Hugo Lefeuvre
0bc90e4062
jp3d/jpwl convert: fix write stack buffer overflow
...
Missing buffer length formatter in fscanf call might lead to write
stack buffer overflow.
fixes #1044 (CVE-2017-17480)
2018-11-01 09:05:26 +01:00
Stefan Weil
948332e6ed
Fix some potential overflow issues ( #1161 )
...
* Fix some potential overflow issues
Put sizeof to the beginning of the multiplication to enforce that
size_t instead of smaller integer types is used for the calculation.
This fixes warnings from LGTM:
Multiplication result may overflow 'unsigned int'
before it is converted to 'unsigned long'.
It also allows removing some type casts.
Signed-off-by: Stefan Weil <sw@weilnetz.de>
* Fix code indentation
Signed-off-by: Stefan Weil <sw@weilnetz.de>
2018-10-31 20:44:30 +01:00
Nikola Forró
943db0f1c2
Fix several memory and resource leaks
...
Signed-off-by: Nikola Forró <nforro@redhat.com>
2018-10-31 16:16:22 +01:00
Even Rouault
cd900d9661
opj_thread_pool_setup(): fix infinite waiting if a thread creation failed
2018-10-18 11:45:45 +02:00
Even Rouault
0e6a5553cf
Merge pull request #1148 from hlef/master
...
CVE-2018-5785: fix issues with zero bitmasks
2018-09-22 23:54:12 +02:00
Even Rouault
8fc09e50e5
opj_jp2_apply_pclr(): remove useless assert that can trigger on some files ( fixes #1125 )
2018-09-22 23:47:56 +02:00
Even Rouault
aaf48ee6ba
Merge branch 'pr1095'
2018-09-22 23:12:50 +02:00
Karol Babioch
cc3824767b
opj_mj2_extract: Check provided output prefix for length
...
This uses snprintf() with correct buffer length instead of sprintf(), which
prevents a buffer overflow when providing a long output prefix. Furthermore
the program exits with an error when the provided output prefix is too long.
Fixes #1088 .
2018-09-22 23:12:39 +02:00
Even Rouault
ee827ad3f3
Merge branch 'pr1107'
2018-09-22 23:05:54 +02:00
szukw000
1eb9a57ac1
opj_mj2_extract: Avoid segfault for long filenames
2018-09-22 23:05:38 +02:00
Even Rouault
5d94bcd89c
Merge pull request #1136 from reverson/master
...
Cast on uint ceildiv
2018-09-22 22:59:36 +02:00
Even Rouault
b54c06fb35
Merge pull request #1119 from stweil/ssize_t
...
Use local type declaration for POSIX standard type only for MS compiler
2018-09-22 22:59:17 +02:00
Even Rouault
17bbb0e23f
Merge pull request #1128 from stweil/typos
...
Fix some typos in code comments and documentation
2018-09-22 22:55:33 +02:00
Even Rouault
c6ee006250
Merge pull request #1141 from szukw000/changes-in-pnmtoimage
...
Changes in pnmtoimage if image data are missing
2018-09-22 22:47:27 +02:00
Hugo Lefeuvre
ca16fe5501
convertbmp: fix issues with zero bitmasks
...
In the case where a BMP file declares compression 3 (BI_BITFIELDS)
with header size <= 56, all bitmask values keep their initialization
value 0. This may lead to various undefined behavior later e.g. when
doing 1 << (l_comp->prec - 1).
This issue does not affect files with bit count 16 because of a check
added in 16240e2
which sets default values to the color masks if they
are all 0.
This commit adds similar checks for the 32 bit case.
Also, if a BMP file declares compression 3 with header size >= 56 and
intentional 0 bitmasks, the same issue will be triggered in both the
16 and 32 bit count case.
This commit adds checks to bmp_read_info_header() rejecting BMP files
with "intentional" 0 bitmasks. These checks might be removed in the
future when proper handling of zero bitmasks will be available in
openjpeg2.
fixes #1057 (CVE-2018-5785)
2018-09-22 14:51:50 -04:00
Stefan Weil
31a03b390a
openjp2/jp2: Fix two format strings
...
