1 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
2 <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
4 <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
5 <meta name="keywords" content="OpenJPEG, current, changes, changelog" />
6 <meta name="description" content="Log of changes in the package" />
7 <link rel="stylesheet" type="text/css" href="../../../css/common.css" />
8 <link rel="stylesheet" type="text/css" href="../../../css/changelog.css" />
12 OpenJPEG current: changelog
18 <table cellpadding='0' cellspacing='0'><tr><td align='center'><h1 class='tool'><a title='Home: ABI tracker for OpenJPEG' href='../../../timeline/openjpeg/index.html' class='tool'>ABI<br/>Tracker</a></h1></td><td width='30px;'></td><td><h1>(OpenJPEG)</h1></td></tr></table><hr/>
21 <h1>Changelog from Git</h1><br/><br/>
22 <div class='changelog'>
23 <pre class='wrap'>commit 19ef7f26c43f689b627aad642da7f6150893b863
24 Merge: 1d358f2 f3ee448
25 Author: Even Rouault <even.rouault@spatialys.com>
26 Date: 2020-05-20 21:10:55 +0200
28 Merge pull request #1211 from sebras/master
30 Add check to validate SGcod/SPcoc/SPcod parameter values.
32 commit 1d358f25c8eabbc7c274bcc148f4f5d594ec13fe
33 Merge: 64689d0 4edb8c8
34 Author: Even Rouault <even.rouault@spatialys.com>
35 Date: 2020-05-20 20:29:31 +0200
37 Merge pull request #1246 from rouault/write_plt
39 Add support for generation of PLT markers in encoder
41 commit 4edb8c83374f52cd6a8f2c7c875e8ffacccb5fa5
42 Author: Even Rouault <even.rouault@spatialys.com>
43 Date: 2020-04-21 15:55:44 +0200
45 Add support for generation of PLT markers in encoder
47 * -PLT switch added to opj_compress
48 * Add a opj_encoder_set_extra_options() function that
49 accepts a PLT=YES option, and could be expanded later
54 Testing with a Sentinel2 10m band, T36JTT_20160914T074612_B02.jp2,
55 coming from S2A_MSIL1C_20160914T074612_N0204_R135_T36JTT_20160914T081456.SAFE
57 Decompress it to TIFF:
59 opj_uncompress -i T36JTT_20160914T074612_B02.jp2 -o T36JTT_20160914T074612_B02.tif
62 Recompress it with similar parameters as original:
64 opj_compress -n 5 -c [256,256],[256,256],[256,256],[256,256],[256,256] -t 1024,1024 -PLT -i T36JTT_20160914T074612_B02.tif -o T36JTT_20160914T074612_B02_PLT.jp2
67 Dump codestream detail with GDAL dump_jp2.py utility (https://github.com/OSGeo/gdal/blob/master/gdal/swig/python/samples/dump_jp2.py)
69 python dump_jp2.py T36JTT_20160914T074612_B02.jp2 > /tmp/dump_sentinel2_ori.txt
70 python dump_jp2.py T36JTT_20160914T074612_B02_PLT.jp2 > /tmp/dump_sentinel2_openjpeg_plt.txt
73 The diff between both show very similar structure, and identical number of packets in PLT markers
75 Now testing with Kakadu (KDU803_Demo_Apps_for_Linux-x86-64_200210)
77 Full file decompression:
79 kdu_expand -i T36JTT_20160914T074612_B02_PLT.jp2 -o tmp.tif
81 Consumed 121 tile-part(s) from a total of 121 tile(s).
82 Consumed 80,318,806 codestream bytes (excluding any file format) = 5.329697
84 Processed using the multi-threaded environment, with
85 8 parallel threads of execution
88 Partial decompresson (presumably using PLT markers):
90 kdu_expand -i T36JTT_20160914T074612_B02.jp2 -o tmp.pgm -region "{0.5,0.5},{0.01,0.01}"
91 kdu_expand -i T36JTT_20160914T074612_B02_PLT.jp2 -o tmp2.pgm -region "{0.5,0.5},{0.01,0.01}"
92 diff tmp.pgm tmp2.pgm && echo "same !"
97 Funded by ESA for S2-MPC project
99 commit 64689d05dfaaf52105581d93fb1eb173b20829a4
100 Author: Even Rouault <even.rouault@spatialys.com>
101 Date: 2020-04-18 18:25:44 +0200
103 struct opj_j2k: remove unused fields, and add some documentation
105 commit 774889a328abd5d3c280d9a897f1ac4c672cb0e5
106 Merge: b6b7e96 271a71e
107 Author: Even Rouault <even.rouault@spatialys.com>
108 Date: 2020-04-17 00:39:46 +0200
110 Merge pull request #1244 from rouault/fix_pi_warnings
112 Fix warnings about signed/unsigned casts in pi.c
114 commit b6b7e96b0cf7819ef6a2e8ba2f8bdaaf938326ed
115 Author: szukw000 <szukw000@arcor.de>
116 Date: 2020-04-17 00:37:33 +0200
118 color_apply_icc_profile: add checks on the number of components (#1236)
120 commit 040e142288e90c9c2d46d25d0a27f828f968bb93
121 Author: Eduardo Barretto <edusbarretto@gmail.com>
122 Date: 2020-04-16 19:09:40 -0300
124 jp3d/jpwl/mj2/jpip: Fix resource leaks (#1226)
