003759a482
Fix null pointer dereference on partial tile decoding when they are empty. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3297 (master only)
2017-09-06 15:59:19 +02:00
968e36bbd9
Merge pull request #1010 from rouault/subtile_decoding_stage3
...
Subtile decoding: memory use reduction and perf improvements
2017-09-05 22:18:58 +02:00
579b8937ea
Replace uses of size_t by OPJ_SIZE_T
2017-09-04 17:35:52 +02:00
e5ab1682a1
Improve error message when specifying a too big cp_reduce parameter ( #474 )
2017-09-02 09:10:53 +02:00
c1e0fba0c4
opj_v4dwt_decode_step1_sse(): rework a bit to improve code generation
2017-09-01 22:23:29 +02:00
676d4c807f
opj_j2k_update_image_data(): avoid allocating image buffer if we can just reuse the tile buffer one
2017-09-01 22:23:29 +02:00
4c7effa6bc
opj_t1_clbl_decode_processor(): use SSE2 in subtile decoding code path, for irreversible
2017-09-01 22:23:29 +02:00
2c365fe0ec
Replace error message 'Not enough memory for tile data' by 'Size of tile data exceeds system limits' (refs https://github.com/uclouvain/openjpeg/pull/730#issuecomment-326654188 )
2017-09-01 22:23:29 +02:00
559d16e8f4
opj_t1_decode_cblk(): move some code to codeblock processor for (theoretical) better multi-threading in subtile decoding
2017-09-01 22:23:29 +02:00
7017e67a01
sparse_array: optimizations for lossy case
2017-09-01 22:23:29 +02:00
b428b8c7e7
opj_tcd_rateallocate(): make sure to use all passes for a lossless layer ( #1009 )
...
And save a useless loop, which should be a tiny faster.
2017-09-01 20:02:09 +02:00
7aa071aa27
opj_j2k_setup_encoder(): emit warnings if tcp_rates are not decreasing or tcp_distoratio are not increasing ( #1009 )
2017-09-01 19:49:01 +02:00
a538815c77
opj_j2k_setup_encoder(): avoid potential int overflow in computations related to max_cs_size
2017-09-01 19:27:56 +02:00
09929bb615
opj_compress help: revert 3257261776 and indicate 1 again as being the value to get lossless for -r. In opj_j2k_setup_encoder(), make sure that ll rates[] <= 1.0 are set to 0. Document 0 as being lossless for -q / tcp_distoratio ( #1009 )
2017-09-01 19:16:35 +02:00
8a17be8945
opj_v4dwt_decode_step2_sse(): loop unroll
2017-09-01 16:31:08 +02:00
83b5a168ec
opj_dwt_decode_partial_97(): simplify/more efficient use of sparse arrays in vertical pass
2017-09-01 16:31:06 +02:00
ae19001ba4
opj_tcd_dc_level_shift_decode(): optimize lossy case
2017-09-01 16:31:04 +02:00
470f3ed416
opj_dwt_decode_partial_1_parallel(): add SSE2 optimization
2017-09-01 16:31:02 +02:00
873004c615
Sub-tile decoding: speed up vertical pass in IDWT5x3 by processing 4 cols at a time
2017-09-01 16:31:00 +02:00
ccac773556
Tiny perf improvement in T1 stage for subtile decoding
2017-09-01 16:30:58 +02:00
82a43d8035
Optimize opj_dwt_decode_partial_1() when cas == 0
2017-09-01 16:30:54 +02:00
1644665a91
opj_j2k_update_image_data(): avoid zero-ing the buffer if not needed
2017-09-01 16:30:52 +02:00
b2cc8f7f81
Optimize reading/write into sparse array
2017-09-01 16:30:50 +02:00
0ae3cba340
Allow several repeated calls to opj_set_decode_area() and opj_decode() for single-tiled images
...
* Only works for single-tiled images --> will error out cleanly, as currently
in other cases
* Save re-reading the codestream for the tile, and re-use code-blocks of the
previous decoding pass.
* Future improvements might involve improving opj_decompress, and the image writing logic,
to use this strategy.