Compiler warnings:
src/lib/openjp2/jp2.c:1008:35: warning:
too many arguments for format [-Wformat-extra-args]
src/lib/openjp2/j2k.c:1928:73: warning:
format ‘%d’ expects argument of type ‘int’, but argument 4 has type ‘OPJ_OFF_T {aka long int}’ [-Wformat=]
Signed-off-by: Stefan Weil <sw@weilnetz.de>
2018-09-05 21:52:43 +02:00
Stefan Weil
3d6ffaf3f3
Fix some typos in code comments and documentation
...
All typos were found by Codespell.
Signed-off-by: Stefan Weil <sw@weilnetz.de>
2018-09-05 20:01:10 +02:00
szukw000
98363e244e
Changes in pnmtoimage if image data are missing
2018-08-31 16:24:41 +02:00
Robert Everson
0fa7ebe254
Cast on uint ceildiv
2018-08-27 15:28:53 -07:00
Even Rouault
0c913b0aba
Avoid assertion when running opj_j2k_merge_ppt() several time due to e6674f7ed66abdb32a0be5944f618722b6a7b5d5 revert. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2785
2018-06-20 15:12:47 +02:00
Even Rouault
832dfd1866
Revert "Avoid assertion in opj_j2k_merge_ppt() in case premature EOC is encountered in opj_j2k_read_tile_header(). Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2785 . Credit to OSS Fuzz" ( fixes #1120 )
...
This reverts commit 9906fbf737
.
which broke decoding of images where TNsot == 0
2018-06-20 14:54:20 +02:00
Stefan Weil
4aaf52ec8d
Use local type declaration for POSIX standard type only for MS compiler
...
ssize_t is a POSIX type which is declared in POSIX include files.
Mingw-w64 provides it also for Windows.
Use the local declaration only with MS compilers.
Signed-off-by: Stefan Weil <sw@weilnetz.de>
2018-06-18 14:48:08 +02:00
Even Rouault
fd205f457b
opj_compress: try to make help message of -c switch clearer ( fixes #1117 )
2018-06-16 16:17:58 +02:00
Even Rouault
2c7eb4fed9
opj_compress: fix help message regarding default precinct size
2018-03-12 14:24:20 +01:00
Even Rouault
e98d0a20f0
Merge pull request #1094 from kbabioch/fix/missing-format-string-parameter
...
mj2: Add missing variable to format string in fprintf() invocation in meta_out.c
2018-03-04 23:16:04 +01:00
Even Rouault
31a347a9a0
Merge pull request #1096 from kbabioch/fix/opj_mj2_extract-help
...
opj_mj2_extract: Rename output_location to output_prefix
2018-03-04 23:13:45 +01:00
Karol Babioch
e351c22ee8
jp3d: Replace sprintf() by snprintf() in volumetobin()
...
This replaces the unsafe sprintf() invocation by the safer snprintf()
one, with the correct buffer size to prevent buffer overflows.
This fixes #1085 .
2018-03-03 10:11:39 +01:00
Karol Babioch
db6841a099
opj_mj2_extract: Rename output_location to output_prefix
...
This renames the argument in the help output, as the latter better describes
the the purpose of this argument.
2018-03-02 15:19:21 +01:00
Karol Babioch
d4d78272eb
mj2: Add missing variable to format string in fprintf() invocation in meta_out.c
...
This adds the appropriate variables to the invocation of fprintf(). They were
specified in the format string, but were missing in the actual call. This
fixes #1074 and #1075 .
2018-03-02 14:03:08 +01:00
Stefan Weil
b49fa93aa7
openjp3d: Convert ISO-8859 to UTF-8
...
Signed-off-by: Stefan Weil <sw@weilnetz.de>
2018-02-25 18:27:01 +01:00
Stefan Weil
244f52483d
jp3d: Convert ISO-8859 to UTF-8
...
Signed-off-by: Stefan Weil <sw@weilnetz.de>
2018-02-25 18:25:51 +01:00
Even Rouault
90b1bffa7e
Merge pull request #1080 from setharnold/patch-1
...
fix unchecked integer multiplication overflow
2018-02-25 18:21:23 +01:00
Even Rouault
06f7d41243
bench_dwt: fix wrong index in iteration (issue found by Fethi Migaou)
2018-02-18 14:38:16 +01:00
setharnold
24d08ff94a
fix unchecked integer multiplication overflow
...