126 This issues were found by cppcheck and coverity.
128 commit 271a71ef0f1dd4740c9f4474279c7da8d15850c9
129 Author: Even Rouault <even.rouault@spatialys.com>
130 Date: 2020-04-16 20:52:44 +0200
132 Fix warnings about signed/unsigned casts in pi.c
134 commit 221a801a97a3ea968a311f7905c18a1eb7f034c4
135 Author: Even Rouault <even.rouault@spatialys.com>
136 Date: 2020-04-16 20:33:22 +0200
138 Rename mis-named function opj_tcd_get_encoded_tile_size() to opj_tcd_get_encoder_input_buffer_size()
140 commit 9c1cfb034a8cf24eb5e35fe9c7074fd079d14b80
141 Merge: 563ecfb 1c54024
142 Author: Even Rouault <even.rouault@spatialys.com>
143 Date: 2020-04-01 22:00:19 +0200
145 Merge pull request #1240 from rouault/fix_crash_opj_decompress
147 opj_decompress: add sanity checks to avoid segfault in case of decoding error
149 commit 1c54024165fd5db0e6047f28903274eb27d0980f
150 Author: Even Rouault <even.rouault@spatialys.com>
151 Date: 2020-04-01 20:58:55 +0200
153 opj_decompress: add sanity checks to avoid segfault in case of decoding error
155 Prevent crashes like:
156 opj_decompress -i 0722_5-1_2019.jp2 -o out.ppm -r 4 -t 0
158 where 0722_5-1_2019.jp2 is
159 https://drive.google.com/file/d/1ZxOUZg2-FKjYwa257VFLMpTXRWxEoP0a/view?usp=sharing
161 commit 563ecfb55ca77c0fc5ea19e4885e00f55ec82ca9
162 Author: Even Rouault <even.rouault@spatialys.com>
163 Date: 2020-02-13 09:59:17 +0100
165 opj_compress: improve help message regarding new IMF switch
167 commit 4e5501b3c72a98b3117e68263afb922092c309cf
168 Merge: 2888145 84f3beb
169 Author: Even Rouault <even.rouault@spatialys.com>
170 Date: 2020-02-13 09:54:20 +0100
172 Merge pull request #1235 from rouault/imf
174 Implement writing of IMF profiles
176 commit 84f3bebbff515f2b00ccf0c817930ebb10b91760
177 Author: Even Rouault <even.rouault@spatialys.com>
178 Date: 2020-02-12 15:55:16 +0100
180 Implement writing of IMF profiles
182 Add -IMF switch to opj_compress as well
184 commit fffe32adcb9f41a00805f4120012be9625ba450a
185 Author: Even Rouault <even.rouault@spatialys.com>
186 Date: 2020-02-12 15:55:02 +0100
188 openjpeg.h: fix values of OPJ_PROFILE_IMF_ constants
190 commit 28881453f6b1ae68a357557999498a11a2bc8b7e
191 Merge: 647f9b1 b5cb419
192 Author: Even Rouault <even.rouault@spatialys.com>
193 Date: 2020-02-10 11:20:20 +0100
195 Merge pull request #1234 from rouault/md5_libtiff_4_1
197 tests: add alternate checksums for libtiff 4.1
199 commit b5cb419faff300fdbc0b4e98dab5c9010db6f39d
200 Author: Even Rouault <even.rouault@spatialys.com>
201 Date: 2020-02-07 21:53:10 +0100
203 tests: add alternate checksums for libtiff 4.1
207 libtiff 4.1 slightly modifies the way it generates files. So
208 add the new expected md5sum.
210 Not super elegant solution admitedly.
212 commit 647f9b118d12819c63635eea65909b0e49e0f201
213 Merge: b63a433 05f9b91
214 Author: Even Rouault <even.rouault@spatialys.com>
215 Date: 2020-01-30 13:07:31 +0100
217 Merge pull request #1232 from rouault/fix_1231
219 opj_tcd_init_tile(): avoid integer overflow
221 commit 05f9b91e60debda0e83977e5e63b2e66486f7074
222 Author: Even Rouault <even.rouault@spatialys.com>
223 Date: 2020-01-30 00:59:57 +0100
225 opj_tcd_init_tile(): avoid integer overflow
227 That could lead to later assertion failures.
229 Fixes #1231 / CVE-2020-8112
231 commit b63a433ba168bad5fa10e83de04d6305e6a222e2
232 Author: Max Moroz <dor3s1@gmail.com>
233 Date: 2020-01-13 09:07:54 -0800
235 tests/fuzzers: link fuzz binaries using $LIB_FUZZING_ENGINE. (#1230)
237 This was changed some time ago (https://google.github.io/oss-fuzz/getting-started/new-project-guide/) but the build didn't fail as there is a fallback mechanism. The main advantage of the new approach is that for libFuzzer this produces more performant binaries (as `$LIB_FUZZING_ENGINE` expands into `-fsanitize=fuzzer`, which links libFuzzer from the compiler-rt, allowing better optimization tricks).
