Commit Graph

946 Commits

Author SHA1 Message Date
Even Rouault dcac91b8c7 opj_j2k_write_sot(): fix potential write heap buffer overflow (#991) 2017-08-16 17:09:10 +02:00
Even Rouault af76000771 tiftoimage(): fix read heap buffer overflow (#988)
The number of components is given only by TIFFTAG_SAMPLESPERPIXEL / tiSpp.
Querying TIFFTAG_EXTRASAMPLES only give information about which channel is
the alpha channel, but we mostly ignore it for now, so remove that part of the
code.
2017-08-16 13:36:52 +02:00
Even Rouault ab4de904e7 imagetotga(): fix read heap buffer overflow if numcomps < 3 (#987) 2017-08-16 13:11:36 +02:00
Even Rouault 9624b2fa47 opj_t2_encode_packet(): only emit an error about insufficiently large output buffer in FINAL_PASS mode. Fixes (master-only) regression added in 0b4fef6d19 2017-08-16 12:52:33 +02:00
Even Rouault 4241ae6fbb Fix assertion in debug mode / heap-based buffer overflow in opj_write_bytes_LE for Cinema profiles with numresolutions = 1 (#985) 2017-08-15 11:55:58 +02:00
Even Rouault 52d5690a6f Merge pull request #984 from stweil/const
Use more const qualifiers
2017-08-14 17:28:26 +02:00
Even Rouault baf0c1ad45 bmp_read_info_header(): reject bmp files with biBitCount == 0 (#983) 2017-08-14 17:26:58 +02:00
Even Rouault afb308b9cc Encoder: grow buffer size in opj_tcd_code_block_enc_allocate_data() to avoid write heap buffer overflow in opj_mqc_flush (#982) 2017-08-14 17:20:37 +02:00
Stefan Weil bc59410f25 Use const qualifier for mqc_states
This allows more compiler optimizations.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
2017-08-14 14:41:27 +02:00
Stefan Weil 10e6ce2c2c Use const qualifier for j2k_prog_order_list
This allows more compiler optimizations.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
2017-08-14 14:41:27 +02:00
szukw000 9f750884f9 Changes in converttif.c for PPC64 2017-08-11 00:06:23 +02:00
Even Rouault a35b489134 Fix argument order in error message of previous commit 2017-08-10 16:58:36 +02:00
Even Rouault 0b4fef6d19 Propagate event manager down to opj_t2_encode_packet() and use it to emit an error message when the output buffer is too small 2017-08-10 16:49:47 +02:00
Even Rouault a316f36dfc Fix crash on encoding if using opj_set_default_encoder_parameters() without defining tcp_numlayers 2017-08-10 14:43:16 +02:00
Even Rouault 26fe8f6043 Improve doc of opj_tccp_info_t::cblkw and cblkh 2017-08-10 11:45:49 +02:00
Even Rouault 4b16e8d27a Remove useless opj_tcd_t::enumcs field added per #975 2017-08-09 17:37:05 +02:00
Even Rouault 5e200452db Doc: fix error in previous commit 2017-08-09 15:04:29 +02:00
Even Rouault 9203e8ec51 tcd.h: doc fixes and improvements 2017-08-09 14:50:59 +02:00
Even Rouault 11b1ffb373 Document qmfbid values 2017-08-09 14:13:58 +02:00
Even Rouault ac375ac9f5 Partial revert BPC related check of #975 (#979)
PR #975 introduced a check that rejects images that have different bit depth/sign
per compoment in SIZ marker if the JP2 IHDR box has BPC != 255
This didn't work properly if decoding a .j2k file since the new bit added in
opj_cp_t wasn't initialized to the right value.
For clarity, tThis new bit has also been renamed to allow_different_bit_depth_sign

But looking closer at the code, it seems we were already tolerant to inconsistencies.
For example we parsed a JP2 BPCC box even if BPC != 255 (just a warning is emitted)
So failing hard in opj_j2k_read_siz() wouldn't be very inconsistent, and that
alone cannot protect against other issues, so just emit a warning if BPC != 255
and the SIZ marker contains different bit depth/sign per component.

Note: we could also check that the content of JP2 BPCC box is consistant with the one
of the SIZ marker.
2017-08-09 11:34:08 +02:00
Even Rouault c38bdbef4f opj_decompress: document -quiet option, and remove spurious newline output 2017-08-09 10:03:59 +02:00
Even Rouault 0eceb4494c src/bin/jpwl/convert.c pgxtoimage(): add missing fclose() (#977) 2017-08-09 09:50:39 +02:00
Even Rouault 5a560ebf51 imagetobmp: avoid shift by -1 (relates to #811) 2017-08-09 09:42:30 +02:00
Antonin Descampe 0c07950cb3 Fix remaining warning
format specifier mismatch in #975
2017-08-08 18:05:37 -07:00
Antonin Descampe 0394f8d0f1 Merge pull request #975 from szukw000/changes-for-afl-tests
Catch images broken by AFL
2017-08-08 16:51:54 -07:00
Even Rouault 92114694a4 Slight improvement in management of code block chunks
Instead of having the chunk array at the segment level, we can move it down to
the codeblock itself since segments are filled in sequential order.
Limit the number of memory allocation, and decrease slightly the memory usage.

