rouault/fix_ossfuzz_18979
...
pi.c: avoid integer overflow, resulting in later invalid access to memory in opj_t2_decode_packets()
2019-11-17 13:08:41 +01:00
Robert Ancell
9701b3305d
JPWL: convert: Fix buffer overflow reading an image file less than four characters ( #1196 )
...
Fixes #1068
2019-11-17 03:09:59 +01:00
Even Rouault
cb332992a7
Merge pull request #1218 from rouault/fix_broken_abi_check
...
abi-check.sh: fix false postive ABI error, and display output error log
2019-11-17 02:47:26 +01:00
Even Rouault
016f80ae21
abi-check.sh: fix false postive ABI error, and display output error log
...
There is currently a false positive ABI check failure between v2.3.1
and current. It disappears when removing the generated reports of v2.3.1
and recreating them. It is likely that some tooling has evolved since
the initial v2.3.1 report generation.
2019-11-17 02:26:54 +01:00
Even Rouault
4cb1f66304
pi.c: avoid integer overflow, resulting in later invalid access to memory in opj_t2_decode_packets(). Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18979
2019-11-17 01:18:26 +01:00
Even Rouault
5875a6b446
opj_tcd_mct_decode()/opj_mct_decode()/opj_mct_encode_real()/opj_mct_decode_real(): proper deal with a number of samples larger than 4 billion (refs #1151 )
2019-10-03 11:04:30 +02:00
Even Rouault
e66125fe26
Merge pull request #1164 from sebras/master
...
openjp2/j2k: Report error if all wanted components are not decoded.
2019-09-03 17:03:54 +02:00
Even Rouault
8db9d25dcf
opj_decompress_fuzzer: remove checks regarding input dimensions ( fixes #1079 )
2019-06-15 09:55:16 +02:00
Even Rouault
f4d6578359
test_decode_area.c: assign tdy to *ptileh instead of *ptilew ( fixes #1195 )
2019-05-26 11:06:30 +02:00
Even Rouault
9b7620ee7a
Merge pull request #1185 from Young-X/fix
...
Fix several potential vulnerabilities
2019-04-26 19:52:52 +02:00
Even Rouault
4f447c6e18
Merge pull request #1192 from rouault/poc_fixes
...
compression: emit POC marker when only one single POC is requested (f…
2019-04-25 15:32:22 +02:00
Even Rouault
a94cfbd533
Change opj_j2k_check_poc_val() to take into account tile number
2019-04-25 15:06:45 +02:00
Even Rouault
bdec5ae272
Add test for previous commit
2019-04-25 14:40:56 +02:00
Even Rouault
6423163141
Fix POC in multi-tile scenarios: avoid almost endless loop when a tile has no POC settings
2019-04-25 14:40:56 +02:00
Even Rouault
b86717fdd3
Add test for previous commit
2019-04-25 14:40:56 +02:00
Even Rouault
23883458b9
opj_j2k_check_poc_val(): prevent potential write outside of allocated array
2019-04-25 14:40:56 +02:00
Even Rouault
6589c609f6
opj_j2k_check_poc_val(): fix starting index for checking layer dimension
...
The standard mandates that the layer index always starts at zero for every
progression.
2019-04-25 14:40:55 +02:00
Even Rouault
1e3a57563d
compression: emit POC marker when only one single POC is requested ( fixes #1191 )
2019-04-25 14:40:55 +02:00
Even Rouault
5dd75f62e2
j2k.c: use correct naming convention for total_data_size variable
2019-04-23 16:52:21 +02:00
Young Xiao
3aef207f90
bmp_read_rle4_data(): avoid potential infinite loop
2019-04-15 16:10:18 +08:00
Young Xiao
21399f6b7d
convertbmp: detect invalid file dimensions early
...
width/length dimensions read from bmp headers are not necessarily
valid. For instance they may have been maliciously set to very large
values with the intention to cause DoS (large memory allocation, stack
overflow). In these cases we want to detect the invalid size as early
as possible.
This commit introduces a counter which verifies that the number of
written bytes corresponds to the advertized width/length.
See commit 8ee335227b
for details.
Signed-off-by: Young Xiao <YangX92@hotmail.com>
2019-04-15 16:10:18 +08:00
Antonin Descampe
d0dd894ae2
Comment back opj_previous_version in abi_check.sh
2019-04-02 15:37:38 +02:00
Antonin Descampe
291e45bb04
Update version number for automatic abi check
2019-04-02 15:12:59 +02:00
Antonin Descampe
5709632545
update token for appveyor auto release
2019-04-02 14:45:15 +02:00
Antonin Descampe
8b9a89bc2e
update token for automatic release
2019-04-02 14:25:09 +02:00
Antonin Descampe
d1d422c126
Update for release 2.3.1
2019-04-02 12:08:52 +02:00
Antonin Descampe
d3b0b8927a
Update for release 2.3.1
2019-04-02 11:03:16 +02:00
Antonin Descampe
c7798bb0c6
update for release 2.3.1
2019-04-02 11:02:20 +02:00
Antonin Descampe
8196ab531e
Update BUILD version for release 2.3.1
2019-04-02 11:00:58 +02:00
Even Rouault
69a7a312dc
Merge pull request #1188 from rouault/fix_abi_check
...
abi-check.sh: fix broken download URL
2019-03-29 12:25:39 +01:00
Even Rouault
5151426d6e
abi-check.sh: fix broken download URL
2019-03-29 11:53:23 +01:00
Even Rouault
d6b8aed561
Merge pull request #1187 from rouault/fix_ubsan_in_opj_t1_encode_cblks
...
opj_t1_encode_cblks: fix UBSAN signed integer overflow
2019-03-29 11:52:38 +01:00
Even Rouault
a1d32a596a
opj_t1_encode_cblks: fix UBSAN signed integer overflow
...
Fixes #1053 / CVE-2018-5727
Note: I don't consider this issue to be a security vulnerability, in
practice.
At least with gcc or clang compilers on x86_64 which generate the same
assembly code with or without that fix.
2019-03-29 11:17:39 +01:00
Even Rouault
25b815dc46
Revert "[JPWL] tgatoimage(): avoid excessive memory allocation attempt,"
...
This reverts commit 05be308446
.
This commit doesn't compile due to missing OPJ_UINT64 type
2019-03-29 10:44:35 +01:00
Even Rouault
e1740e7ce7
Revert "[MJ2] Avoid index out of bounds access to pi->include[]"
...
This reverts commit c277159986
.
The commit didn't compile. include_size is not defined in openmj2
2019-03-29 10:40:58 +01:00
Sebastian Rasmussen
b2751967ec
openjp2/j2k: Report error if all wanted components are not decoded.
...
Previously the caller had to check whether each component data had
been decoded. This means duplicating the checking in every user of
openjpeg which is unnecessary. If the caller wantes to decode all
or a set of, or a specific component then openjpeg ought to error
out if it was unable to do so.
Fixes #1158 .
2019-02-21 16:48:02 +08:00