Commit Graph

1037 Commits

Author SHA1 Message Date
Hugo Lefeuvre 0bc90e4062 jp3d/jpwl convert: fix write stack buffer overflow
Missing buffer length formatter in fscanf call might lead to write
stack buffer overflow.

fixes #1044 (CVE-2017-17480)
2018-11-01 09:05:26 +01:00
Stefan Weil 948332e6ed Fix some potential overflow issues (#1161)
* Fix some potential overflow issues

Put sizeof to the beginning of the multiplication to enforce that
size_t instead of smaller integer types is used for the calculation.

This fixes warnings from LGTM:

    Multiplication result may overflow 'unsigned int'
    before it is converted to 'unsigned long'.

It also allows removing some type casts.

Signed-off-by: Stefan Weil <sw@weilnetz.de>

* Fix code indentation

Signed-off-by: Stefan Weil <sw@weilnetz.de>
2018-10-31 20:44:30 +01:00
Nikola Forró 943db0f1c2 Fix several memory and resource leaks
Signed-off-by: Nikola Forró <nforro@redhat.com>
2018-10-31 16:16:22 +01:00
Even Rouault cd900d9661
opj_thread_pool_setup(): fix infinite waiting if a thread creation failed 2018-10-18 11:45:45 +02:00
Even Rouault 0e6a5553cf
Merge pull request #1148 from hlef/master
CVE-2018-5785: fix issues with zero bitmasks
2018-09-22 23:54:12 +02:00
Even Rouault 8fc09e50e5
opj_jp2_apply_pclr(): remove useless assert that can trigger on some files (fixes #1125) 2018-09-22 23:47:56 +02:00
Even Rouault aaf48ee6ba
Merge branch 'pr1095' 2018-09-22 23:12:50 +02:00
Karol Babioch cc3824767b
opj_mj2_extract: Check provided output prefix for length
This uses snprintf() with correct buffer length instead of sprintf(), which
prevents a buffer overflow when providing a long output prefix. Furthermore
the program exits with an error when the provided output prefix is too long.

Fixes #1088.
2018-09-22 23:12:39 +02:00
Even Rouault ee827ad3f3
Merge branch 'pr1107' 2018-09-22 23:05:54 +02:00
szukw000 1eb9a57ac1
opj_mj2_extract: Avoid segfault for long filenames 2018-09-22 23:05:38 +02:00
Even Rouault 5d94bcd89c
Merge pull request #1136 from reverson/master
Cast on uint ceildiv
2018-09-22 22:59:36 +02:00
Even Rouault b54c06fb35
Merge pull request #1119 from stweil/ssize_t
Use local type declaration for POSIX standard type only for MS compiler
2018-09-22 22:59:17 +02:00
Even Rouault 17bbb0e23f
Merge pull request #1128 from stweil/typos
Fix some typos in code comments and documentation
2018-09-22 22:55:33 +02:00
Even Rouault c6ee006250
Merge pull request #1141 from szukw000/changes-in-pnmtoimage
Changes in pnmtoimage if image data are missing
2018-09-22 22:47:27 +02:00
Hugo Lefeuvre ca16fe5501 convertbmp: fix issues with zero bitmasks
In the case where a BMP file declares compression 3 (BI_BITFIELDS)
with header size <= 56, all bitmask values keep their initialization
value 0. This may lead to various undefined behavior later e.g. when
doing 1 << (l_comp->prec - 1).

This issue does not affect files with bit count 16 because of a check
added in 16240e2 which sets default values to the color masks if they
are all 0.

This commit adds similar checks for the 32 bit case.

Also, if a BMP file declares compression 3 with header size >= 56 and
intentional 0 bitmasks, the same issue will be triggered in both the
16 and 32 bit count case.