Hello, this fixes an unchecked integer multiplication overflow. Thanks.
2018-02-14 17:46:38 -08:00
Even Rouault
da5e897232
Avoid out-of-bounds write overflow due to uint32 overflow computation on images with huge dimensions. Credit to Google Autofuzz project for providing test case
2018-02-11 13:31:04 +01:00
Campbell Barton
6941bc67cf
Note that seek uses SEEK_SET behavior.
2018-01-18 15:16:03 +11:00
Even Rouault
07d526e4cb
opj_t2_encode_packet(): disable setting empty packet header bit to 1 when there is an empty packet
...
This effectively reverts commit 2609fb8077
since it has been reported that
such packets cause decoding issues with cinema J2K hardware
decoders: https://groups.google.com/forum/#!topic/openjpeg/M7M_fLX_Bco
2018-01-08 09:38:44 +01:00
Stefan Weil
4841292b5d
Fix resource leak (CID 179466)
...
Coverity report:
CID 179466 (#1 of 1): Resource leak (RESOURCE_LEAK)
93. leaked_storage: Variable name going out of scope leaks the storage it points to.
Signed-off-by: Stefan Weil <sw@weilnetz.de>
2017-12-15 16:49:33 +01:00
Even Rouault
98cfdd3134
opj_j2k_read_cod: remove check for 'No more than one COD marker per tile' ( fixes #1043 )
...
This check was added per daed8cc919
to fix https://github.com/uclouvain/openjpeg/issues/476 , but it does not seem
to be necessary with latest master (issue476.jp2 doesn't cause memory issues),
and breaks reading legit files.
2017-11-30 14:48:34 +01:00
Even Rouault
936910cf7a
Fix typo in comments
2017-11-30 14:26:17 +01:00
Andrew Murray
157a3d8408
Changed cmake version test to allow for cmake 2.8.11.x
2017-11-14 21:45:09 +11:00
Gregory Fiumara
10d22ec26d
Add missing fclose() statement in error condition.
2017-10-20 15:31:45 -04:00
Even Rouault
be6ea90e13
opj_j2k_set_threads(): add sanity check to error out if called after opj_read_header()
2017-10-12 01:16:23 +02:00
Even Rouault
b8bf9bf789
Improve doc of opj_codec_set_threads()
2017-10-12 01:05:04 +02:00
Even Rouault
66297f07a4
Unix build: fix regression of 2.3.0 where a shared-only or static-only build lacks the installation target for the library ( #1019 , fixes regression introduced by 3dfc6ca2bc
)
2017-10-09 11:40:43 +02:00
Even Rouault
e8b6b54d1f
opj_decompress -h: document -threads ALL_CPUS
2017-10-06 19:25:07 +02:00
Antonin Descampe
d45ccb048b
Merge pull request #1022 from rouault/partial_component_decoding
...
Add capability to decode only a subset of all components of an image.
2017-09-26 18:30:20 -03:00
Stefan Weil
f92d30f9e7
Add missing newline at end of file
...