2017-09-01 16:30:48 +02:00
5d07d463fd
opj_j2k_decode_tiles(): apply whole single tile image decoding optimization to reading at reduced resolution as well
2017-09-01 16:30:45 +02:00
98b9310361
Various changes to allow tile buffers of more than 4giga pixels
...
Untested though, since that means a tile buffer of at least 16 GB. So
there might be places where uint32 overflow on multiplication still occur...
2017-09-01 16:30:44 +02:00
008a12d4fc
TCD: allow tile buffer to be greater than 4GB on 64 bit hosts (but number of pixels must remain under 4 billion)
2017-09-01 16:30:41 +02:00
d1299d9670
Fix compiler warning in release mode
2017-09-01 16:30:39 +02:00
d5153ba404
Remove limitation that prevents from opening images bigger than 4 billion pixels
...
However the intermediate buffer for decoding must still be smaller than 4
billion pixels, so this is useful for decoding at a lower resolution level,
or subtile decoding.
2017-09-01 16:30:37 +02:00
c37e360a51
opj_tcd_init_tile(): fix typo on overflow detection condition (introduced in previous commit)
2017-09-01 16:30:35 +02:00
eee5104a88
opj_dwt_decode_partial_tile(): avoid undefined behaviour in lifting operation by properly initializing working buffer
2017-09-01 16:30:32 +02:00
f9e9942330
Sub-tile decoding: only allocate tile component buffer of the needed dimension
...
Instead of being the full tile size.
* Use a sparse array mechanism to store code-blocks and intermediate stages of
IDWT.
* IDWT, DC level shift and MCT stages are done just on that smaller array.
* Improve copy of tile component array to final image, by saving an intermediate
buffer.
* For full-tile decoding at reduced resolution, only allocate the tile buffer to
the reduced size, instead of the full-resolution size.
2017-09-01 16:30:29 +02:00
0a25dceca7
opj_j2k_setup_encoder(): validate code block width/height
2017-09-01 10:26:53 +02:00
84bbb4a874
opj_t1_allocate_buffers(): remove useless overflow checks
2017-09-01 10:26:53 +02:00
6ce49bf5ae
Fix undefined shift behaviour in opj_dwt_is_whole_tile_decoding(). Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3255 . Credit to OSS Fuzz
2017-09-01 10:26:18 +02:00
04b70908a7
Use IDWT whole tile decoding if the area of interest equals to the image bounds, taking into account the reduced resolution factor
2017-08-29 11:40:53 +02:00
a55c024fc6
Subtile decoding: fix overflows in subband coordinate computation that cause later buffer overflow. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3115 . Credit to OSS Fuzz. master only
2017-08-28 17:18:33 +02:00
8f92fc9791
Make opj_set_decode_area() and opj_decode() take into account opj_set_decoded_resolution_factor() ( #1006 , affect API use)
...
* Better document usage of opj_set_decode_area(), ie expecting coordinates
in full resolution/reference grid even if requesting at a lower resolution
factor
* Make sure that image->comps[].factor is set by opj_set_decode_area() and
opj_decode() from the value specified in opj_set_decoded_resolution_factor()
* opj_decompress: add 2 environmenet variables to test alternate ways of
using the API, namely USE_OPJ_SET_DECODED_RESOLUTION_FACTOR=YES to use
opj_set_decoded_resolution_factor() instead of parameters.cp_reduce, and
SKIP_OPJ_SET_DECODE_AREA=YES to not call opj_set_decode_area() if -d is
not specified.
2017-08-28 14:57:49 +02:00
bc71bd1219
opj_dwt_decode_partial_97(): perf improvement: limit copy of coefficients at end of horizontal pass to actual range of interest
2017-08-23 18:58:32 +02:00
c97666f72b
j2k.c: fix comment, and remove FIXME
2017-08-21 19:02:04 +02:00
24d069e3ff
Add comment
2017-08-21 17:19:13 +02:00
17a7ac42d5
Add comments for filter_width values
2017-08-21 12:25:38 +02:00
f87c5ef7eb
Subtile decoding: only do 9x7 IDWT computations on relevant areas of tile-component buffer.
2017-08-20 22:02:41 +02:00
5d40325056
Subtile decoding: only do 5x3 IDWT computations on relevant areas of tile-component buffer.
...