This commit adds checks to bmp_read_info_header() rejecting BMP files
with "intentional" 0 bitmasks. These checks might be removed in the
future when proper handling of zero bitmasks will be available in
openjpeg2.

fixes #1057 (CVE-2018-5785)
2018-09-22 14:51:50 -04:00
Stefan Weil 31a03b390a openjp2/jp2: Fix two format strings
Compiler warnings:

src/lib/openjp2/jp2.c:1008:35: warning:
 too many arguments for format [-Wformat-extra-args]
src/lib/openjp2/j2k.c:1928:73: warning:
 format ‘%d’ expects argument of type ‘int’, but argument 4 has type ‘OPJ_OFF_T {aka long int}’ [-Wformat=]

Signed-off-by: Stefan Weil <sw@weilnetz.de>
2018-09-05 21:52:43 +02:00
Stefan Weil 3d6ffaf3f3 Fix some typos in code comments and documentation
All typos were found by Codespell.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
2018-09-05 20:01:10 +02:00
szukw000 98363e244e Changes in pnmtoimage if image data are missing 2018-08-31 16:24:41 +02:00
Robert Everson 0fa7ebe254 Cast on uint ceildiv 2018-08-27 15:28:53 -07:00
Even Rouault 0c913b0aba
Avoid assertion when running opj_j2k_merge_ppt() several time due to e6674f7ed66abdb32a0be5944f618722b6a7b5d5 revert. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2785 2018-06-20 15:12:47 +02:00
Even Rouault 832dfd1866
Revert "Avoid assertion in opj_j2k_merge_ppt() in case premature EOC is encountered in opj_j2k_read_tile_header(). Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2785. Credit to OSS Fuzz" (fixes #1120)
This reverts commit 9906fbf737.
which broke decoding of images where TNsot == 0
2018-06-20 14:54:20 +02:00
Stefan Weil 4aaf52ec8d Use local type declaration for POSIX standard type only for MS compiler
ssize_t is a POSIX type which is declared in POSIX include files.
Mingw-w64 provides it also for Windows.

Use the local declaration only with MS compilers.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
2018-06-18 14:48:08 +02:00
Even Rouault fd205f457b
opj_compress: try to make help message of -c switch clearer (fixes #1117) 2018-06-16 16:17:58 +02:00
Even Rouault 2c7eb4fed9 opj_compress: fix help message regarding default precinct size 2018-03-12 14:24:20 +01:00
Even Rouault e98d0a20f0
Merge pull request #1094 from kbabioch/fix/missing-format-string-parameter
mj2: Add missing variable to format string in fprintf() invocation in meta_out.c
2018-03-04 23:16:04 +01:00
Even Rouault 31a347a9a0
Merge pull request #1096 from kbabioch/fix/opj_mj2_extract-help
opj_mj2_extract: Rename output_location to output_prefix
2018-03-04 23:13:45 +01:00
Karol Babioch e351c22ee8 jp3d: Replace sprintf() by snprintf() in volumetobin()
This replaces the unsafe sprintf() invocation by the safer snprintf()
one, with the correct buffer size to prevent buffer overflows.

This fixes #1085.
2018-03-03 10:11:39 +01:00
Karol Babioch db6841a099 opj_mj2_extract: Rename output_location to output_prefix
This renames the argument in the help output, as the latter better describes
the the purpose of this argument.
2018-03-02 15:19:21 +01:00
Karol Babioch d4d78272eb mj2: Add missing variable to format string in fprintf() invocation in meta_out.c
This adds the appropriate variables to the invocation of fprintf(). They were
specified in the format string, but were missing in the actual call. This
fixes #1074 and #1075.
2018-03-02 14:03:08 +01:00
Stefan Weil b49fa93aa7 openjp3d: Convert ISO-8859 to UTF-8
Signed-off-by: Stefan Weil <sw@weilnetz.de>
2018-02-25 18:27:01 +01:00
Stefan Weil 244f52483d jp3d: Convert ISO-8859 to UTF-8
Signed-off-by: Stefan Weil <sw@weilnetz.de>
2018-02-25 18:25:51 +01:00
Even Rouault 90b1bffa7e
Merge pull request #1080 from setharnold/patch-1
fix unchecked integer multiplication overflow
2018-02-25 18:21:23 +01:00
Even Rouault 06f7d41243 bench_dwt: fix wrong index in iteration (issue found by Fethi Migaou) 2018-02-18 14:38:16 +01:00
setharnold 24d08ff94a
fix unchecked integer multiplication overflow
Hello, this fixes an unchecked integer multiplication overflow. Thanks.
2018-02-14 17:46:38 -08:00
Even Rouault da5e897232 Avoid out-of-bounds write overflow due to uint32 overflow computation on images with huge dimensions. Credit to Google Autofuzz project for providing test case 2018-02-11 13:31:04 +01:00
Campbell Barton 6941bc67cf
Note that seek uses SEEK_SET behavior. 2018-01-18 15:16:03 +11:00
Even Rouault 07d526e4cb opj_t2_encode_packet(): disable setting empty packet header bit to 1 when there is an empty packet
This effectively reverts commit 2609fb8077
since it has been reported that
such packets cause decoding issues with cinema J2K hardware
decoders: https://groups.google.com/forum/#!topic/openjpeg/M7M_fLX_Bco
2018-01-08 09:38:44 +01:00
Stefan Weil 4841292b5d Fix resource leak (CID 179466)
Coverity report:

CID 179466 (#1 of 1): Resource leak (RESOURCE_LEAK)
93. leaked_storage: Variable name going out of scope leaks the storage it points to.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
2017-12-15 16:49:33 +01:00
Even Rouault 98cfdd3134 opj_j2k_read_cod: remove check for 'No more than one COD marker per tile' (fixes #1043)
This check was added per daed8cc919
to fix https://github.com/uclouvain/openjpeg/issues/476 , but it does not seem
to be necessary with latest master (issue476.jp2 doesn't cause memory issues),
and breaks reading legit files.
2017-11-30 14:48:34 +01:00
Even Rouault 936910cf7a Fix typo in comments 2017-11-30 14:26:17 +01:00
Andrew Murray 157a3d8408 Changed cmake version test to allow for cmake 2.8.11.x 2017-11-14 21:45:09 +11:00
Gregory Fiumara 10d22ec26d Add missing fclose() statement in error condition. 2017-10-20 15:31:45 -04:00
Even Rouault be6ea90e13 opj_j2k_set_threads(): add sanity check to error out if called after opj_read_header() 2017-10-12 01:16:23 +02:00
Even Rouault b8bf9bf789 Improve doc of opj_codec_set_threads() 2017-10-12 01:05:04 +02:00
Even Rouault 66297f07a4 Unix build: fix regression of 2.3.0 where a shared-only or static-only build lacks the installation target for the library (#1019, fixes regression introduced by 3dfc6ca2bc) 2017-10-09 11:40:43 +02:00
Even Rouault e8b6b54d1f opj_decompress -h: document -threads ALL_CPUS 2017-10-06 19:25:07 +02:00
Antonin Descampe d45ccb048b Merge pull request #1022 from rouault/partial_component_decoding
Add capability to decode only a subset of all components of an image.
2017-09-26 18:30:20 -03:00
Stefan Weil f92d30f9e7 Add missing newline at end of file
This fixes warnings from the clang compiler:

/openjpeg/src/lib/openjp2/sparse_array.h:141:32: warning:
 no newline at end of file [-Wnewline-eof]