239 I'm also experimenting with dataflow (https://github.com/google/oss-fuzz/issues/1632) on your project, and the dataflow config doesn't have a fallback (as it's a new configuration), therefore I'm proposing a change to migrate from `-lFuzzingEngine` to `$LIB_FUZZING_ENGINE`.
241 commit 46c1eff9e98bbcf794d042f7b2e3d45556e805ce
242 Merge: ac37373 024b840
243 Author: Even Rouault <even.rouault@spatialys.com>
244 Date: 2020-01-11 11:29:11 +0100
246 Merge pull request #1229 from rouault/fix_1228
248 opj_j2k_update_image_dimensions(): reject images whose coordinates are beyond INT_MAX (fixes #1228)
250 commit 024b8407392cb0b82b04b58ed256094ed5799e04
251 Author: Even Rouault <even.rouault@spatialys.com>
252 Date: 2020-01-11 01:51:19 +0100
254 opj_j2k_update_image_dimensions(): reject images whose coordinates are beyond INT_MAX (fixes #1228)
256 commit ac3737372a00b8778b528094dd5bd58a74f67d42
257 Merge: 9701b33 4cb1f66
258 Author: Even Rouault <even.rouault@spatialys.com>
259 Date: 2019-11-17 13:08:41 +0100
261 Merge pull request #1217 from rouault/fix_ossfuzz_18979
263 pi.c: avoid integer overflow, resulting in later invalid access to memory in opj_t2_decode_packets()
265 commit 9701b3305db58d35e4446946309f88937e2f5342
266 Author: Robert Ancell <robert.ancell@gmail.com>
267 Date: 2019-11-17 15:09:59 +1300
269 JPWL: convert: Fix buffer overflow reading an image file less than four characters (#1196)
273 commit cb332992a7c84316824b1c4810103ee4f190937c
274 Merge: 5875a6b 016f80a
275 Author: Even Rouault <even.rouault@spatialys.com>
276 Date: 2019-11-17 02:47:26 +0100
278 Merge pull request #1218 from rouault/fix_broken_abi_check
280 abi-check.sh: fix false postive ABI error, and display output error log
282 commit 016f80ae2106c2b1b5bca08a684b0bd082e231e6
283 Author: Even Rouault <even.rouault@spatialys.com>
284 Date: 2019-11-17 01:35:26 +0100
286 abi-check.sh: fix false postive ABI error, and display output error log
288 There is currently a false positive ABI check failure between v2.3.1
289 and current. It disappears when removing the generated reports of v2.3.1
290 and recreating them. It is likely that some tooling has evolved since
291 the initial v2.3.1 report generation.
293 commit 4cb1f663049aab96e122d1ff16f601d0cc0be976
294 Author: Even Rouault <even.rouault@spatialys.com>
295 Date: 2019-11-17 01:18:26 +0100
297 pi.c: avoid integer overflow, resulting in later invalid access to memory in opj_t2_decode_packets(). Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18979
299 commit 5875a6b44618fb7dfd5cd6d742533eaee2014060
300 Author: Even Rouault <even.rouault@spatialys.com>
301 Date: 2019-10-03 11:04:30 +0200
303 opj_tcd_mct_decode()/opj_mct_decode()/opj_mct_encode_real()/opj_mct_decode_real(): proper deal with a number of samples larger than 4 billion (refs #1151)
305 commit f3ee448815eb992b8d4746e32c05e8289f30415f
306 Author: Sebastian Rasmussen <sebras@gmail.com>
307 Date: 2018-10-31 15:56:11 +0100
309 openjp2/j2k: Validate all SGcod/SPcod/SPcoc parameter values.
311 Previously the multiple component transformation SGcod(C)
312 and wavelet transformation SPcod(H)/SPcoc(E) parameter
313 values were never checked, allowing for out of range values.
315 The lack of validation allowed the bit stream provided in
316 issue #1158 through. After this commit an error message
317 points to the marker segments' parameters as being out of
320 input/nonregression/edf_c2_20.jp2 contains an SPcod(H) value
321 of 17, but according to Table A-20 of the specification only
322 values 0 and 1 are valid. input/nonregression/issue826.jp2
323 contains a SGcod(B) value of 2, but according to Table A-17
324 of the specification only values 0 and 1 are valid.
325 input/nonregression/oss-fuzz2785.jp2 contains a SGcod(B)
326 value of 32, but it is likewise limited to 0 or 1. These test
327 cases have been updated to consistently fail to parse the
328 headers since they contain out of bounds values.
330 This fixes issue #1210.
332 commit d801bd4e6287d13b65a48775ebd43fca350b21d9
333 Author: Sebastian Rasmussen <sebras@gmail.com>
334 Date: 2019-09-04 01:18:37 +0200
336 openjp2/j2k: Make comments adhere to specification.
338 The function is used to read both SPcod and SPcoc, so all
339 comments should refer to both marker segments' parameter names.