This fixes warnings from the clang compiler:
/openjpeg/src/lib/openjp2/sparse_array.h:141:32: warning:
no newline at end of file [-Wnewline-eof]
Signed-off-by: Stefan Weil <sw@weilnetz.de>
2017-09-21 17:37:07 +02:00
Even Rouault
4c8aba2add
Add assertion
2017-09-21 14:37:01 +02:00
Even Rouault
113e0976e2
Comment dead code (Coverity CID 94681)
2017-09-21 14:14:32 +02:00
Even Rouault
39082fc665
Workaround Coverity CID 113061
2017-09-21 14:13:16 +02:00
Even Rouault
7711307d86
Workaround Coverity CID 169392
2017-09-21 14:10:49 +02:00
Even Rouault
19e157871f
opj_j2k_get_default_thread_count(): validate value of OPJ_NUM_THREADS to fix Coverity 179465 and 179463
2017-09-21 14:06:03 +02:00
Even Rouault
68e596dada
Fix copy&paste error (Coverity CID 169394)
2017-09-21 13:54:14 +02:00
Even Rouault
16b701659d
opj_decompress: add a warning when -d and -t are used together ( #693 )
2017-09-20 01:06:02 +02:00
Even Rouault
b8c4b450c4
Use a #define J2K_MAX_POCS 32 to avoid hard-coded constant ( #349 )
2017-09-20 00:55:22 +02:00
Even Rouault
9cba05762d
Avoid index-out-of-bounds access when invoking opj_compress with -n 11 or higher. But not a proper fix itself (refs #493 )
2017-09-20 00:43:54 +02:00
Even Rouault
8df07d5866
Avoid relying on operator precedence (raised by cppcheck)
2017-09-19 18:35:52 +02:00
Even Rouault
c22ea12219
Workaroudn cppcheck (correct) warning about same code in then and else branches
2017-09-19 18:35:31 +02:00
Even Rouault
c84e594cff
Fix badly named variable in function prototype (raised by cppcheck)
2017-09-19 18:35:07 +02:00
Even Rouault
82ab7effe3
Remove redundant test (raised by cppcheck)
2017-09-19 18:34:49 +02:00
Even Rouault
ce8edf9bff
Replace C++ style comments by C ones
2017-09-19 18:25:55 +02:00
Even Rouault
d415723fd9
Replace C++ style comments by C ones
2017-09-19 18:22:07 +02:00
Even Rouault
e17bbde906
opj_set_decoded_components(): add a provision for a apply_color_transforms parameter in case we support it in the future
2017-09-19 17:48:07 +02:00
Even Rouault
7e2b6bebff
Add capability to decode only a subset of all components of an image.
...
This adds a opj_set_decoded_components(opj_codec_t *p_codec,
OPJ_UINT32 numcomps, const OPJ_UINT32* comps_indices) function,
and equivalent "opj_decompress -c compno[,compno]*" option.
When specified, neither the MCT transform nor JP2 channel transformations
will be applied.
Tests added for various combinations of whole image vs tiled-based decoding,
full or reduced resolution, use of decode area or not.
2017-09-19 17:06:19 +02:00
Even Rouault
ce199f42e7
src/bin/jp3d/convert.c: add missing fclose() in error code path ( #1018 )
2017-09-19 12:48:12 +02:00
Even Rouault
fdef69b43c
Fix warnings and errors when compiling with a c++ compiler ( #1021 )
2017-09-19 12:46:20 +02:00
Even Rouault
18f6696372
Fix compilation with AppleClang 8.1.0.8020042 ( #1020 )
2017-09-19 12:13:34 +02:00
Even Rouault
3dfc6ca2bc
Build: make sure that -DBUILD_SHARED_LIBS:bool=off is honoured to build only the static lib ( #1019 )
2017-09-17 12:17:49 +02:00
Even Rouault
28094e1ebf
opj_tcd_mct_decode(): avoid heap buffer overflow when components have not the same number of resolutions. Also fixes an issue with subtile decoding. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3331 . Credit to OSS Fuzz
2017-09-08 10:56:49 +02:00
Even Rouault
33167ddc13
opj_j2k_update_image_data(): restrict optimized path
2017-09-08 09:53:52 +02:00
Even Rouault
b73ce715d2
Use opj_image_data_free() where appropriate (adapted from dab9db0723
, #1014 )
2017-09-08 09:16:51 +02:00
Even Rouault
5abd86b14b
Properly fix cc893a4ebf
to avoid heap-buffer-overflow when numcomps < 3
2017-09-07 18:01:33 +02:00
Even Rouault
51a1dcaa6e
Avoid malloc poisoning issue when including <pthread.h> of uclibc ( #1013 )
2017-09-07 17:52:59 +02:00
Even Rouault
cc893a4ebf
opj_tcd_mct_decode(): fix checks to verify MCT can be done safely. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3305 (master only)
2017-09-07 15:32:54 +02:00
Even Rouault
c67e1cd73f
Fix invalid access out of bounds, and bad behaviour, when calling repeatdly opj_get_decoded_tile() on an image with a color palette
2017-09-06 17:33:38 +02:00
Even Rouault
297f202104
Fix 2.2.0 regression when reading codestream with reperated calls to opj_get_decoded_tile() where tile parts of a same tile are not consecutive
...
This check was introduced per #939 , but relied on the incorrect assumption
we decode all the tile parts of all tiles.