On MAPA_005.jp2

n4: 1871312549 (heap allocation functions) malloc/new/new[], --alloc-fns, etc.
 n1: 1610689344 0x4E781E7: opj_aligned_malloc (opj_malloc.c:61)
  n1: 1610689344 0x4E71D1B: opj_alloc_tile_component_data (tcd.c:676)
   n1: 1610689344 0x4E726CF: opj_tcd_init_decode_tile (tcd.c:816)
    n1: 1610689344 0x4E4BE39: opj_j2k_read_tile_header (j2k.c:8617)
     n1: 1610689344 0x4E4C902: opj_j2k_decode_tiles (j2k.c:10348)
      n1: 1610689344 0x4E4E3CE: opj_j2k_decode (j2k.c:7846)
       n1: 1610689344 0x4E53002: opj_jp2_decode (jp2.c:1564)
        n0: 1610689344 0x40374E: main (opj_decompress.c:1459)
 n1: 219232541 0x4E4BC50: opj_j2k_read_tile_header (j2k.c:4683)
  n1: 219232541 0x4E4C902: opj_j2k_decode_tiles (j2k.c:10348)
   n1: 219232541 0x4E4E3CE: opj_j2k_decode (j2k.c:7846)
    n1: 219232541 0x4E53002: opj_jp2_decode (jp2.c:1564)
     n0: 219232541 0x40374E: main (opj_decompress.c:1459)
 n1: 23893200 0x4E72735: opj_tcd_init_decode_tile (tcd.c:1225)
  n1: 23893200 0x4E4BE39: opj_j2k_read_tile_header (j2k.c:8617)
   n1: 23893200 0x4E4C902: opj_j2k_decode_tiles (j2k.c:10348)
    n1: 23893200 0x4E4E3CE: opj_j2k_decode (j2k.c:7846)
     n1: 23893200 0x4E53002: opj_jp2_decode (jp2.c:1564)
      n0: 23893200 0x40374E: main (opj_decompress.c:1459)
 n0: 17497464 in 52 places, all below massif's threshold (1.00%)
2017-08-07 18:32:52 +02:00
Even Rouault ca34d13e76 Decoding: do not allocate memory for the codestream of each codeblock
Currently we allocate at least 8192 bytes for each codeblock, and copy
the relevant parts of the codestream in that per-codeblock buffer as we
decode packets.
As the whole codestream for the tile is ingested in memory and alive
during the decoding, we can directly point to it instead of copying. But
to do that, we need an intermediate concept, a 'chunk' of code-stream segment,
given that segments may be made of data at different places in the code-stream
when quality layers are used.

With that change, the decoding of MAPA_005.jp2 goes down from the previous
improvement of 2.7 GB down to 1.9 GB.

New profile:

n4: 1885648469 (heap allocation functions) malloc/new/new[], --alloc-fns, etc.
 n1: 1610689344 0x4E78287: opj_aligned_malloc (opj_malloc.c:61)
  n1: 1610689344 0x4E71D7B: opj_alloc_tile_component_data (tcd.c:676)
   n1: 1610689344 0x4E7272C: opj_tcd_init_decode_tile (tcd.c:816)
    n1: 1610689344 0x4E4BDD9: opj_j2k_read_tile_header (j2k.c:8618)
     n1: 1610689344 0x4E4C8A2: opj_j2k_decode_tiles (j2k.c:10349)
      n1: 1610689344 0x4E4E36E: opj_j2k_decode (j2k.c:7847)
       n1: 1610689344 0x4E52FA2: opj_jp2_decode (jp2.c:1564)
        n0: 1610689344 0x40374E: main (opj_decompress.c:1459)
 n1: 219232541 0x4E4BBF0: opj_j2k_read_tile_header (j2k.c:4685)
  n1: 219232541 0x4E4C8A2: opj_j2k_decode_tiles (j2k.c:10349)
   n1: 219232541 0x4E4E36E: opj_j2k_decode (j2k.c:7847)
    n1: 219232541 0x4E52FA2: opj_jp2_decode (jp2.c:1564)
     n0: 219232541 0x40374E: main (opj_decompress.c:1459)
 n1: 39822000 0x4E727A9: opj_tcd_init_decode_tile (tcd.c:1219)
  n1: 39822000 0x4E4BDD9: opj_j2k_read_tile_header (j2k.c:8618)
   n1: 39822000 0x4E4C8A2: opj_j2k_decode_tiles (j2k.c:10349)
    n1: 39822000 0x4E4E36E: opj_j2k_decode (j2k.c:7847)
     n1: 39822000 0x4E52FA2: opj_jp2_decode (jp2.c:1564)
      n0: 39822000 0x40374E: main (opj_decompress.c:1459)
 n0: 15904584 in 52 places, all below massif's threshold (1.00%)
2017-08-07 18:32:52 +02:00
Even Rouault 373520db30 Add documentation for magic values in the code 2017-08-07 18:32:52 +02:00
Even Rouault 434ace4ff7 opj_jp2_apply_pclr() also needs to use opj_image_data_alloc/opj_image_data_free 2017-08-07 18:32:52 +02:00
Even Rouault 0c1fc0593e Complementary fix to previous commit 2017-08-07 18:32:52 +02:00
Even Rouault f58aab9d6a Add opj_image_data_alloc() / opj_image_data_free()
As bin/common/color.c used to directly call malloc()/free(), we need
to export functions dedicated to allocating/freeing image component data.
2017-08-07 18:32:52 +02:00
Even Rouault 61fb5dd7f8 Fix crash on Windows due to b7594c0fcb9dd3aa6356d72c4a525d76168da689
b7594c0fcb9dd3aa6356d72c4a525d76168da689 may put opj_tcd_tilecomp_t->data
allocated by opj_alloc_tile_component_data() as the image->comps[].data. As
opj_alloc_tile_component_data() use opj_aligned_malloc() we must be sure to
ue opj_alined_malloc()/_free() in all places where we alloc/free
image->comps[].data.