341 commit e66125fe260deee49fdf6e9978d9bd29871dd5bb
342 Merge: 8db9d25 b275196
343 Author: Even Rouault <even.rouault@spatialys.com>
344 Date: 2019-09-03 17:03:54 +0200
346 Merge pull request #1164 from sebras/master
348 openjp2/j2k: Report error if all wanted components are not decoded.
350 commit 8db9d25dcf360528fd1e094e4f9274c0635e90cc
351 Author: Even Rouault <even.rouault@spatialys.com>
352 Date: 2019-06-15 09:55:16 +0200
354 opj_decompress_fuzzer: remove checks regarding input dimensions (fixes #1079)
356 commit f4d65783593fd0490e0fdb9f323f2d5aff81a21d
357 Author: Even Rouault <even.rouault@spatialys.com>
358 Date: 2019-05-26 11:06:01 +0200
360 test_decode_area.c: assign tdy to *ptileh instead of *ptilew (fixes #1195)
362 commit 9b7620ee7a3d72bfcdbebd78e607c5ee8aa7fade
363 Merge: 4f447c6 3aef207
364 Author: Even Rouault <even.rouault@spatialys.com>
365 Date: 2019-04-26 19:52:52 +0200
367 Merge pull request #1185 from Young-X/fix
369 Fix several potential vulnerabilities
371 commit 4f447c6e18444a4182f7844d25033861eee8df55
372 Merge: 5dd75f6 a94cfbd
373 Author: Even Rouault <even.rouault@spatialys.com>
374 Date: 2019-04-25 15:32:22 +0200
376 Merge pull request #1192 from rouault/poc_fixes
378 compression: emit POC marker when only one single POC is requested (f…
380 commit a94cfbd5334922ca5b63cfac9d2e5e0ec98155be
381 Author: Even Rouault <even.rouault@spatialys.com>
382 Date: 2019-04-25 14:07:46 +0200
384 Change opj_j2k_check_poc_val() to take into account tile number
386 commit bdec5ae2723369be5abba7aaae398aa4ae3225cc
387 Author: Even Rouault <even.rouault@spatialys.com>
388 Date: 2019-04-25 01:29:38 +0200
390 Add test for previous commit
392 commit 6423163141412cb93364de4e33d90bcffefa0885
393 Author: Even Rouault <even.rouault@spatialys.com>
394 Date: 2019-04-25 01:27:02 +0200
396 Fix POC in multi-tile scenarios: avoid almost endless loop when a tile has no POC settings
398 commit b86717fdd36b628ea7ecb5c24f7a086bf5bcd3a7
399 Author: Even Rouault <even.rouault@spatialys.com>
400 Date: 2019-04-25 00:40:04 +0200
402 Add test for previous commit
404 commit 23883458b9de2c57fc1890b42efbd0832c8fbe3b
405 Author: Even Rouault <even.rouault@spatialys.com>
406 Date: 2019-04-25 00:34:44 +0200
408 opj_j2k_check_poc_val(): prevent potential write outside of allocated array
410 commit 6589c609f6d6b3743715fceefbdac6e4ecb76aee
411 Author: Even Rouault <even.rouault@spatialys.com>
412 Date: 2019-04-25 00:28:05 +0200
414 opj_j2k_check_poc_val(): fix starting index for checking layer dimension
416 The standard mandates that the layer index always starts at zero for every
419 commit 1e3a57563defb6aa7cf24ffd2394d4a820e13bda
420 Author: Even Rouault <even.rouault@spatialys.com>
421 Date: 2019-04-25 00:17:13 +0200
423 compression: emit POC marker when only one single POC is requested (fixes #1191)
425 commit 5dd75f62e20efff9f094fd1dbd0d4d00e8b37689
426 Author: Even Rouault <even.rouault@spatialys.com>
427 Date: 2019-04-23 16:52:21 +0200
429 j2k.c: use correct naming convention for total_data_size variable
431 commit 3aef207f90e937d4931daf6d411e092f76d82e66
432 Author: Young Xiao <YangX92@hotmail.com>
433 Date: 2019-03-16 20:09:59 +0800
435 bmp_read_rle4_data(): avoid potential infinite loop
437 commit 21399f6b7d318fcdf4406d5e88723c4922202aa3
438 Author: Young Xiao <YangX92@hotmail.com>
439 Date: 2019-03-16 19:57:27 +0800
441 convertbmp: detect invalid file dimensions early
443 width/length dimensions read from bmp headers are not necessarily
444 valid. For instance they may have been maliciously set to very large
445 values with the intention to cause DoS (large memory allocation, stack
446 overflow). In these cases we want to detect the invalid size as early
449 This commit introduces a counter which verifies that the number of
450 written bytes corresponds to the advertized width/length.