This lowers 'bin/opj_decompress -i ../MAPA.jp2 -o out.tif -d 0,0,256,256'
down to 0.860s
2017-08-18 15:08:51 +02:00
5d12806091
opj_j2k_update_rates(): grow tile size buffer for some situations
2017-08-17 19:18:48 +02:00
4b0bfbfabc
Zero-initialize tile buffer regions of skipped code-blocks, so as to make Valgrind happy
2017-08-17 19:05:54 +02:00
fe338a057c
Sub-tile decoding: only decode precincts and codeblocks that intersect the window specified in opj_set_decode_area()
2017-08-17 19:05:54 +02:00
fd8448ed44
bench_dwt.c: fix signedness related warnings
2017-08-17 17:04:48 +02:00
09e83407fa
Avoid asserting on assert(i == pcol) in opj_jp2_apply_pclr() by adding new check in opj_jp2_check_color(). Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3068 . Credit to OSS Fuzz
2017-08-17 11:05:53 +02:00
8e6c371e66
opj_t1_encode_cblk(): avoid uint32 overflow when numbps = 0 (which is well defined behaviour, and is properly handled here, but better avoid it to detect real issues)
2017-08-16 18:29:59 +02:00
c535531f03
opj_t2_encode_packet(): fix potential write heap buffer overflow ( #992 )
2017-08-16 17:20:29 +02:00
dcac91b8c7
opj_j2k_write_sot(): fix potential write heap buffer overflow ( #991 )
2017-08-16 17:09:10 +02:00
9624b2fa47
opj_t2_encode_packet(): only emit an error about insufficiently large output buffer in FINAL_PASS mode. Fixes (master-only) regression added in 0b4fef6d19
2017-08-16 12:52:33 +02:00
4241ae6fbb
Fix assertion in debug mode / heap-based buffer overflow in opj_write_bytes_LE for Cinema profiles with numresolutions = 1 ( #985 )
2017-08-15 11:55:58 +02:00
52d5690a6f
Merge pull request #984 from stweil/const
...
Use more const qualifiers
2017-08-14 17:28:26 +02:00
afb308b9cc
Encoder: grow buffer size in opj_tcd_code_block_enc_allocate_data() to avoid write heap buffer overflow in opj_mqc_flush ( #982 )
2017-08-14 17:20:37 +02:00
bc59410f25
Use const qualifier for mqc_states
...
This allows more compiler optimizations.
Signed-off-by: Stefan Weil <sw@weilnetz.de>
2017-08-14 14:41:27 +02:00
10e6ce2c2c
Use const qualifier for j2k_prog_order_list
...
This allows more compiler optimizations.
Signed-off-by: Stefan Weil <sw@weilnetz.de>
2017-08-14 14:41:27 +02:00
a35b489134
Fix argument order in error message of previous commit
2017-08-10 16:58:36 +02:00
0b4fef6d19
Propagate event manager down to opj_t2_encode_packet() and use it to emit an error message when the output buffer is too small
2017-08-10 16:49:47 +02:00
a316f36dfc
Fix crash on encoding if using opj_set_default_encoder_parameters() without defining tcp_numlayers
2017-08-10 14:43:16 +02:00
26fe8f6043
Improve doc of opj_tccp_info_t::cblkw and cblkh
2017-08-10 11:45:49 +02:00
4b16e8d27a
Remove useless opj_tcd_t::enumcs field added per #975
2017-08-09 17:37:05 +02:00
5e200452db
Doc: fix error in previous commit
2017-08-09 15:04:29 +02:00
9203e8ec51
tcd.h: doc fixes and improvements
2017-08-09 14:50:59 +02:00
11b1ffb373
Document qmfbid values
2017-08-09 14:13:58 +02:00
ac375ac9f5
Partial revert BPC related check of #975 ( #979 )
...
PR #975 introduced a check that rejects images that have different bit depth/sign
per compoment in SIZ marker if the JP2 IHDR box has BPC != 255
This didn't work properly if decoding a .j2k file since the new bit added in
opj_cp_t wasn't initialized to the right value.
For clarity, tThis new bit has also been renamed to allow_different_bit_depth_sign
But looking closer at the code, it seems we were already tolerant to inconsistencies.