Signed-off-by: Stefan Weil <sw@weilnetz.de>
2017-09-21 17:37:07 +02:00
Even Rouault 4c8aba2add Add assertion 2017-09-21 14:37:01 +02:00
Even Rouault 113e0976e2 Comment dead code (Coverity CID 94681) 2017-09-21 14:14:32 +02:00
Even Rouault 39082fc665 Workaround Coverity CID 113061 2017-09-21 14:13:16 +02:00
Even Rouault 7711307d86 Workaround Coverity CID 169392 2017-09-21 14:10:49 +02:00
Even Rouault 19e157871f opj_j2k_get_default_thread_count(): validate value of OPJ_NUM_THREADS to fix Coverity 179465 and 179463 2017-09-21 14:06:03 +02:00
Even Rouault 68e596dada Fix copy&paste error (Coverity CID 169394) 2017-09-21 13:54:14 +02:00
Even Rouault 16b701659d opj_decompress: add a warning when -d and -t are used together (#693) 2017-09-20 01:06:02 +02:00
Even Rouault b8c4b450c4 Use a #define J2K_MAX_POCS 32 to avoid hard-coded constant (#349) 2017-09-20 00:55:22 +02:00
Even Rouault 9cba05762d Avoid index-out-of-bounds access when invoking opj_compress with -n 11 or higher. But not a proper fix itself (refs #493) 2017-09-20 00:43:54 +02:00
Even Rouault 8df07d5866 Avoid relying on operator precedence (raised by cppcheck) 2017-09-19 18:35:52 +02:00
Even Rouault c22ea12219 Workaroudn cppcheck (correct) warning about same code in then and else branches 2017-09-19 18:35:31 +02:00
Even Rouault c84e594cff Fix badly named variable in function prototype (raised by cppcheck) 2017-09-19 18:35:07 +02:00
Even Rouault 82ab7effe3 Remove redundant test (raised by cppcheck) 2017-09-19 18:34:49 +02:00
Even Rouault ce8edf9bff Replace C++ style comments by C ones 2017-09-19 18:25:55 +02:00
Even Rouault d415723fd9 Replace C++ style comments by C ones 2017-09-19 18:22:07 +02:00
Even Rouault e17bbde906 opj_set_decoded_components(): add a provision for a apply_color_transforms parameter in case we support it in the future 2017-09-19 17:48:07 +02:00
Even Rouault 7e2b6bebff Add capability to decode only a subset of all components of an image.
This adds a opj_set_decoded_components(opj_codec_t *p_codec,
OPJ_UINT32 numcomps, const OPJ_UINT32* comps_indices) function,
and equivalent "opj_decompress -c compno[,compno]*" option.

When specified, neither the MCT transform nor JP2 channel transformations
will be applied.