Note: this might have some compatibility impact in case user code does itself
the allocation/free of image->comps[].data
2017-08-07 18:32:49 +02:00
Even Rouault 793edc38e4 Decrease memory consumption for whole image single tile decoding.
We can use the same buffer for the tile decoding and the final image, and
save the intermediate buffer to transfer between those.

Effect on the decoding of MAPA (9944 x 13498 x 3 components of size byte)

Peak memory from 4.5 GB to 2.7 GB

Now:
n5: 2699708767 (heap allocation functions) malloc/new/new[], --alloc-fns, etc.
 n1: 1610689344 0x4E77E07: opj_aligned_malloc (opj_malloc.c:61) <-- final image
  n1: 1610689344 0x4E7195B: opj_alloc_tile_component_data (tcd.c:676)
   n1: 1610689344 0x4E722D2: opj_tcd_init_decode_tile (tcd.c:816)
    n1: 1610689344 0x4E4BCF1: opj_j2k_read_tile_header (j2k.c:8597)
     n1: 1610689344 0x4E4C742: opj_j2k_decode_tiles (j2k.c:10324)
      n1: 1610689344 0x4E4E20E: opj_j2k_decode (j2k.c:7826)
       n1: 1610689344 0x4E52E42: opj_jp2_decode (jp2.c:1564)
        n0: 1610689344 0x40369E: main (opj_decompress.c:1459)
 n1: 815554560 0x4E72231: opj_tcd_init_decode_tile (tcd.c:1217) <-- working memory for code blocks: 9944*13498/64/64*8192*3
  n1: 815554560 0x4E4BCF1: opj_j2k_read_tile_header (j2k.c:8597)
   n1: 815554560 0x4E4C742: opj_j2k_decode_tiles (j2k.c:10324)
    n1: 815554560 0x4E4E20E: opj_j2k_decode (j2k.c:7826)
     n1: 815554560 0x4E52E42: opj_jp2_decode (jp2.c:1564)
      n0: 815554560 0x40369E: main (opj_decompress.c:1459)
 n1: 219758391 0x4E4C0BF: opj_j2k_read_tile_header (j2k.c:4661) <-- ingestion of code stream
  n1: 219758391 0x4E4C742: opj_j2k_decode_tiles (j2k.c:10324)
   n1: 219758391 0x4E4E20E: opj_j2k_decode (j2k.c:7826)
    n1: 219758391 0x4E52E42: opj_jp2_decode (jp2.c:1564)
     n0: 219758391 0x40369E: main (opj_decompress.c:1459)
 n1: 39822000 0x4E7224F: opj_tcd_init_decode_tile (tcd.c:1224) <-- OPJ_J2K_DEFAULT_NB_SEGS*sizeof(opj_tcd_seg_t) per codeblock
  n1: 39822000 0x4E4BCF1: opj_j2k_read_tile_header (j2k.c:8597)
   n1: 39822000 0x4E4C742: opj_j2k_decode_tiles (j2k.c:10324)
    n1: 39822000 0x4E4E20E: opj_j2k_decode (j2k.c:7826)
     n1: 39822000 0x4E52E42: opj_jp2_decode (jp2.c:1564)
      n0: 39822000 0x40369E: main (opj_decompress.c:1459)
 n0: 13884472 in 49 places, all below massif's threshold (1.00%)