452 See commit 8ee335227bbc for details.
454 Signed-off-by: Young Xiao <YangX92@hotmail.com>
456 commit d0dd894ae24d0f2f09072adf1b966033dd64672d
457 Author: Antonin Descampe <antonin@gmail.com>
458 Date: 2019-04-02 15:37:38 +0200
460 Comment back opj_previous_version in abi_check.sh
462 commit 291e45bb045e63334729ad9a894595f8e1e2b2c7
463 Author: Antonin Descampe <antonin@gmail.com>
464 Date: 2019-04-02 15:12:59 +0200
466 Update version number for automatic abi check
468 commit 57096325457f96d8cd07bd3af04fe81d7a2ba788
469 Author: Antonin Descampe <antonin@gmail.com>
470 Date: 2019-04-02 14:45:15 +0200
472 update token for appveyor auto release
474 commit 8b9a89bc2e61652d30bbc56673f8f03ef464430f
475 Author: Antonin Descampe <antonin@gmail.com>
476 Date: 2019-04-02 14:25:09 +0200
478 update token for automatic release
480 commit d1d422c126cbc2a5435340bd85f4b52ff0477101
481 Author: Antonin Descampe <antonin@gmail.com>
482 Date: 2019-04-02 12:08:52 +0200
484 Update for release 2.3.1
486 commit d3b0b8927acf2e050a6379320d36fc3bb3751fe3
487 Author: Antonin Descampe <info@openjpeg.org>
488 Date: 2019-04-02 11:03:16 +0200
490 Update for release 2.3.1
492 commit c7798bb0c636c89ab7f0bab4d89e7f0136e0e55a
493 Author: Antonin Descampe <info@openjpeg.org>
494 Date: 2019-04-02 11:02:20 +0200
496 update for release 2.3.1
498 commit 8196ab531e79602fe3c947d09d3240c25c358731
499 Author: Antonin Descampe <info@openjpeg.org>
500 Date: 2019-04-02 11:00:58 +0200
502 Update BUILD version for release 2.3.1
504 commit 69a7a312dccebc8b5f28f8a5e4a703cb8d447d44
505 Merge: d6b8aed 5151426
506 Author: Even Rouault <even.rouault@mines-paris.org>
507 Date: 2019-03-29 12:25:39 +0100
509 Merge pull request #1188 from rouault/fix_abi_check
511 abi-check.sh: fix broken download URL
513 commit 5151426d6e6f7f0e1ae6f050aaa7cec6bc4ffd08
514 Author: Even Rouault <even.rouault@spatialys.com>
515 Date: 2019-03-29 11:53:23 +0100
517 abi-check.sh: fix broken download URL
519 commit d6b8aed5612e6be6d3a4053867fbd2ae0cb7c8af
520 Merge: 25b815d a1d32a5
521 Author: Even Rouault <even.rouault@mines-paris.org>
522 Date: 2019-03-29 11:52:38 +0100
524 Merge pull request #1187 from rouault/fix_ubsan_in_opj_t1_encode_cblks
526 opj_t1_encode_cblks: fix UBSAN signed integer overflow
528 commit a1d32a596a94280178c44a55d7e7f1acd992ed5d
529 Author: Even Rouault <even.rouault@spatialys.com>
530 Date: 2019-03-29 11:17:39 +0100
532 opj_t1_encode_cblks: fix UBSAN signed integer overflow
534 Fixes #1053 / CVE-2018-5727
536 Note: I don't consider this issue to be a security vulnerability, in
538 At least with gcc or clang compilers on x86_64 which generate the same
539 assembly code with or without that fix.
541 commit 25b815dc460dbf9def7e6b822c8998727094f85a
542 Author: Even Rouault <even.rouault@spatialys.com>
543 Date: 2019-03-29 10:44:35 +0100
545 Revert "[JPWL] tgatoimage(): avoid excessive memory allocation attempt,"
547 This reverts commit 05be3084460e46282ee63f04c72c451f3271fd28.
549 This commit doesn't compile due to missing OPJ_UINT64 type
551 commit e1740e7ce79d0a1676db4da0f4189b64e85f52cb
552 Author: Even Rouault <even.rouault@spatialys.com>
553 Date: 2019-03-29 10:40:58 +0100
555 Revert "[MJ2] Avoid index out of bounds access to pi->include[]"
557 This reverts commit c277159986c80142180fbe5efb256bbf3bdf3edc.
559 The commit didn't compile. include_size is not defined in openmj2
561 commit b2751967ecabf8d8856e85ab91e25d4f235e2eb3
562 Author: Sebastian Rasmussen <sebras@gmail.com>
563 Date: 2018-10-31 20:22:11 +0100
565 openjp2/j2k: Report error if all wanted components are not decoded.
567 Previously the caller had to check whether each component data had
568 been decoded. This means duplicating the checking in every user of
569 openjpeg which is unnecessary. If the caller wantes to decode all
570 or a set of, or a specific component then openjpeg ought to error
571 out if it was unable to do so.
575 commit 51f097e6d5754ddae93e716276fe8176b44ec548
576 Merge: e7640f5 8ee3352
577 Author: Even Rouault <even.rouault@mines-paris.org>
578 Date: 2018-12-21 16:41:00 +0100
580 Merge pull request #1172 from hlef/master
582 convertbmp: detect invalid file dimensions early (CVE-2018-6616)
584 commit 8ee335227bbcaf1614124046aa25e53d67b11ec3
585 Author: Hugo Lefeuvre <hle@debian.org>
586 Date: 2018-12-14 04:58:40 +0100
588 convertbmp: detect invalid file dimensions early
590 width/length dimensions read from bmp headers are not necessarily
591 valid. For instance they may have been maliciously set to very large
592 values with the intention to cause DoS (large memory allocation, stack
593 overflow). In these cases we want to detect the invalid size as early
596 This commit introduces a counter which verifies that the number of
597 written bytes corresponds to the advertized width/length.
