1 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
2 <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
4 <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
5 <meta name="keywords" content="OpenJPEG, current, changes, changelog" />
6 <meta name="description" content="Log of changes in the package" />
7 <link rel="stylesheet" type="text/css" href="../../../css/common.css" />
8 <link rel="stylesheet" type="text/css" href="../../../css/changelog.css" />
12 OpenJPEG current: changelog
18 <table cellpadding='0' cellspacing='0'><tr><td align='center'><h1 class='tool'><a title='Home: ABI tracker for OpenJPEG' href='../../../timeline/openjpeg/index.html' class='tool'>ABI<br/>Tracker</a></h1></td><td width='30px;'></td><td><h1>(OpenJPEG)</h1></td></tr></table><hr/>
21 <h1>Changelog from Git</h1><br/><br/>
22 <div class='changelog'>
23 <pre class='wrap'>commit e252438d5e23e6ba9561e73a5a4754713bfd626a
24 Merge: 98150d0 79b199a
25 Author: Even Rouault <even.rouault@spatialys.com>
26 Date: 2020-06-22 22:12:08 +0200
28 Merge pull request #1258 from sebras/fix-issue-1257
30 openjp2: Plug memory leak when setting data as TLS fails.
32 commit 79b199a8fee2a0d51d4389fcde3f5f4dd01971eb
33 Author: Sebastian Rasmussen <sebras@gmail.com>
34 Date: 2020-06-23 02:18:19 +0800
36 openjp2: Plug memory leak when setting data as TLS fails.
38 Previously the Tier 1 handle was not freed when setting it as
41 This fixes issue #1257.
43 commit 98150d09422149305c9c8648337a744df5786fbe
44 Merge: 25fb144 93b9f72
45 Author: Even Rouault <even.rouault@spatialys.com>
46 Date: 2020-06-22 21:03:23 +0200
48 Merge pull request #1256 from sebras/master
50 openjp2: Error out if failing to create Tier 1 handle.
52 commit 93b9f7236ce09614ea5edcb0f616f1b4095c4830
53 Author: Sebastian Rasmussen <sebras@gmail.com>
54 Date: 2020-06-23 02:18:19 +0800
56 openjp2: Error out if failing to create Tier 1 handle.
58 Previously when the handle failed to be created (e.g. when
59 opj_calloc returned NULL due to low memory), the code still
60 assumed that the t1 handle pointer was valid and dereferenced
61 NULL, causing a crash. After this commit OpenJPEG will instead
62 error out under this condition.