Before:
n5: 4493329848 (heap allocation functions) malloc/new/new[], --alloc-fns, etc.
 n2: 1610709160 0x4E77C87: opj_aligned_malloc (opj_malloc.c:61)
  n1: 1610689344 0x4E717DB: opj_alloc_tile_component_data (tcd.c:676)
   n1: 1610689344 0x4E72152: opj_tcd_init_decode_tile (tcd.c:816)
    n1: 1610689344 0x4E4BCF1: opj_j2k_read_tile_header (j2k.c:8597)
     n1: 1610689344 0x4E4C64A: opj_j2k_decode_tiles (j2k.c:10318)
      n1: 1610689344 0x4E4E08E: opj_j2k_decode (j2k.c:7826)
       n1: 1610689344 0x4E52CC2: opj_jp2_decode (jp2.c:1564)
        n0: 1610689344 0x40369E: main (opj_decompress.c:1459)
  n0: 19816 in 2 places, all below massif's threshold (1.00%)
 n1: 1610689344 0x4E43F36: opj_j2k_update_image_data.isra.7 (j2k.c:8743)
  n1: 1610689344 0x4E4C5C1: opj_j2k_decode_tiles (j2k.c:10358)
   n1: 1610689344 0x4E4E08E: opj_j2k_decode (j2k.c:7826)
    n1: 1610689344 0x4E52CC2: opj_jp2_decode (jp2.c:1564)
     n0: 1610689344 0x40369E: main (opj_decompress.c:1459)
 n1: 815554560 0x4E720B1: opj_tcd_init_decode_tile (tcd.c:1217)
  n1: 815554560 0x4E4BCF1: opj_j2k_read_tile_header (j2k.c:8597)
   n1: 815554560 0x4E4C64A: opj_j2k_decode_tiles (j2k.c:10318)
    n1: 815554560 0x4E4E08E: opj_j2k_decode (j2k.c:7826)
     n1: 815554560 0x4E52CC2: opj_jp2_decode (jp2.c:1564)
      n0: 815554560 0x40369E: main (opj_decompress.c:1459)
 n1: 402672336 0x4E4C545: opj_j2k_decode_tiles (j2k.c:10336)
  n1: 402672336 0x4E4E08E: opj_j2k_decode (j2k.c:7826)
   n1: 402672336 0x4E52CC2: opj_jp2_decode (jp2.c:1564)
    n0: 402672336 0x40369E: main (opj_decompress.c:1459)
 n0: 53704448 in 58 places, all below massif's threshold (1.00%)
2017-08-07 18:18:53 +02:00
szukw000 bc3cb74100 Changes for converttif.c to fix tsize_t 2017-08-07 16:44:28 +02:00
Even Rouault 2fbd4bb0b9 opj_j2k_read_sot(): check current TPSot number regarding previous (non-zero) TNsot to avoid opj_j2k_merge_ppt() to be called several times. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2851. Credit to OSS Fuzz 2017-08-04 18:02:10 +02:00
szukw000 57e36dbfeb First change on changes-for-afl-tests 2017-08-02 17:27:08 +02:00
Even Rouault 48125b0d12 src/bin/jpwl/convert.c: add missing fclose() in error code path (suggested by maddin200, #976) 2017-07-31 17:35:10 +02:00
szukw000 00f45684a8 Catch images broken by AFL 2017-07-31 13:58:08 +02:00
Even Rouault 13cde9fa37 src/lib/openjp2/*.h: use OPJ_ prefix for inclusion guards instead of reserved __ (#587) 2017-07-30 19:46:52 +02:00
Even Rouault 9a6d41d22b opj_event_msg(): force zero termination of buffer 2017-07-30 19:27:01 +02:00
Even Rouault b716f86163 Fix breakage of 22bf99ce02 2017-07-30 19:26:47 +02:00
Even Rouault 22bf99ce02 Test return value of opj_j2k_setup_decoding_tile() (commit ec31fa0c7f by ak-dxdy, #561) 2017-07-30 19:07:16 +02:00
Even Rouault ffa9a4f658 Fix warnings in USE_JPIP compilation mode 2017-07-30 18:46:34 +02:00
Even Rouault c22cbd8bdf Avoid heap buffer overflow in function pnmtoimage of convert.c, and unsigned integer overflow in opj_image_create() (CVE-2016-9118, #861) 2017-07-30 18:43:25 +02:00
Even Rouault 83342f2aaf Fix Doxygen warnings (patch derived from Winfried's doxygen-dif.txt.zip, #849) 2017-07-30 18:18:59 +02:00
Even Rouault 4748318136 j2k.c: remove hardcoded constants related to m_state, and useless FIXME 2017-07-30 17:26:03 +02:00
Even Rouault e23e0c94d0 Avoid p_stream->m_user_data_length >= (OPJ_UINT64)p_stream->m_byte_offset assertion in opj_stream_get_number_byte_left(). Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2786. Credit to OSS Fuzz 2017-07-30 16:48:15 +02:00
Even Rouault 1ed8d67797 opj_j2k_set_decode_area: replace assertions by runtime checks. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2795. Credit to OSS Fuzz 2017-07-30 15:35:47 +02:00