For example we parsed a JP2 BPCC box even if BPC != 255 (just a warning is emitted)
So failing hard in opj_j2k_read_siz() wouldn't be very inconsistent, and that
alone cannot protect against other issues, so just emit a warning if BPC != 255
and the SIZ marker contains different bit depth/sign per component.
Note: we could also check that the content of JP2 BPCC box is consistant with the one
of the SIZ marker.
2017-08-09 11:34:08 +02:00
0394f8d0f1
Merge pull request #975 from szukw000/changes-for-afl-tests
...
Catch images broken by AFL
2017-08-08 16:51:54 -07:00
92114694a4
Slight improvement in management of code block chunks
...
Instead of having the chunk array at the segment level, we can move it down to
the codeblock itself since segments are filled in sequential order.
Limit the number of memory allocation, and decrease slightly the memory usage.
On MAPA_005.jp2
n4: 1871312549 (heap allocation functions) malloc/new/new[], --alloc-fns, etc.
n1: 1610689344 0x4E781E7: opj_aligned_malloc (opj_malloc.c:61)
n1: 1610689344 0x4E71D1B: opj_alloc_tile_component_data (tcd.c:676)
n1: 1610689344 0x4E726CF: opj_tcd_init_decode_tile (tcd.c:816)
n1: 1610689344 0x4E4BE39: opj_j2k_read_tile_header (j2k.c:8617)
n1: 1610689344 0x4E4C902: opj_j2k_decode_tiles (j2k.c:10348)
n1: 1610689344 0x4E4E3CE: opj_j2k_decode (j2k.c:7846)
n1: 1610689344 0x4E53002: opj_jp2_decode (jp2.c:1564)
n0: 1610689344 0x40374E: main (opj_decompress.c:1459)
n1: 219232541 0x4E4BC50: opj_j2k_read_tile_header (j2k.c:4683)
n1: 219232541 0x4E4C902: opj_j2k_decode_tiles (j2k.c:10348)
n1: 219232541 0x4E4E3CE: opj_j2k_decode (j2k.c:7846)
n1: 219232541 0x4E53002: opj_jp2_decode (jp2.c:1564)
n0: 219232541 0x40374E: main (opj_decompress.c:1459)
n1: 23893200 0x4E72735: opj_tcd_init_decode_tile (tcd.c:1225)
n1: 23893200 0x4E4BE39: opj_j2k_read_tile_header (j2k.c:8617)
n1: 23893200 0x4E4C902: opj_j2k_decode_tiles (j2k.c:10348)
n1: 23893200 0x4E4E3CE: opj_j2k_decode (j2k.c:7846)
n1: 23893200 0x4E53002: opj_jp2_decode (jp2.c:1564)
n0: 23893200 0x40374E: main (opj_decompress.c:1459)
n0: 17497464 in 52 places, all below massif's threshold (1.00%)
2017-08-07 18:32:52 +02:00
ca34d13e76
Decoding: do not allocate memory for the codestream of each codeblock
...
Currently we allocate at least 8192 bytes for each codeblock, and copy
the relevant parts of the codestream in that per-codeblock buffer as we
decode packets.
As the whole codestream for the tile is ingested in memory and alive
during the decoding, we can directly point to it instead of copying. But
to do that, we need an intermediate concept, a 'chunk' of code-stream segment,
given that segments may be made of data at different places in the code-stream
when quality layers are used.
With that change, the decoding of MAPA_005.jp2 goes down from the previous
improvement of 2.7 GB down to 1.9 GB.
New profile:
n4: 1885648469 (heap allocation functions) malloc/new/new[], --alloc-fns, etc.