64 This fixes issue #1255.
66 commit 25fb144c42f97489594302e1e6ff886791e0a5b3
67 Author: szukw000 <szukw000@arcor.de>
68 Date: 2020-06-10 17:40:50 +0200
70 Testing for invalid values of width, height, numcomps (#1254)
72 commit 19ef7f26c43f689b627aad642da7f6150893b863
73 Merge: 1d358f2 f3ee448
74 Author: Even Rouault <even.rouault@spatialys.com>
75 Date: 2020-05-20 21:10:55 +0200
77 Merge pull request #1211 from sebras/master
79 Add check to validate SGcod/SPcoc/SPcod parameter values.
81 commit 1d358f25c8eabbc7c274bcc148f4f5d594ec13fe
82 Merge: 64689d0 4edb8c8
83 Author: Even Rouault <even.rouault@spatialys.com>
84 Date: 2020-05-20 20:29:31 +0200
86 Merge pull request #1246 from rouault/write_plt
88 Add support for generation of PLT markers in encoder
90 commit 4edb8c83374f52cd6a8f2c7c875e8ffacccb5fa5
91 Author: Even Rouault <even.rouault@spatialys.com>
92 Date: 2020-04-21 15:55:44 +0200
94 Add support for generation of PLT markers in encoder
96 * -PLT switch added to opj_compress
97 * Add a opj_encoder_set_extra_options() function that
98 accepts a PLT=YES option, and could be expanded later
103 Testing with a Sentinel2 10m band, T36JTT_20160914T074612_B02.jp2,
104 coming from S2A_MSIL1C_20160914T074612_N0204_R135_T36JTT_20160914T081456.SAFE
106 Decompress it to TIFF:
108 opj_uncompress -i T36JTT_20160914T074612_B02.jp2 -o T36JTT_20160914T074612_B02.tif
111 Recompress it with similar parameters as original:
113 opj_compress -n 5 -c [256,256],[256,256],[256,256],[256,256],[256,256] -t 1024,1024 -PLT -i T36JTT_20160914T074612_B02.tif -o T36JTT_20160914T074612_B02_PLT.jp2
116 Dump codestream detail with GDAL dump_jp2.py utility (https://github.com/OSGeo/gdal/blob/master/gdal/swig/python/samples/dump_jp2.py)
118 python dump_jp2.py T36JTT_20160914T074612_B02.jp2 > /tmp/dump_sentinel2_ori.txt
119 python dump_jp2.py T36JTT_20160914T074612_B02_PLT.jp2 > /tmp/dump_sentinel2_openjpeg_plt.txt
122 The diff between both show very similar structure, and identical number of packets in PLT markers
124 Now testing with Kakadu (KDU803_Demo_Apps_for_Linux-x86-64_200210)
126 Full file decompression:
128 kdu_expand -i T36JTT_20160914T074612_B02_PLT.jp2 -o tmp.tif
130 Consumed 121 tile-part(s) from a total of 121 tile(s).
131 Consumed 80,318,806 codestream bytes (excluding any file format) = 5.329697
133 Processed using the multi-threaded environment, with
134 8 parallel threads of execution
137 Partial decompresson (presumably using PLT markers):
139 kdu_expand -i T36JTT_20160914T074612_B02.jp2 -o tmp.pgm -region "{0.5,0.5},{0.01,0.01}"
140 kdu_expand -i T36JTT_20160914T074612_B02_PLT.jp2 -o tmp2.pgm -region "{0.5,0.5},{0.01,0.01}"
141 diff tmp.pgm tmp2.pgm && echo "same !"
146 Funded by ESA for S2-MPC project
148 commit 64689d05dfaaf52105581d93fb1eb173b20829a4
149 Author: Even Rouault <even.rouault@spatialys.com>
150 Date: 2020-04-18 18:25:44 +0200
152 struct opj_j2k: remove unused fields, and add some documentation
154 commit 774889a328abd5d3c280d9a897f1ac4c672cb0e5
155 Merge: b6b7e96 271a71e
156 Author: Even Rouault <even.rouault@spatialys.com>
157 Date: 2020-04-17 00:39:46 +0200
159 Merge pull request #1244 from rouault/fix_pi_warnings
161 Fix warnings about signed/unsigned casts in pi.c
163 commit b6b7e96b0cf7819ef6a2e8ba2f8bdaaf938326ed
164 Author: szukw000 <szukw000@arcor.de>
165 Date: 2020-04-17 00:37:33 +0200
167 color_apply_icc_profile: add checks on the number of components (#1236)
169 commit 040e142288e90c9c2d46d25d0a27f828f968bb93
170 Author: Eduardo Barretto <edusbarretto@gmail.com>
171 Date: 2020-04-16 19:09:40 -0300
173 jp3d/jpwl/mj2/jpip: Fix resource leaks (#1226)