Even Rouault 68832af20e opj_tcd_dc_level_shift_decode: avoid int32 overflow when prec == 31. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2799. Credit to OSS Fuzz 2017-07-30 15:22:24 +02:00
Even Rouault 517bf6fd86 src/bin/jpwl/convert.c: fix memleak (fix suggested by maddin200, #631) 2017-07-29 21:11:23 +02:00
Even Rouault 51eb86d8f7 Fix warnings in pi.c raised by VS11 analyze (#190) 2017-07-29 19:43:23 +02:00
Even Rouault 397f62c0a8 Fix write heap buffer overflow in opj_mqc_byteout(). Discovered by Ke Liu of Tencent's Xuanwu LAB (#835) 2017-07-29 19:13:49 +02:00
Even Rouault 11445eddad opj_pi_update_decode_poc(): limit layno1 to the number of layers (CVE-2016-1626 and CVE-2016-1628, #850)
This has been recently fixed in a less elegant way per
80818c39f5
2017-07-29 19:03:13 +02:00
Even Rouault 3fbe713690 opj_tcd_get_decoded_tile_size(): fix potential UINT32 overflow (#854, CVE-2016-5152)
Fix derived from https://pdfium.googlesource.com/pdfium.git/+/d8cc503575463ff3d81b22dad292665f2c88911e/third_party/libopenjpeg20/0018-tcd_get_decoded_tile_size.patch
2017-07-29 18:38:16 +02:00
Even Rouault 5a3e7aaf33 color_cielab_to_rgb(): reject images with components of different dimensions to void read heap buffer overflow (#909) 2017-07-29 17:56:12 +02:00
Even Rouault 784d4d47e9 Fix breakage of 2fa0fc61f2 (#970) 2017-07-29 17:51:10 +02:00
Even Rouault 2fa0fc61f2 imagetopnm(): make sure the alpha component has same dimension as other components to avoid read heap buffer overflow (#970) 2017-07-29 17:28:55 +02:00
Even Rouault db9ef99f6d opj_t1_decode_cblk(): avoid undefined shift behaviour. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2487. Credit to OSS Fuzz 2017-07-29 16:34:35 +02:00
Even Rouault f6551f822f opj_t1_clbl_decode_processor(): avoid undefined behaviour if roishift >= 31. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2506. Credit to OSS Fuzz 2017-07-29 16:29:11 +02:00
Even Rouault 9906fbf737 Avoid assertion in opj_j2k_merge_ppt() in case premature EOC is encountered in opj_j2k_read_tile_header(). Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2785. Credit to OSS Fuzz 2017-07-29 16:22:36 +02:00
Even Rouault 71b4f5b124 opj_pi_next_pcrl(): avoid undefined shift behaviour. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2787. Credit to OSS Fuzz 2017-07-29 15:52:11 +02:00
Even Rouault d6654d906c opj_int_ceildiv(): fix int32 overflow. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2494. Credit to OSS Fuzz 2017-07-28 22:15:47 +02:00
Even Rouault 361c4506fd opj_tcd_dc_level_shift_decode(): avoid int overflow. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2516. Credit to OSS Fuzz 2017-07-28 22:06:26 +02:00
Even Rouault 7bdbe490cb Fix null pointer dereference in opj_jp2_apply_pclr(). Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2558. Credit to OSS Fuzz 2017-07-28 21:55:22 +02:00
Even Rouault 16aeb9282f Fix null pointer dereference in opj_j2k_add_mct() (#895)
Fixes openjeg-crashes-2017-07-27/issue879-poc1.j2k of #895
2017-07-28 21:39:30 +02:00
Even Rouault c5bf5ef4d6 Avoid use-after-free when a MCT marker is found after a MCC one (#895)
Fixes openjeg-crashes-2017-07-27/issue880-poc2.j2k of #895
2017-07-28 21:29:55 +02:00
Even Rouault e03e947466 Avoid undefined shift behaviour if bit depth == 32 (#895)
Fixes openjeg-crashes-2017-07-27/id:000000,sig:11,src:003798,op:ext_AO,pos:128.jp2
2017-07-27 22:29:17 +02:00
Even Rouault 820fcfe8bb opj_j2k_update_image_data / opj_tcd_update_tile_data: fix unaligned load/store (#895)
When components don't have the same width, unaligned load/store are possible.