Tests added for various combinations of whole image vs tiled-based decoding,
full or reduced resolution, use of decode area or not.
2017-09-19 17:06:19 +02:00
Even Rouault ce199f42e7 src/bin/jp3d/convert.c: add missing fclose() in error code path (#1018) 2017-09-19 12:48:12 +02:00
Even Rouault fdef69b43c Fix warnings and errors when compiling with a c++ compiler (#1021) 2017-09-19 12:46:20 +02:00
Even Rouault 18f6696372 Fix compilation with AppleClang 8.1.0.8020042 (#1020) 2017-09-19 12:13:34 +02:00
Even Rouault 3dfc6ca2bc Build: make sure that -DBUILD_SHARED_LIBS:bool=off is honoured to build only the static lib (#1019) 2017-09-17 12:17:49 +02:00
Even Rouault 28094e1ebf opj_tcd_mct_decode(): avoid heap buffer overflow when components have not the same number of resolutions. Also fixes an issue with subtile decoding. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3331. Credit to OSS Fuzz 2017-09-08 10:56:49 +02:00
Even Rouault 33167ddc13 opj_j2k_update_image_data(): restrict optimized path 2017-09-08 09:53:52 +02:00
Even Rouault b73ce715d2 Use opj_image_data_free() where appropriate (adapted from dab9db0723, #1014) 2017-09-08 09:16:51 +02:00
Even Rouault 5abd86b14b Properly fix cc893a4ebf to avoid heap-buffer-overflow when numcomps < 3 2017-09-07 18:01:33 +02:00
Even Rouault 51a1dcaa6e Avoid malloc poisoning issue when including <pthread.h> of uclibc (#1013) 2017-09-07 17:52:59 +02:00
Even Rouault cc893a4ebf opj_tcd_mct_decode(): fix checks to verify MCT can be done safely. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3305 (master only) 2017-09-07 15:32:54 +02:00
Even Rouault c67e1cd73f Fix invalid access out of bounds, and bad behaviour, when calling repeatdly opj_get_decoded_tile() on an image with a color palette 2017-09-06 17:33:38 +02:00
Even Rouault 297f202104 Fix 2.2.0 regression when reading codestream with reperated calls to opj_get_decoded_tile() where tile parts of a same tile are not consecutive
This check was introduced per #939, but relied on the incorrect assumption
we decode all the tile parts of all tiles.
2017-09-06 16:49:28 +02:00
Even Rouault 003759a482 Fix null pointer dereference on partial tile decoding when they are empty. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3297 (master only) 2017-09-06 15:59:19 +02:00
Even Rouault 968e36bbd9 Merge pull request #1010 from rouault/subtile_decoding_stage3
Subtile decoding: memory use reduction and perf improvements
2017-09-05 22:18:58 +02:00
Even Rouault 579b8937ea Replace uses of size_t by OPJ_SIZE_T 2017-09-04 17:35:52 +02:00
Even Rouault 3a382d3123 opj_getopt.c: avoid crash on invalid input (#301) 2017-09-03 00:30:36 +02:00
Even Rouault e5ab1682a1 Improve error message when specifying a too big cp_reduce parameter (#474) 2017-09-02 09:10:53 +02:00
Even Rouault c1e0fba0c4 opj_v4dwt_decode_step1_sse(): rework a bit to improve code generation 2017-09-01 22:23:29 +02:00
Even Rouault 676d4c807f opj_j2k_update_image_data(): avoid allocating image buffer if we can just reuse the tile buffer one 2017-09-01 22:23:29 +02:00
Even Rouault 4c7effa6bc opj_t1_clbl_decode_processor(): use SSE2 in subtile decoding code path, for irreversible 2017-09-01 22:23:29 +02:00
Even Rouault 2c365fe0ec Replace error message 'Not enough memory for tile data' by 'Size of tile data exceeds system limits' (refs https://github.com/uclouvain/openjpeg/pull/730#issuecomment-326654188) 2017-09-01 22:23:29 +02:00
Even Rouault 559d16e8f4 opj_t1_decode_cblk(): move some code to codeblock processor for (theoretical) better multi-threading in subtile decoding 2017-09-01 22:23:29 +02:00
Even Rouault 7017e67a01 sparse_array: optimizations for lossy case 2017-09-01 22:23:29 +02:00
Even Rouault b428b8c7e7 opj_tcd_rateallocate(): make sure to use all passes for a lossless layer (#1009)
And save a useless loop, which should be a tiny faster.
2017-09-01 20:02:09 +02:00
Even Rouault 7aa071aa27 opj_j2k_setup_encoder(): emit warnings if tcp_rates are not decreasing or tcp_distoratio are not increasing (#1009) 2017-09-01 19:49:01 +02:00
Even Rouault a538815c77 opj_j2k_setup_encoder(): avoid potential int overflow in computations related to max_cs_size 2017-09-01 19:27:56 +02:00
Even Rouault 09929bb615 opj_compress help: revert 3257261776 and indicate 1 again as being the value to get lossless for -r. In opj_j2k_setup_encoder(), make sure that ll rates[] <= 1.0 are set to 0. Document 0 as being lossless for -q / tcp_distoratio (#1009) 2017-09-01 19:16:35 +02:00
Even Rouault 3257261776 opj_compress help: indicate 0 value, instead of 1, for -r parameter to get lossless encoding (#1009) 2017-09-01 17:33:23 +02:00
Even Rouault 8a17be8945 opj_v4dwt_decode_step2_sse(): loop unroll 2017-09-01 16:31:08 +02:00
Even Rouault 83b5a168ec opj_dwt_decode_partial_97(): simplify/more efficient use of sparse arrays in vertical pass 2017-09-01 16:31:06 +02:00
Even Rouault ae19001ba4 opj_tcd_dc_level_shift_decode(): optimize lossy case 2017-09-01 16:31:04 +02:00
Even Rouault 470f3ed416 opj_dwt_decode_partial_1_parallel(): add SSE2 optimization 2017-09-01 16:31:02 +02:00
Even Rouault 873004c615 Sub-tile decoding: speed up vertical pass in IDWT5x3 by processing 4 cols at a time 2017-09-01 16:31:00 +02:00
Even Rouault ccac773556 Tiny perf improvement in T1 stage for subtile decoding 2017-09-01 16:30:58 +02:00
Even Rouault 82a43d8035 Optimize opj_dwt_decode_partial_1() when cas == 0 2017-09-01 16:30:54 +02:00