599 Fixes #1059 (CVE-2018-6616).
601 commit e7640f58f122d1228f3d750864543ad4703e18fc
602 Merge: e0f5212 05be308
603 Author: Even Rouault <even.rouault@mines-paris.org>
604 Date: 2018-12-07 21:27:38 +0100
606 Merge pull request #1168 from Young-X/fix_dev
608 Fix multiple potential vulnerabilities and bugs
610 commit 05be3084460e46282ee63f04c72c451f3271fd28
611 Author: Young Xiao <YangX92@hotmail.com>
612 Date: 2018-11-28 14:44:06 +0800
614 [JPWL] tgatoimage(): avoid excessive memory allocation attempt,
615 and fixes unaligned load
617 Signed-off-by: Young Xiao <YangX92@hotmail.com>
619 commit bd88611ed9ad7144ec4f3de54790cd848175891b
620 Author: Young_X <YangX92@hotmail.com>
621 Date: 2018-11-23 17:15:05 +0800
623 [JP3D] To avoid divisions by zero / undefined behaviour on shift (CVE-2018-14423
625 Signed-off-by: Young_X <YangX92@hotmail.com>
627 commit ce9583d1d7627e007a34a31ae4e22a00d78bd153
628 Author: Young_X <YangX92@hotmail.com>
629 Date: 2018-11-23 17:12:06 +0800
631 [JPWL] opj_compress: reorder checks related to code block dimensions to avoid potential int overflow
633 Signed-off-by: Young_X <YangX92@hotmail.com>
635 commit c58df149900df862806d0e892859b41115875845
636 Author: Young_X <YangX92@hotmail.com>
637 Date: 2018-11-23 16:24:19 +0800
639 [OPENJP2] change the way to compute *p_tx0, *p_tx1, *p_ty0, *p_ty1 in function
640 opj_get_encoding_parameters
642 Signed-off-by: Young_X <YangX92@hotmail.com>
644 commit c277159986c80142180fbe5efb256bbf3bdf3edc
645 Author: Young_X <YangX92@hotmail.com>
646 Date: 2018-11-23 16:12:53 +0800
648 [MJ2] Avoid index out of bounds access to pi->include[]
650 Signed-off-by: Young_X <YangX92@hotmail.com>
652 commit e0f5212888c0c1abc5e060a75a3a4a5ff99afd1a
653 Merge: 92023cd 2e5ab1d
654 Author: Even Rouault <even.rouault@mines-paris.org>
655 Date: 2018-11-28 00:04:30 +0100
657 Merge pull request #1170 from rouault/fix_color_apply_icc_profile
659 color_apply_icc_profile: avoid potential heap buffer overflow
661 commit 2e5ab1d9987831c981ff05862e8ccf1381ed58ea
662 Author: Even Rouault <even.rouault@spatialys.com>
663 Date: 2018-11-27 23:31:30 +0100
665 color_apply_icc_profile: avoid potential heap buffer overflow
667 Derived from a patch by Thuan Pham
669 commit 46822d0eddc3324b2a056bc60ffa997027bebd66
670 Author: Young_X <YangX92@hotmail.com>
671 Date: 2018-11-23 15:58:23 +0800
673 [JPWL] imagetotga(): fix read heap buffer overflow if numcomps < 3 (#987)
675 Signed-off-by: Young_X <YangX92@hotmail.com>
677 commit 619e1b086eaa21ebd9b23eb67deee543b07bf06f
678 Author: Young_X <YangX92@hotmail.com>
679 Date: 2018-11-23 15:02:26 +0800
681 [JPWL] fix CVE-2018-16375
683 Signed-off-by: Young_X <YangX92@hotmail.com>
685 commit c5bd64ea146162967c29bd2af0cbb845ba3eaaaf
686 Author: Young_X <YangX92@hotmail.com>
687 Date: 2018-11-23 14:47:36 +0800
689 [MJ2] To avoid divisions by zero / undefined behaviour on shift
691 Signed-off-by: Young_X <YangX92@hotmail.com>
693 commit 92023cd6c377e0384a7725949b25655d4d94dced
694 Merge: c196b23 cab352e
695 Author: Even Rouault <even.rouault@mines-paris.org>
696 Date: 2018-11-16 09:42:19 +0100
698 Merge pull request #1160 from hlef/master
700 jp3d/jpwl convert: fix write stack buffer overflow
702 commit c196b23b90321b5c7e3238294607a2e8626c503f
703 Author: ichlubna <43234438+ichlubna@users.noreply.github.com>
704 Date: 2018-11-16 09:40:31 +0100
706 openjp3d: Int overflow fixed (#1159)
708 When compressing a lot of slices (starting from 44 FullHD slices with 3 8bit components in our experiments) the rate values are high enough to cause an int overflow that leads to negative lengths and wrong results. The cast happens too late.