n1: 1610689344 0x4E78287: opj_aligned_malloc (opj_malloc.c:61)
n1: 1610689344 0x4E71D7B: opj_alloc_tile_component_data (tcd.c:676)
n1: 1610689344 0x4E7272C: opj_tcd_init_decode_tile (tcd.c:816)
n1: 1610689344 0x4E4BDD9: opj_j2k_read_tile_header (j2k.c:8618)
n1: 1610689344 0x4E4C8A2: opj_j2k_decode_tiles (j2k.c:10349)
n1: 1610689344 0x4E4E36E: opj_j2k_decode (j2k.c:7847)
n1: 1610689344 0x4E52FA2: opj_jp2_decode (jp2.c:1564)
n0: 1610689344 0x40374E: main (opj_decompress.c:1459)
n1: 219232541 0x4E4BBF0: opj_j2k_read_tile_header (j2k.c:4685)
n1: 219232541 0x4E4C8A2: opj_j2k_decode_tiles (j2k.c:10349)
n1: 219232541 0x4E4E36E: opj_j2k_decode (j2k.c:7847)
n1: 219232541 0x4E52FA2: opj_jp2_decode (jp2.c:1564)
n0: 219232541 0x40374E: main (opj_decompress.c:1459)
n1: 39822000 0x4E727A9: opj_tcd_init_decode_tile (tcd.c:1219)
n1: 39822000 0x4E4BDD9: opj_j2k_read_tile_header (j2k.c:8618)
n1: 39822000 0x4E4C8A2: opj_j2k_decode_tiles (j2k.c:10349)
n1: 39822000 0x4E4E36E: opj_j2k_decode (j2k.c:7847)
n1: 39822000 0x4E52FA2: opj_jp2_decode (jp2.c:1564)
n0: 39822000 0x40374E: main (opj_decompress.c:1459)
n0: 15904584 in 52 places, all below massif's threshold (1.00%)
2017-08-07 18:32:52 +02:00
373520db30
Add documentation for magic values in the code
2017-08-07 18:32:52 +02:00
434ace4ff7
opj_jp2_apply_pclr() also needs to use opj_image_data_alloc/opj_image_data_free
2017-08-07 18:32:52 +02:00
0c1fc0593e
Complementary fix to previous commit
2017-08-07 18:32:52 +02:00
f58aab9d6a
Add opj_image_data_alloc() / opj_image_data_free()
...
As bin/common/color.c used to directly call malloc()/free(), we need
to export functions dedicated to allocating/freeing image component data.
2017-08-07 18:32:52 +02:00
61fb5dd7f8
Fix crash on Windows due to b7594c0fcb9dd3aa6356d72c4a525d76168da689
...
b7594c0fcb9dd3aa6356d72c4a525d76168da689 may put opj_tcd_tilecomp_t->data
allocated by opj_alloc_tile_component_data() as the image->comps[].data. As
opj_alloc_tile_component_data() use opj_aligned_malloc() we must be sure to
ue opj_alined_malloc()/_free() in all places where we alloc/free
image->comps[].data.
Note: this might have some compatibility impact in case user code does itself
the allocation/free of image->comps[].data
2017-08-07 18:32:49 +02:00
793edc38e4
Decrease memory consumption for whole image single tile decoding.
...
We can use the same buffer for the tile decoding and the final image, and
save the intermediate buffer to transfer between those.
Effect on the decoding of MAPA (9944 x 13498 x 3 components of size byte)
Peak memory from 4.5 GB to 2.7 GB
Now:
n5: 2699708767 (heap allocation functions) malloc/new/new[], --alloc-fns, etc.
n1: 1610689344 0x4E77E07: opj_aligned_malloc (opj_malloc.c:61) <-- final image
n1: 1610689344 0x4E7195B: opj_alloc_tile_component_data (tcd.c:676)
n1: 1610689344 0x4E722D2: opj_tcd_init_decode_tile (tcd.c:816)
n1: 1610689344 0x4E4BCF1: opj_j2k_read_tile_header (j2k.c:8597)
n1: 1610689344 0x4E4C742: opj_j2k_decode_tiles (j2k.c:10324)
n1: 1610689344 0x4E4E20E: opj_j2k_decode (j2k.c:7826)
n1: 1610689344 0x4E52E42: opj_jp2_decode (jp2.c:1564)
n0: 1610689344 0x40369E: main (opj_decompress.c:1459)
n1: 815554560 0x4E72231: opj_tcd_init_decode_tile (tcd.c:1217) <-- working memory for code blocks: 9944*13498/64/64*8192*3