175 This issues were found by cppcheck and coverity.
177 commit 271a71ef0f1dd4740c9f4474279c7da8d15850c9
178 Author: Even Rouault <even.rouault@spatialys.com>
179 Date: 2020-04-16 20:52:44 +0200
181 Fix warnings about signed/unsigned casts in pi.c
183 commit 221a801a97a3ea968a311f7905c18a1eb7f034c4
184 Author: Even Rouault <even.rouault@spatialys.com>
185 Date: 2020-04-16 20:33:22 +0200
187 Rename mis-named function opj_tcd_get_encoded_tile_size() to opj_tcd_get_encoder_input_buffer_size()
189 commit 9c1cfb034a8cf24eb5e35fe9c7074fd079d14b80
190 Merge: 563ecfb 1c54024
191 Author: Even Rouault <even.rouault@spatialys.com>
192 Date: 2020-04-01 22:00:19 +0200
194 Merge pull request #1240 from rouault/fix_crash_opj_decompress
196 opj_decompress: add sanity checks to avoid segfault in case of decoding error
198 commit 1c54024165fd5db0e6047f28903274eb27d0980f
199 Author: Even Rouault <even.rouault@spatialys.com>
200 Date: 2020-04-01 20:58:55 +0200
202 opj_decompress: add sanity checks to avoid segfault in case of decoding error
204 Prevent crashes like:
205 opj_decompress -i 0722_5-1_2019.jp2 -o out.ppm -r 4 -t 0
207 where 0722_5-1_2019.jp2 is
208 https://drive.google.com/file/d/1ZxOUZg2-FKjYwa257VFLMpTXRWxEoP0a/view?usp=sharing
210 commit 563ecfb55ca77c0fc5ea19e4885e00f55ec82ca9
211 Author: Even Rouault <even.rouault@spatialys.com>
212 Date: 2020-02-13 09:59:17 +0100
214 opj_compress: improve help message regarding new IMF switch
216 commit 4e5501b3c72a98b3117e68263afb922092c309cf
217 Merge: 2888145 84f3beb
218 Author: Even Rouault <even.rouault@spatialys.com>
219 Date: 2020-02-13 09:54:20 +0100
221 Merge pull request #1235 from rouault/imf
223 Implement writing of IMF profiles
225 commit 84f3bebbff515f2b00ccf0c817930ebb10b91760
226 Author: Even Rouault <even.rouault@spatialys.com>
227 Date: 2020-02-12 15:55:16 +0100
229 Implement writing of IMF profiles
231 Add -IMF switch to opj_compress as well
233 commit fffe32adcb9f41a00805f4120012be9625ba450a
234 Author: Even Rouault <even.rouault@spatialys.com>
235 Date: 2020-02-12 15:55:02 +0100
237 openjpeg.h: fix values of OPJ_PROFILE_IMF_ constants
239 commit 28881453f6b1ae68a357557999498a11a2bc8b7e
240 Merge: 647f9b1 b5cb419
241 Author: Even Rouault <even.rouault@spatialys.com>
242 Date: 2020-02-10 11:20:20 +0100
244 Merge pull request #1234 from rouault/md5_libtiff_4_1
246 tests: add alternate checksums for libtiff 4.1
248 commit b5cb419faff300fdbc0b4e98dab5c9010db6f39d
249 Author: Even Rouault <even.rouault@spatialys.com>
250 Date: 2020-02-07 21:53:10 +0100
252 tests: add alternate checksums for libtiff 4.1
256 libtiff 4.1 slightly modifies the way it generates files. So
257 add the new expected md5sum.
259 Not super elegant solution admitedly.
261 commit 647f9b118d12819c63635eea65909b0e49e0f201
262 Merge: b63a433 05f9b91
263 Author: Even Rouault <even.rouault@spatialys.com>
264 Date: 2020-01-30 13:07:31 +0100
266 Merge pull request #1232 from rouault/fix_1231
268 opj_tcd_init_tile(): avoid integer overflow
270 commit 05f9b91e60debda0e83977e5e63b2e66486f7074
271 Author: Even Rouault <even.rouault@spatialys.com>
272 Date: 2020-01-30 00:59:57 +0100
274 opj_tcd_init_tile(): avoid integer overflow
276 That could lead to later assertion failures.
278 Fixes #1231 / CVE-2020-8112
280 commit b63a433ba168bad5fa10e83de04d6305e6a222e2
281 Author: Max Moroz <dor3s1@gmail.com>
282 Date: 2020-01-13 09:07:54 -0800
284 tests/fuzzers: link fuzz binaries using $LIB_FUZZING_ENGINE. (#1230)
286 This was changed some time ago (https://google.github.io/oss-fuzz/getting-started/new-project-guide/) but the build didn't fail as there is a fallback mechanism. The main advantage of the new approach is that for libFuzzer this produces more performant binaries (as `$LIB_FUZZING_ENGINE` expands into `-fsanitize=fuzzer`, which links libFuzzer from the compiler-rt, allowing better optimization tricks).
