d07c20de8f
Update t2.c
2019-11-21 21:24:49 +11:00
0d81fe7a75
Update t2.c
2019-11-21 21:14:35 +11:00
c13a6b2d82
Update t2.c
2019-11-21 21:10:07 +11:00
843f7c8845
Update t2.c
2019-11-21 21:08:41 +11:00
387cd39844
Update t2.c
2019-11-21 21:04:07 +11:00
0144c6005d
Update t2.c
2019-11-18 09:05:27 +11:00
2bb1285323
Update t2.c
2019-11-18 09:02:15 +11:00
b2df8a57bb
Update t2.c
2019-11-18 08:57:32 +11:00
01963dac94
Update t2.c
2019-11-18 08:48:50 +11:00
d1d979f8a5
Update t2.c
2019-11-18 08:47:23 +11:00
4a7b5aae74
Update t2.c
2019-11-18 08:32:50 +11:00
3eb19736a4
Update t2.c
2019-11-18 08:20:43 +11:00
6c1225989a
Update j2k.c
2019-11-18 07:16:29 +11:00
64fa86061c
Update t2.c
2019-11-18 00:27:29 +11:00
4f36758ba6
Update j2k.c
2019-11-18 00:17:26 +11:00
25552ac45b
Update j2k.c
2019-11-18 00:15:37 +11:00
ac3737372a
Merge pull request #1217 from rouault/fix_ossfuzz_18979
...
pi.c: avoid integer overflow, resulting in later invalid access to memory in opj_t2_decode_packets()
2019-11-17 13:08:41 +01:00
9701b3305d
JPWL: convert: Fix buffer overflow reading an image file less than four characters ( #1196 )
...
Fixes #1068
2019-11-17 03:09:59 +01:00
cb332992a7
Merge pull request #1218 from rouault/fix_broken_abi_check
...
abi-check.sh: fix false postive ABI error, and display output error log
2019-11-17 02:47:26 +01:00
016f80ae21
abi-check.sh: fix false postive ABI error, and display output error log
...
There is currently a false positive ABI check failure between v2.3.1
and current. It disappears when removing the generated reports of v2.3.1
and recreating them. It is likely that some tooling has evolved since
the initial v2.3.1 report generation.
2019-11-17 02:26:54 +01:00
4cb1f66304
pi.c: avoid integer overflow, resulting in later invalid access to memory in opj_t2_decode_packets(). Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18979
2019-11-17 01:18:26 +01:00
5875a6b446
opj_tcd_mct_decode()/opj_mct_decode()/opj_mct_encode_real()/opj_mct_decode_real(): proper deal with a number of samples larger than 4 billion (refs #1151 )
2019-10-03 11:04:30 +02:00
e66125fe26
Merge pull request #1164 from sebras/master
...
openjp2/j2k: Report error if all wanted components are not decoded.
2019-09-03 17:03:54 +02:00
8db9d25dcf
opj_decompress_fuzzer: remove checks regarding input dimensions ( fixes #1079 )
2019-06-15 09:55:16 +02:00
f4d6578359
test_decode_area.c: assign tdy to *ptileh instead of *ptilew ( fixes #1195 )
2019-05-26 11:06:30 +02:00
9b7620ee7a
Merge pull request #1185 from Young-X/fix
...
Fix several potential vulnerabilities
2019-04-26 19:52:52 +02:00
4f447c6e18
Merge pull request #1192 from rouault/poc_fixes
...
compression: emit POC marker when only one single POC is requested (f…
2019-04-25 15:32:22 +02:00
a94cfbd533
Change opj_j2k_check_poc_val() to take into account tile number
2019-04-25 15:06:45 +02:00
bdec5ae272
Add test for previous commit
2019-04-25 14:40:56 +02:00
6423163141
Fix POC in multi-tile scenarios: avoid almost endless loop when a tile has no POC settings
2019-04-25 14:40:56 +02:00
b86717fdd3
Add test for previous commit
2019-04-25 14:40:56 +02:00
23883458b9
opj_j2k_check_poc_val(): prevent potential write outside of allocated array
2019-04-25 14:40:56 +02:00
6589c609f6
opj_j2k_check_poc_val(): fix starting index for checking layer dimension
...
The standard mandates that the layer index always starts at zero for every
progression.
2019-04-25 14:40:55 +02:00
1e3a57563d
compression: emit POC marker when only one single POC is requested ( fixes #1191 )
2019-04-25 14:40:55 +02:00
5dd75f62e2
j2k.c: use correct naming convention for total_data_size variable
2019-04-23 16:52:21 +02:00
3aef207f90
bmp_read_rle4_data(): avoid potential infinite loop
2019-04-15 16:10:18 +08:00
21399f6b7d
convertbmp: detect invalid file dimensions early
...
width/length dimensions read from bmp headers are not necessarily
valid. For instance they may have been maliciously set to very large
values with the intention to cause DoS (large memory allocation, stack
overflow). In these cases we want to detect the invalid size as early
as possible.
This commit introduces a counter which verifies that the number of
written bytes corresponds to the advertized width/length.
See commit 8ee335227b
2019-04-15 16:10:18 +08:00
d0dd894ae2
Comment back opj_previous_version in abi_check.sh
2019-04-02 15:37:38 +02:00
291e45bb04
Update version number for automatic abi check
2019-04-02 15:12:59 +02:00
5709632545
update token for appveyor auto release
2019-04-02 14:45:15 +02:00
8b9a89bc2e
update token for automatic release
2019-04-02 14:25:09 +02:00
d1d422c126
Update for release 2.3.1
2019-04-02 12:08:52 +02:00
d3b0b8927a
Update for release 2.3.1
2019-04-02 11:03:16 +02:00
c7798bb0c6
update for release 2.3.1
2019-04-02 11:02:20 +02:00
8196ab531e
Update BUILD version for release 2.3.1
2019-04-02 11:00:58 +02:00
69a7a312dc
Merge pull request #1188 from rouault/fix_abi_check
...
abi-check.sh: fix broken download URL
2019-03-29 12:25:39 +01:00
5151426d6e
abi-check.sh: fix broken download URL
2019-03-29 11:53:23 +01:00
d6b8aed561
Merge pull request #1187 from rouault/fix_ubsan_in_opj_t1_encode_cblks
...
opj_t1_encode_cblks: fix UBSAN signed integer overflow
2019-03-29 11:52:38 +01:00
a1d32a596a
opj_t1_encode_cblks: fix UBSAN signed integer overflow
...
Fixes #1053 / CVE-2018-5727
Note: I don't consider this issue to be a security vulnerability, in
practice.
At least with gcc or clang compilers on x86_64 which generate the same
assembly code with or without that fix.
2019-03-29 11:17:39 +01:00
25b815dc46
Revert "[JPWL] tgatoimage(): avoid excessive memory allocation attempt,"
...
This reverts commit 05be308446
2019-03-29 10:44:35 +01:00
Jarrel Seah
Even Rouault
Robert Ancell
Young Xiao
Antonin Descampe
Antonin Descampe
Even Rouault