n1: 815554560 0x4E4BCF1: opj_j2k_read_tile_header (j2k.c:8597)
n1: 815554560 0x4E4C742: opj_j2k_decode_tiles (j2k.c:10324)
n1: 815554560 0x4E4E20E: opj_j2k_decode (j2k.c:7826)
n1: 815554560 0x4E52E42: opj_jp2_decode (jp2.c:1564)
n0: 815554560 0x40369E: main (opj_decompress.c:1459)
n1: 219758391 0x4E4C0BF: opj_j2k_read_tile_header (j2k.c:4661) <-- ingestion of code stream
n1: 219758391 0x4E4C742: opj_j2k_decode_tiles (j2k.c:10324)
n1: 219758391 0x4E4E20E: opj_j2k_decode (j2k.c:7826)
n1: 219758391 0x4E52E42: opj_jp2_decode (jp2.c:1564)
n0: 219758391 0x40369E: main (opj_decompress.c:1459)
n1: 39822000 0x4E7224F: opj_tcd_init_decode_tile (tcd.c:1224) <-- OPJ_J2K_DEFAULT_NB_SEGS*sizeof(opj_tcd_seg_t) per codeblock
n1: 39822000 0x4E4BCF1: opj_j2k_read_tile_header (j2k.c:8597)
n1: 39822000 0x4E4C742: opj_j2k_decode_tiles (j2k.c:10324)
n1: 39822000 0x4E4E20E: opj_j2k_decode (j2k.c:7826)
n1: 39822000 0x4E52E42: opj_jp2_decode (jp2.c:1564)
n0: 39822000 0x40369E: main (opj_decompress.c:1459)
n0: 13884472 in 49 places, all below massif's threshold (1.00%)
Before:
n5: 4493329848 (heap allocation functions) malloc/new/new[], --alloc-fns, etc.
n2: 1610709160 0x4E77C87: opj_aligned_malloc (opj_malloc.c:61)
n1: 1610689344 0x4E717DB: opj_alloc_tile_component_data (tcd.c:676)
n1: 1610689344 0x4E72152: opj_tcd_init_decode_tile (tcd.c:816)
n1: 1610689344 0x4E4BCF1: opj_j2k_read_tile_header (j2k.c:8597)
n1: 1610689344 0x4E4C64A: opj_j2k_decode_tiles (j2k.c:10318)
n1: 1610689344 0x4E4E08E: opj_j2k_decode (j2k.c:7826)
n1: 1610689344 0x4E52CC2: opj_jp2_decode (jp2.c:1564)
n0: 1610689344 0x40369E: main (opj_decompress.c:1459)
n0: 19816 in 2 places, all below massif's threshold (1.00%)
n1: 1610689344 0x4E43F36: opj_j2k_update_image_data.isra.7 (j2k.c:8743)
n1: 1610689344 0x4E4C5C1: opj_j2k_decode_tiles (j2k.c:10358)
n1: 1610689344 0x4E4E08E: opj_j2k_decode (j2k.c:7826)
n1: 1610689344 0x4E52CC2: opj_jp2_decode (jp2.c:1564)
n0: 1610689344 0x40369E: main (opj_decompress.c:1459)
n1: 815554560 0x4E720B1: opj_tcd_init_decode_tile (tcd.c:1217)
n1: 815554560 0x4E4BCF1: opj_j2k_read_tile_header (j2k.c:8597)
n1: 815554560 0x4E4C64A: opj_j2k_decode_tiles (j2k.c:10318)
n1: 815554560 0x4E4E08E: opj_j2k_decode (j2k.c:7826)
n1: 815554560 0x4E52CC2: opj_jp2_decode (jp2.c:1564)
n0: 815554560 0x40369E: main (opj_decompress.c:1459)
n1: 402672336 0x4E4C545: opj_j2k_decode_tiles (j2k.c:10336)
n1: 402672336 0x4E4E08E: opj_j2k_decode (j2k.c:7826)
n1: 402672336 0x4E52CC2: opj_jp2_decode (jp2.c:1564)
n0: 402672336 0x40369E: main (opj_decompress.c:1459)
n0: 53704448 in 58 places, all below massif's threshold (1.00%)
2017-08-07 18:18:53 +02:00
2fbd4bb0b9
opj_j2k_read_sot(): check current TPSot number regarding previous (non-zero) TNsot to avoid opj_j2k_merge_ppt() to be called several times. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2851 . Credit to OSS Fuzz
2017-08-04 18:02:10 +02:00
57e36dbfeb
First change on changes-for-afl-tests
2017-08-02 17:27:08 +02:00
00f45684a8
Catch images broken by AFL
2017-07-31 13:58:08 +02:00
13cde9fa37
src/lib/openjp2/*.h: use OPJ_ prefix for inclusion guards instead of reserved __ ( #587 )
2017-07-30 19:46:52 +02:00
9a6d41d22b