288 I'm also experimenting with dataflow (https://github.com/google/oss-fuzz/issues/1632) on your project, and the dataflow config doesn't have a fallback (as it's a new configuration), therefore I'm proposing a change to migrate from `-lFuzzingEngine` to `$LIB_FUZZING_ENGINE`.
290 commit 46c1eff9e98bbcf794d042f7b2e3d45556e805ce
291 Merge: ac37373 024b840
292 Author: Even Rouault <even.rouault@spatialys.com>
293 Date: 2020-01-11 11:29:11 +0100
295 Merge pull request #1229 from rouault/fix_1228
297 opj_j2k_update_image_dimensions(): reject images whose coordinates are beyond INT_MAX (fixes #1228)
299 commit 024b8407392cb0b82b04b58ed256094ed5799e04
300 Author: Even Rouault <even.rouault@spatialys.com>
301 Date: 2020-01-11 01:51:19 +0100
303 opj_j2k_update_image_dimensions(): reject images whose coordinates are beyond INT_MAX (fixes #1228)
305 commit ac3737372a00b8778b528094dd5bd58a74f67d42
306 Merge: 9701b33 4cb1f66
307 Author: Even Rouault <even.rouault@spatialys.com>
308 Date: 2019-11-17 13:08:41 +0100
310 Merge pull request #1217 from rouault/fix_ossfuzz_18979
312 pi.c: avoid integer overflow, resulting in later invalid access to memory in opj_t2_decode_packets()
314 commit 9701b3305db58d35e4446946309f88937e2f5342
315 Author: Robert Ancell <robert.ancell@gmail.com>
316 Date: 2019-11-17 15:09:59 +1300
318 JPWL: convert: Fix buffer overflow reading an image file less than four characters (#1196)
322 commit cb332992a7c84316824b1c4810103ee4f190937c
323 Merge: 5875a6b 016f80a
324 Author: Even Rouault <even.rouault@spatialys.com>
325 Date: 2019-11-17 02:47:26 +0100
327 Merge pull request #1218 from rouault/fix_broken_abi_check
329 abi-check.sh: fix false postive ABI error, and display output error log
331 commit 016f80ae2106c2b1b5bca08a684b0bd082e231e6
332 Author: Even Rouault <even.rouault@spatialys.com>
333 Date: 2019-11-17 01:35:26 +0100
335 abi-check.sh: fix false postive ABI error, and display output error log
337 There is currently a false positive ABI check failure between v2.3.1
338 and current. It disappears when removing the generated reports of v2.3.1
339 and recreating them. It is likely that some tooling has evolved since
340 the initial v2.3.1 report generation.
342 commit 4cb1f663049aab96e122d1ff16f601d0cc0be976
343 Author: Even Rouault <even.rouault@spatialys.com>
344 Date: 2019-11-17 01:18:26 +0100
346 pi.c: avoid integer overflow, resulting in later invalid access to memory in opj_t2_decode_packets(). Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18979
348 commit 5875a6b44618fb7dfd5cd6d742533eaee2014060
349 Author: Even Rouault <even.rouault@spatialys.com>
350 Date: 2019-10-03 11:04:30 +0200
352 opj_tcd_mct_decode()/opj_mct_decode()/opj_mct_encode_real()/opj_mct_decode_real(): proper deal with a number of samples larger than 4 billion (refs #1151)
354 commit f3ee448815eb992b8d4746e32c05e8289f30415f
355 Author: Sebastian Rasmussen <sebras@gmail.com>
356 Date: 2018-10-31 15:56:11 +0100
358 openjp2/j2k: Validate all SGcod/SPcod/SPcoc parameter values.
360 Previously the multiple component transformation SGcod(C)
361 and wavelet transformation SPcod(H)/SPcoc(E) parameter
362 values were never checked, allowing for out of range values.