Fixes openjeg-crashes-2017-07-27/id:000000,sig:11,src:001342,op:flip4,pos:162.jp2 of #895
2017-07-27 19:35:35 +02:00
Even Rouault 6c4e5bacb9 opj_pi_next_rpcl / opj_pi_next_pcrl / opj_pi_next_cprl: avoid int overflow (#895)
Fixes int overflow on openjeg-crashes-2017-07-27/id:000000,sig:08,src:000879,op:flip2,pos:128.jp2
2017-07-27 19:22:14 +02:00
Even Rouault 178194c093 opj_jp2_check_color(): replace assertion regarding mtyp by runtime check (#672, #895)
Fixes test case openjeg-crashes-2017-07-27/id:000000,sig:06,src:000001,op:flip1,pos:808.jp2
of #895
2017-07-27 18:52:35 +02:00
Even Rouault d6fa300997 Avoids undefined shift behaviour in m_dc_level_shift computation
Fixes warning found on clusterfuzz-testcase-minimized-5146316340461568
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2495

Credit to OSS Fuzz
2017-07-27 18:10:03 +02:00
Even Rouault a88cbb6a0b Fix various undefined shift behaviour in pi.c
Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2496
Credit to OSS Fuzz
2017-07-26 22:53:59 +02:00
Even Rouault 6c5fe9407b Avoid potential undefined shift behaviour in opj_bio_read() from opj_t2_read_packet_header()
Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2485
Credit to OSS Fuzz
2017-07-26 22:22:44 +02:00
Even Rouault 94c4b7300c T1 decoder: check code stream errors when predictable termination is enabled and emit a warning when errors are found 2017-07-26 21:43:32 +02:00
Even Rouault 5e795d90a1 Spelling fixes (patch by ka7, #890, rebased on top of master) 2017-07-26 21:06:38 +02:00
Even Rouault 2be20ce7d9 Reformat src/bin/wx/OPJViewer/source/OPJThreads.cpp src/bin/wx/OPJViewer/source/imagjpeg2000.cpp wrapping/java/openjp2/JavaOpenJPEG.c 2017-07-26 21:04:01 +02:00
Even Rouault 94cc97c58a opj_decompress: fix null pointer dereference on comps[].data on id_000167,sig_11,src_006079,op_havoc,rep_4 (#939) 2017-07-26 20:13:09 +02:00
Even Rouault 8d2e69e37d Fix assertion / memory leak in opj_j2k_merge_ppt() on corrupted images (#939)
Fixes issue on id:000020,sig:06,src:001958,op:flip4,pos:149 that has two
SOT markers for the same tile with the same tile part number, causing
opj_j2k_merge_ppt() to be called several times.
2017-07-26 19:49:38 +02:00
Even Rouault 5c5319984b Avoid division by zero in opj_pi_next_rpcl, opj_pi_next_pcrl, opj_pi_next_cprl (#938)
Fixes crash on id_000004,sig_06,src_000679,op_arith8,pos_49,val_-17
2017-07-26 18:05:56 +02:00
Even Rouault 80818c39f5 Avoid index out of bounds access to pi->include[] (#938)
Fix id:000098,sig:11,src:005411,op:havoc,rep:2 test case
2017-07-26 12:50:51 +02:00
Even Rouault d27ccf01c6 Avoid division by zero in opj_pi_next_rpcl, opj_pi_next_pcrl and opj_pi_next_cprl (#938)
Fixes issues with id:000026,sig:08,src:002419,op:int32,pos:60,val:+32 and
id:000019,sig:08,src:001098,op:flip1,pos:49
2017-07-26 11:32:41 +02:00
Jeroen 90ced71601 install static libraries 2017-07-13 11:34:15 +02:00
Even Rouault 60f8ddf577 Comment fix 2017-07-06 12:11:37 +02:00
Even Rouault a38c4496b6 Remove unused m_DA_x0, m_DA_y0, m_DA_x1, m_DA_y1 members from opj_j2k_dec structure 2017-07-05 21:33:42 +02:00
Even Rouault c308de39ed opj_j2k_read_header_procedure(): validate marker size to avoid excessive memory allocation attempt 2017-07-03 14:33:57 +02:00
Even Rouault 5736b1a368 Merge pull request #954 from jeroen/static
build both shared and static library
2017-07-03 12:03:29 +02:00
Even Rouault 8fa405ee15 IDWT 5x3: fix bug in AVX2 implementation (#953, #957) 2017-06-30 00:03:05 +02:00
Even Rouault 533fa2fdee Merge pull request #957 from rouault/idwt_53_improvements
IDWT 5x3 single-pass lifting and SSE2/AVX2 implementation
2017-06-26 12:45:34 +02:00
Even Rouault 6026786069 Style fix 2017-06-21 13:20:35 +02:00
Even Rouault 93aca84731 Fix mingw related warnings 2017-06-21 12:54:40 +02:00
Even Rouault cdd3e83bae Fix clang warning about extraneous parentheses 2017-06-21 12:49:01 +02:00
Even Rouault fd0dc535ad IDWT 5x3: generalize SSE2 version for AVX2
Thanks to our macros that abstract SSE use, the functions can use
AVX2 when available (at compile time)

This brings an extra 23% speed improvement on bench_dwt in 64bit builds
with AVX2 compared to SSE2.
2017-06-21 12:12:58 +02:00
Even Rouault f6e3475cc9 dwt.c: small cleanup 2017-06-21 01:07:56 +02:00
Even Rouault f06cfadef8 Enable __SSE__ / __SSE2__ with Visual Studio 2017-06-20 18:24:21 +02:00
Even Rouault fa55b52d19 Improve performance of inverse DWT 5x3 (#953)
* Use single-pass lifting inverse wavelet transform.
* For vertical pass, use SSE2 when available so as to process 8 columns
  in parallel. This is the most beneficial improvement, since the
  vertical pass involves a lot of cache trashing.