opj_event_msg(): force zero termination of buffer
2017-07-30 19:27:01 +02:00
b716f86163
Fix breakage of 22bf99ce02
2017-07-30 19:26:47 +02:00
22bf99ce02
Test return value of opj_j2k_setup_decoding_tile() (commit ec31fa0c7f by ak-dxdy, #561 )
2017-07-30 19:07:16 +02:00
ffa9a4f658
Fix warnings in USE_JPIP compilation mode
2017-07-30 18:46:34 +02:00
c22cbd8bdf
Avoid heap buffer overflow in function pnmtoimage of convert.c, and unsigned integer overflow in opj_image_create() (CVE-2016-9118, #861 )
2017-07-30 18:43:25 +02:00
83342f2aaf
Fix Doxygen warnings (patch derived from Winfried's doxygen-dif.txt.zip, #849 )
2017-07-30 18:18:59 +02:00
4748318136
j2k.c: remove hardcoded constants related to m_state, and useless FIXME
2017-07-30 17:26:03 +02:00
e23e0c94d0
Avoid p_stream->m_user_data_length >= (OPJ_UINT64)p_stream->m_byte_offset assertion in opj_stream_get_number_byte_left(). Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2786 . Credit to OSS Fuzz
2017-07-30 16:48:15 +02:00
1ed8d67797
opj_j2k_set_decode_area: replace assertions by runtime checks. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2795 . Credit to OSS Fuzz
2017-07-30 15:35:47 +02:00
68832af20e
opj_tcd_dc_level_shift_decode: avoid int32 overflow when prec == 31. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2799 . Credit to OSS Fuzz
2017-07-30 15:22:24 +02:00
51eb86d8f7
Fix warnings in pi.c raised by VS11 analyze ( #190 )
2017-07-29 19:43:23 +02:00
397f62c0a8
Fix write heap buffer overflow in opj_mqc_byteout(). Discovered by Ke Liu of Tencent's Xuanwu LAB ( #835 )
2017-07-29 19:13:49 +02:00
11445eddad
opj_pi_update_decode_poc(): limit layno1 to the number of layers (CVE-2016-1626 and CVE-2016-1628, #850 )
...
This has been recently fixed in a less elegant way per
80818c39f5
2017-07-29 19:03:13 +02:00
3fbe713690
opj_tcd_get_decoded_tile_size(): fix potential UINT32 overflow ( #854 , CVE-2016-5152)
...
Fix derived from https://pdfium.googlesource.com/pdfium.git/+/d8cc503575463ff3d81b22dad292665f2c88911e/third_party/libopenjpeg20/0018-tcd_get_decoded_tile_size.patch
2017-07-29 18:38:16 +02:00
db9ef99f6d
opj_t1_decode_cblk(): avoid undefined shift behaviour. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2487 . Credit to OSS Fuzz
2017-07-29 16:34:35 +02:00
f6551f822f
opj_t1_clbl_decode_processor(): avoid undefined behaviour if roishift >= 31. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2506 . Credit to OSS Fuzz
2017-07-29 16:29:11 +02:00
9906fbf737
Avoid assertion in opj_j2k_merge_ppt() in case premature EOC is encountered in opj_j2k_read_tile_header(). Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2785 . Credit to OSS Fuzz
2017-07-29 16:22:36 +02:00
71b4f5b124
opj_pi_next_pcrl(): avoid undefined shift behaviour. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2787 . Credit to OSS Fuzz
2017-07-29 15:52:11 +02:00
d6654d906c
opj_int_ceildiv(): fix int32 overflow. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2494 . Credit to OSS Fuzz
2017-07-28 22:15:47 +02:00
361c4506fd
opj_tcd_dc_level_shift_decode(): avoid int overflow. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2516 . Credit to OSS Fuzz
2017-07-28 22:06:26 +02:00
Even Rouault
Even Rouault
Stefan Weil
Antonin Descampe
szukw000