710 commit cab352e249ed3372dd9355c85e837613fff98fa2
711 Author: Hugo Lefeuvre <hle@debian.org>
712 Date: 2018-11-07 18:48:29 +0100
714 jp2: convert: fix null pointer dereference
716 Tile components in a JP2 image might have null data pointer by defining a
717 zero component size (for example using large horizontal or vertical
718 sampling periods). This null data pointer leads to null image component
719 data pointer, causing crash when dereferenced without != null check in
724 This commit addresses #1152 (CVE-2018-18088).
726 commit 0bc90e4062a5f9258c91eca018c019b179066c62
727 Author: Hugo Lefeuvre <hle@debian.org>
728 Date: 2018-10-22 16:59:41 +0200
730 jp3d/jpwl convert: fix write stack buffer overflow
732 Missing buffer length formatter in fscanf call might lead to write
733 stack buffer overflow.
735 fixes #1044 (CVE-2017-17480)
737 commit 948332e6ed17565100d1df5f6fdbf66865218e36
738 Author: Stefan Weil <sw@weilnetz.de>
739 Date: 2018-10-31 20:44:30 +0100
741 Fix some potential overflow issues (#1161)
743 * Fix some potential overflow issues
745 Put sizeof to the beginning of the multiplication to enforce that
746 size_t instead of smaller integer types is used for the calculation.
748 This fixes warnings from LGTM:
750 Multiplication result may overflow 'unsigned int'
751 before it is converted to 'unsigned long'.
753 It also allows removing some type casts.
755 Signed-off-by: Stefan Weil <sw@weilnetz.de>
757 * Fix code indentation
759 Signed-off-by: Stefan Weil <sw@weilnetz.de>
761 commit e52909f4c7896c5efff3340d707c12d0df55d3f9
762 Merge: cd900d9 943db0f
763 Author: Even Rouault <even.rouault@mines-paris.org>
764 Date: 2018-10-31 20:41:52 +0100
766 Merge pull request #1163 from nforro/memory-and-resource-leaks
768 Fix several memory and resource leaks
770 commit 943db0f1c28ca6a7df6d18483f97166a03be9bf7
771 Author: Nikola Forró <nforro@redhat.com>
772 Date: 2018-10-31 13:39:05 +0100
774 Fix several memory and resource leaks
776 Signed-off-by: Nikola Forró <nforro@redhat.com>
778 commit cd900d96618ab77e79812db654731dd6b5fc7bd8
779 Author: Even Rouault <even.rouault@spatialys.com>
780 Date: 2018-10-18 11:45:45 +0200
782 opj_thread_pool_setup(): fix infinite waiting if a thread creation failed
784 commit 0e6a5553cfef21b764d289585af2c6934a95456b
785 Merge: 8fc09e5 ca16fe5
786 Author: Even Rouault <even.rouault@mines-paris.org>
787 Date: 2018-09-22 23:54:12 +0200
789 Merge pull request #1148 from hlef/master
791 CVE-2018-5785: fix issues with zero bitmasks
793 commit 8fc09e50e557fa6af4c099b9c6d36bb1071ee1ed
794 Author: Even Rouault <even.rouault@spatialys.com>
795 Date: 2018-09-22 23:47:56 +0200
797 opj_jp2_apply_pclr(): remove useless assert that can trigger on some files (fixes #1125)
799 commit aaf48ee6bae91032f025f9ac11592c4085a0d96b
800 Merge: ee827ad cc38247
801 Author: Even Rouault <even.rouault@spatialys.com>
802 Date: 2018-09-22 23:12:50 +0200
804 Merge branch 'pr1095'
806 commit cc3824767bde397fedb8a1ae4786a222ba860c8d
807 Author: Karol Babioch <kbabioch@suse.de>
808 Date: 2018-03-02 14:40:58 +0100
810 opj_mj2_extract: Check provided output prefix for length
812 This uses snprintf() with correct buffer length instead of sprintf(), which
813 prevents a buffer overflow when providing a long output prefix. Furthermore
814 the program exits with an error when the provided output prefix is too long.