2017-09-06 16:49:28 +02:00
Even Rouault
003759a482
Fix null pointer dereference on partial tile decoding when they are empty. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3297 (master only)
2017-09-06 15:59:19 +02:00
Even Rouault
968e36bbd9
Merge pull request #1010 from rouault/subtile_decoding_stage3
...
Subtile decoding: memory use reduction and perf improvements
2017-09-05 22:18:58 +02:00
Even Rouault
579b8937ea
Replace uses of size_t by OPJ_SIZE_T
2017-09-04 17:35:52 +02:00
Even Rouault
3a382d3123
opj_getopt.c: avoid crash on invalid input ( #301 )
2017-09-03 00:30:36 +02:00
Even Rouault
e5ab1682a1
Improve error message when specifying a too big cp_reduce parameter ( #474 )
2017-09-02 09:10:53 +02:00
Even Rouault
c1e0fba0c4
opj_v4dwt_decode_step1_sse(): rework a bit to improve code generation
2017-09-01 22:23:29 +02:00
Even Rouault
676d4c807f
opj_j2k_update_image_data(): avoid allocating image buffer if we can just reuse the tile buffer one
2017-09-01 22:23:29 +02:00
Even Rouault
4c7effa6bc
opj_t1_clbl_decode_processor(): use SSE2 in subtile decoding code path, for irreversible
2017-09-01 22:23:29 +02:00
Even Rouault
2c365fe0ec
Replace error message 'Not enough memory for tile data' by 'Size of tile data exceeds system limits' (refs https://github.com/uclouvain/openjpeg/pull/730#issuecomment-326654188 )
2017-09-01 22:23:29 +02:00
Even Rouault
559d16e8f4
opj_t1_decode_cblk(): move some code to codeblock processor for (theoretical) better multi-threading in subtile decoding
2017-09-01 22:23:29 +02:00
Even Rouault
7017e67a01
sparse_array: optimizations for lossy case
2017-09-01 22:23:29 +02:00
Even Rouault
b428b8c7e7
opj_tcd_rateallocate(): make sure to use all passes for a lossless layer ( #1009 )
...
And save a useless loop, which should be a tiny faster.
2017-09-01 20:02:09 +02:00
Even Rouault
7aa071aa27
opj_j2k_setup_encoder(): emit warnings if tcp_rates are not decreasing or tcp_distoratio are not increasing ( #1009 )
2017-09-01 19:49:01 +02:00
Even Rouault
a538815c77
opj_j2k_setup_encoder(): avoid potential int overflow in computations related to max_cs_size
2017-09-01 19:27:56 +02:00
Even Rouault
09929bb615
opj_compress help: revert 3257261776
and indicate 1 again as being the value to get lossless for -r. In opj_j2k_setup_encoder(), make sure that ll rates[] <= 1.0 are set to 0. Document 0 as being lossless for -q / tcp_distoratio ( #1009 )
2017-09-01 19:16:35 +02:00
Even Rouault
3257261776
opj_compress help: indicate 0 value, instead of 1, for -r parameter to get lossless encoding ( #1009 )
2017-09-01 17:33:23 +02:00
Even Rouault
8a17be8945
opj_v4dwt_decode_step2_sse(): loop unroll
2017-09-01 16:31:08 +02:00
Even Rouault
83b5a168ec
opj_dwt_decode_partial_97(): simplify/more efficient use of sparse arrays in vertical pass
2017-09-01 16:31:06 +02:00
Even Rouault
ae19001ba4
opj_tcd_dc_level_shift_decode(): optimize lossy case
2017-09-01 16:31:04 +02:00
Even Rouault
470f3ed416
opj_dwt_decode_partial_1_parallel(): add SSE2 optimization
2017-09-01 16:31:02 +02:00
Even Rouault
873004c615
Sub-tile decoding: speed up vertical pass in IDWT5x3 by processing 4 cols at a time
2017-09-01 16:31:00 +02:00
Even Rouault
ccac773556
Tiny perf improvement in T1 stage for subtile decoding
2017-09-01 16:30:58 +02:00
Even Rouault
82a43d8035
Optimize opj_dwt_decode_partial_1() when cas == 0
2017-09-01 16:30:54 +02:00