With the bench_dwt utility with default arguments (16383x16383 image),
time goes from 4.064 s to 1.212 s.
2017-06-20 18:01:34 +02:00
Even Rouault 919ed5f8b8 Add bench_dwt program (compiled only if BUILD_BENCH_DWT=ON) 2017-06-20 17:56:19 +02:00
Even Rouault 8df2521a60 Remove OPJ_NOSANITIZE in opj_bio_read() and opj_bio_write() (#761)
Commit 29313eb5 introduced those flags to avoid issues with
-fsanitize=unsigned-integer-overflow
However it is better just to rewrite the loop to avoid such condition
to occur.
2017-06-17 19:15:00 +02:00
Even Rouault 32b20b93e0 Fix astyle issue 2017-06-17 16:37:56 +02:00
Even Rouault 5f596cb283 Fix warning about unused arguments 2017-06-17 14:10:15 +02:00
Even Rouault cc07aec6c7 Fix warnings with recent GCC versions 2017-06-17 14:09:31 +02:00
Jeroen Ooms a0839cca24 only build both static and dynamic on non-windows 2017-06-16 13:58:25 +02:00
Jeroen Ooms 1329b3240a build both shared and static library 2017-06-16 13:27:19 +02:00
Antonin Descampe 36dd87cea8 Merge pull request #928 from RussellMcOrmond/master
Quiet mode for opj_decompress via -quiet long parameter.
2017-06-14 17:23:06 +02:00
Even Rouault 9cbc9903c3 Merge branch 't1_flag_optimizations' 2017-06-13 12:09:52 +02:00
Even Rouault 2609fb8077 Packet header writing: set empty packet header bit to 0 when appropriate (small optimization) 2017-06-12 18:38:11 +02:00
Even Rouault 73d1510d47 Encoder: fix packet writing of empty sub-bands (#891, #892)
There are situations where, given a tile size, at a resolution level,
there are sub-bands with x0==x1 or y0==y1, that consequently don't have any
valid codeblocks, but the other sub-bands may be non-empty.
Given that we recycle the memory from one tile to another one, those
ghost codeblocks might be non-0 and thus candidate for packet inclusion.
2017-06-12 18:37:50 +02:00
Even Rouault 81c5311758 T1: fix BYPASS/LAZY, TERMALL/RESTART and PTERM/ERTERM encoding modes. (#674)
There were a number of defects regarding when and how the termination of
passes had to done and the computation of their rate.
2017-06-09 10:49:03 +02:00
Even Rouault 9a9b06911e opj_t1_dec_sigpass_raw/opj_t1_dec_refpass_raw: harmonize style with mqc methods 2017-06-02 19:22:15 +02:00
Even Rouault 532243f1fd MQC/RAW decoder: use an artificial 0xFF 0xFF terminating marker.
This saves comparing the current pointer with the end of buffer pointer.
This results at least in tiny speed improvement for raw decoding, and
smaller code size for MQC as well.

This kills the remains of the raw.h/.c files that were only used for
decoding. Encoding using the mqc structure already.
2017-06-02 18:24:07 +02:00
Even Rouault 9b39fc4bcc Fix documentation of opj_t1_decode_cblks() 2017-06-02 18:23:49 +02:00
Even Rouault dde6cbabc0 Simplify VSC handling: instead of masking out bits when reading the 4th row.
Do not set them when updating flags of the 1st row
2017-06-02 18:23:38 +02:00
Even Rouault 3d9940a35b Force inlining of mqc decoding and pass steps through heavy use of macros, so as to get better register allocation 2017-06-02 18:23:20 +02:00
Even Rouault 7e8b502842 t1_generate_luts.c: fix compiler warnings 2017-06-02 18:22:59 +02:00
Even Rouault 2ba861c37c Optimize opj_t1_update_flags() 2017-06-02 18:22:42 +02:00
Even Rouault a0861855c1 T1: remove use of neghalf variable. It is useless since bpno is always > 0 2017-06-02 18:22:21 +02:00
Even Rouault 10410fe72e T1: avoid pointer indirection for mqc and raw members of opj_t1_t 2017-06-02 18:21:54 +02:00
Even Rouault a5003787ff T1: remove flags_stride variable from opj_t1_t 2017-06-02 18:21:39 +02:00
Even Rouault 0ec842e1f1 Inline opj_raw_decode() 2017-06-02 18:21:21 +02:00
Even Rouault aa7a8a4398 T1: loop unrolling in dec_sigpass_raw and dec_refpass_raw 2017-06-02 18:20:58 +02:00
Even Rouault 68557ff503 T1: Transpose coder optimizations to decoder, and cleanup code 2017-06-02 18:20:35 +02:00
Even Rouault 1957a498b6 Fix compiler warnings 2017-05-23 17:06:46 +02:00
Even Rouault 40c0f42def Factor index computation for lut_enc_ctxno_sc and lut_enc_spb 2017-05-23 17:06:46 +02:00
Even Rouault d6907b9304 Optimize a bit opj_t1_enc_clnpass() 2017-05-23 17:06:46 +02:00
Even Rouault c76a592131 T1: remove unused code in decoder 2017-05-23 17:06:46 +02:00
Even Rouault 4068363ff5 T1: fix VSC mode in encoder 2017-05-23 16:16:32 +02:00
Even Rouault cd12414c6b T1: use more compact flags to optimize cache usage in encoder passes. (#172)
Ported from Carl Hetherington work (actually through Matthieu Darbois's port
on top of OpenJPEG 2.1.0)