818 commit ee827ad3f32469d4854b2da71c9703a2af359f9f
819 Merge: 5d94bcd 1eb9a57
820 Author: Even Rouault <even.rouault@spatialys.com>
821 Date: 2018-09-22 23:05:54 +0200
823 Merge branch 'pr1107'
825 commit 1eb9a57ac1216209a4d9adf87bc47ba19810d3b3
826 Author: szukw000 <szukw000@arcor.de>
827 Date: 2018-03-13 18:11:54 +0100
829 opj_mj2_extract: Avoid segfault for long filenames
831 commit 5d94bcd89c6e281614955c56cbfebb11b866a9dd
832 Merge: b54c06f 0fa7ebe
833 Author: Even Rouault <even.rouault@mines-paris.org>
834 Date: 2018-09-22 22:59:36 +0200
836 Merge pull request #1136 from reverson/master
840 commit b54c06fb350d318c8e74755710b3480eae3b9911
841 Merge: 17bbb0e 4aaf52e
842 Author: Even Rouault <even.rouault@mines-paris.org>
843 Date: 2018-09-22 22:59:17 +0200
845 Merge pull request #1119 from stweil/ssize_t
847 Use local type declaration for POSIX standard type only for MS compiler
849 commit 17bbb0e23ff03bb722914841a9b962b21fe7a310
850 Merge: ccc4441 3d6ffaf
851 Author: Even Rouault <even.rouault@mines-paris.org>
852 Date: 2018-09-22 22:55:33 +0200
854 Merge pull request #1128 from stweil/typos
856 Fix some typos in code comments and documentation
858 commit ccc4441aeb7bf4928e55bd543fab8de662f6d5e7
859 Merge: c6ee006 24fd3ce
860 Author: Even Rouault <even.rouault@mines-paris.org>
861 Date: 2018-09-22 22:54:51 +0200
863 Merge pull request #1140 from bukatlib/fix_relpath
865 Relative path to header files is hardcoded in OpenJPEGConfig.cmake.in file
867 commit c6ee006250b093f443e226288c6c866c5ebe12f5
868 Merge: 2d28610 98363e2
869 Author: Even Rouault <even.rouault@mines-paris.org>
870 Date: 2018-09-22 22:47:27 +0200
872 Merge pull request #1141 from szukw000/changes-in-pnmtoimage
874 Changes in pnmtoimage if image data are missing
876 commit 2d2861036cfb68560e0cf21340760781ea78595d
877 Merge: 1b9a81d 31a03b3
878 Author: Even Rouault <even.rouault@mines-paris.org>
879 Date: 2018-09-22 22:28:04 +0200
881 Merge pull request #1143 from stweil/format
883 openjp2/jp2: Fix two format strings
885 commit 1b9a81dff7c22ed0cb22bf1033e6dfee1292da31
886 Merge: 9d1a9dc c28ed52
887 Author: Even Rouault <even.rouault@mines-paris.org>
888 Date: 2018-09-22 22:27:14 +0200
890 Merge pull request #1149 from rouault/fix_knownfailures
892 Update knownfailures- files given current configurations
894 commit c28ed521633c074f1e4891208028fe97f7602a14
895 Author: Even Rouault <even.rouault@spatialys.com>
896 Date: 2018-09-22 21:56:50 +0200
898 Update knownfailures- files given current configurations
900 commit ca16fe55014c57090dd97369256c7657aeb25975
901 Author: Hugo Lefeuvre <hle@debian.org>
902 Date: 2018-09-22 14:33:19 -0400
904 convertbmp: fix issues with zero bitmasks
906 In the case where a BMP file declares compression 3 (BI_BITFIELDS)
907 with header size <= 56, all bitmask values keep their initialization
908 value 0. This may lead to various undefined behavior later e.g. when
909 doing 1 << (l_comp->prec - 1).
911 This issue does not affect files with bit count 16 because of a check
912 added in 16240e2 which sets default values to the color masks if they
915 This commit adds similar checks for the 32 bit case.
917 Also, if a BMP file declares compression 3 with header size >= 56 and
918 intentional 0 bitmasks, the same issue will be triggered in both the
919 16 and 32 bit count case.
921 This commit adds checks to bmp_read_info_header() rejecting BMP files
922 with "intentional" 0 bitmasks. These checks might be removed in the
923 future when proper handling of zero bitmasks will be available in
926 fixes #1057 (CVE-2018-5785)
928 commit 31a03b390a77bfbe4b0f140121d1296acb611f76
929 Author: Stefan Weil <sw@weilnetz.de>
930 Date: 2018-09-05 21:51:30 +0200
932 openjp2/jp2: Fix two format strings
936 src/lib/openjp2/jp2.c:1008:35: warning:
937 too many arguments for format [-Wformat-extra-args]
938 src/lib/openjp2/j2k.c:1928:73: warning:
939 format ‘%d’ expects argument of type ‘int’, but argument 4 has type ‘OPJ_OFF_T {aka long int}’ [-Wformat=]
941 Signed-off-by: Stefan Weil <sw@weilnetz.de>
943 commit 3d6ffaf3f3463b62830f88f50a8c1b510f555eb5
944 Author: Stefan Weil <sw@weilnetz.de>
945 Date: 2018-07-30 21:04:28 +0200
947 Fix some typos in code comments and documentation
949 All typos were found by Codespell.
951 Signed-off-by: Stefan Weil <sw@weilnetz.de>
953 commit 98363e244e027c731f73ee8239d3c19451a9153b
954 Author: szukw000 <szukw000@arcor.de>
955 Date: 2018-08-31 16:24:41 +0200
957 Changes in pnmtoimage if image data are missing
959 commit 24fd3ce777a64b8b315cfe1ee642ec7b1cc6aa97
960 Author: Libor Bukata <libor.bukata@oracle.com>
961 Date: 2018-08-31 12:57:40 +0200
963 The change makes a relative path to header files
964 always correct regardless of the number of sub-
965 directories in OPENJPEG_INSTALL_PACKAGE_DIR variable.