Can reduce total encoding time by 10-15%

WARNING: VSC mode is not implemented, and so is a temporary regression
that must be fixed.
2017-05-23 16:16:32 +02:00
Even Rouault a8ca7c51f3 CMake: add stronger warnings for openjp2 lib/bin by default, and error out on declaration-after-statement
And remove occurences of unused arguments in src/lib/openjp2
2017-05-23 15:47:57 +02:00
Even Rouault 8728cfbc79 t1.c: fix compiler warnings 2017-05-23 13:54:28 +02:00
Russell McOrmond 5f1e380b51 Fixed formatting issues ASTYLE 2017-05-16 09:31:07 -04:00
Russell McOrmond 9d8e1ecdeb Quiet mode for opj_decompress via -quiet long parameter. 2017-05-15 14:39:54 -04:00
Even Rouault 83d7a6d4a4 MQC: remove disabled MQC_PERF_OPT mode, which brings no performance improvements (see #923) 2017-05-15 14:11:47 +02:00
Even Rouault 4431fa7265 Add comments about non successfull attempt of implementing alternate INITDEC, DECODE and BYTEIN procedures (refs #921) 2017-05-15 14:09:51 +02:00
Even Rouault 3c2972f924 Reformat: apply reformattin on .h files (#128) 2017-05-15 12:21:30 +02:00
Even Rouault 563bd8499e Reformat whole codebase with astyle.options (#128) 2017-05-09 20:46:20 +02:00
Even Rouault a43f1bea62 Remove warnings related to empty tag-trees.
Decoding some valid .jp2 files like Sentinel2 datasets leads to warnings like:
No incltree created.
tgt_create tree->numnodes == 0, no tree created.
No imsbtree created.
tgt_create tree->numnodes == 0, no tree created.

Besides that, the image is correctly decoded. So there is no reason to emit
those warnings.
2017-02-13 12:36:45 +01:00
Mathieu Malaterre 34dae137a9 OPENJPEG_NAMESPACE is configurable by user 2016-09-26 12:01:31 +02:00
Mathieu Malaterre 4d5c5e7c48 Remove typos from comments and man pages 2016-09-26 11:26:55 +02:00
Matthieu Darbois fac916f72a Fix PNM file reading (#847)
Malformed PNM file could cause a crash in opj_compress.
Checks were added to prevent this.

Fixes #843
Updates #440
2016-09-22 00:30:34 +02:00
Stefan Weil 8715ce2749 Fix some issues reported by Coverity Scan (#846)
* test_tile_decoder: Fix potential buffer overflow (coverity)

CID 1190155 (#1 of 1): Unbounded source buffer (STRING_SIZE)

Using a pointer instead of buffer of fixed size avoids the limit
for the length of the input file name.

Signed-off-by: Stefan Weil <sw@weilnetz.de>

* test_tile_encoder: Fix potential buffer overflow (coverity)

CID 1190154 (#1 of 1): Unbounded source buffer (STRING_SIZE)

Using a pointer instead of buffer of fixed size avoids the limit
for the length of the output file name. This implies that the length
can exceed 255, so the data type for variable len had to be fixed, too.

Signed-off-by: Stefan Weil <sw@weilnetz.de>

* openjpip: Initialize data before returning it

This fixes an error reported by Coverity:

CID 1190143 (#1 of 1): Uninitialized scalar variable (UNINIT)

Signed-off-by: Stefan Weil <sw@weilnetz.de>
2016-09-21 21:15:25 +02:00
Stefan Weil 045aa4d9f2 Fix potential out-of-bounds read (coverity) (#844)
* query_parser: Fix potential out-of-bounds read (coverity)

CID 1190207 (#1 of 1): Out-of-bounds read (OVERRUN)

Variable i must be checked before testing query_param.box_type.

Signed-off-by: Stefan Weil <sw@weilnetz.de>

* jpip_parser: Fix potential out-of-bounds read (coverity)

CID 1190206 (#1 of 1): Out-of-bounds read (OVERRUN)

Variable i must be checked before testing query_param.box_type.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
2016-09-21 13:17:09 +02:00
Antonin Descampe da94042481 Merge pull request #834 from trylab/issue833
Fix issue 833.
2016-09-20 18:59:30 +02:00
Antonin Descampe 31d44f0280 Disable automatic compilation of t1_generate_luts
Fix #831
2016-09-20 18:48:06 +02:00
Antonin Descampe 3aaeea7ce8 renamed USE_THREAD to OPJ_USE_THREAD
renaming to be consistent with previous OPJ CMake options
2016-09-16 17:54:12 +02:00
Matthieu Darbois 6e7616c83c Remove TODO for overflow check (#842)
The check was already done. It’s been simplified.
Reformat to get consistent style throughout the functions.
2016-09-15 23:51:34 +02:00
Matthieu Darbois 9a07ccb3d0 Add overflow checks for opj_aligned_malloc (#841)
See
https://pdfium.googlesource.com/pdfium/+/b20ab6c7acb3be1393461eb650ca8fa4660c937e/third_party/libopenjpeg20/0020-opj_aligned_malloc.patch
2016-09-15 01:57:53 +02:00
Matthieu Darbois f88c9974e2 Flags in T1 shall be unsigned (#840)
This will remove some conversion warnings
2016-09-14 23:46:46 +02:00
Matthieu Darbois 0954bc11e3 Fix some warnings (#838)
Fix warnings introduced by uclouvain/openjpeg#786
2016-09-14 00:12:43 +02:00
Antonin Descampe f66e120452 Merge branch 'bit-fields-type' of https://github.com/smuehlst/openjpeg into smuehlst-bit-fields-type 2016-09-13 21:21:11 +02:00
Antonin Descampe d6d0f070e1 Merge pull request #786 from rouault/tier1_optimizations_multithreading
T1 & DWT multithreading decoding optimizations
2016-09-13 16:39:26 +02:00
trylab 893143c8e1 Fix issue 833.
Add some overflow check operations.
2016-09-13 17:43:30 +08:00