364 The lack of validation allowed the bit stream provided in
365 issue #1158 through. After this commit an error message
366 points to the marker segments' parameters as being out of
369 input/nonregression/edf_c2_20.jp2 contains an SPcod(H) value
370 of 17, but according to Table A-20 of the specification only
371 values 0 and 1 are valid. input/nonregression/issue826.jp2
372 contains a SGcod(B) value of 2, but according to Table A-17
373 of the specification only values 0 and 1 are valid.
374 input/nonregression/oss-fuzz2785.jp2 contains a SGcod(B)
375 value of 32, but it is likewise limited to 0 or 1. These test
376 cases have been updated to consistently fail to parse the
377 headers since they contain out of bounds values.
379 This fixes issue #1210.
381 commit d801bd4e6287d13b65a48775ebd43fca350b21d9
382 Author: Sebastian Rasmussen <sebras@gmail.com>
383 Date: 2019-09-04 01:18:37 +0200
385 openjp2/j2k: Make comments adhere to specification.
387 The function is used to read both SPcod and SPcoc, so all
388 comments should refer to both marker segments' parameter names.
390 commit e66125fe260deee49fdf6e9978d9bd29871dd5bb
391 Merge: 8db9d25 b275196
392 Author: Even Rouault <even.rouault@spatialys.com>
393 Date: 2019-09-03 17:03:54 +0200
395 Merge pull request #1164 from sebras/master
397 openjp2/j2k: Report error if all wanted components are not decoded.
399 commit 8db9d25dcf360528fd1e094e4f9274c0635e90cc
400 Author: Even Rouault <even.rouault@spatialys.com>
401 Date: 2019-06-15 09:55:16 +0200
403 opj_decompress_fuzzer: remove checks regarding input dimensions (fixes #1079)
405 commit f4d65783593fd0490e0fdb9f323f2d5aff81a21d
406 Author: Even Rouault <even.rouault@spatialys.com>
407 Date: 2019-05-26 11:06:01 +0200
409 test_decode_area.c: assign tdy to *ptileh instead of *ptilew (fixes #1195)
411 commit 9b7620ee7a3d72bfcdbebd78e607c5ee8aa7fade
412 Merge: 4f447c6 3aef207
413 Author: Even Rouault <even.rouault@spatialys.com>
414 Date: 2019-04-26 19:52:52 +0200
416 Merge pull request #1185 from Young-X/fix
418 Fix several potential vulnerabilities
420 commit 4f447c6e18444a4182f7844d25033861eee8df55
421 Merge: 5dd75f6 a94cfbd
422 Author: Even Rouault <even.rouault@spatialys.com>
423 Date: 2019-04-25 15:32:22 +0200
425 Merge pull request #1192 from rouault/poc_fixes
427 compression: emit POC marker when only one single POC is requested (f…
429 commit a94cfbd5334922ca5b63cfac9d2e5e0ec98155be
430 Author: Even Rouault <even.rouault@spatialys.com>
431 Date: 2019-04-25 14:07:46 +0200
433 Change opj_j2k_check_poc_val() to take into account tile number
435 commit bdec5ae2723369be5abba7aaae398aa4ae3225cc
436 Author: Even Rouault <even.rouault@spatialys.com>
437 Date: 2019-04-25 01:29:38 +0200
439 Add test for previous commit
441 commit 6423163141412cb93364de4e33d90bcffefa0885
442 Author: Even Rouault <even.rouault@spatialys.com>
443 Date: 2019-04-25 01:27:02 +0200
445 Fix POC in multi-tile scenarios: avoid almost endless loop when a tile has no POC settings
447 commit b86717fdd36b628ea7ecb5c24f7a086bf5bcd3a7
448 Author: Even Rouault <even.rouault@spatialys.com>
449 Date: 2019-04-25 00:40:04 +0200
451 Add test for previous commit
453 commit 23883458b9de2c57fc1890b42efbd0832c8fbe3b
454 Author: Even Rouault <even.rouault@spatialys.com>
455 Date: 2019-04-25 00:34:44 +0200
457 opj_j2k_check_poc_val(): prevent potential write outside of allocated array
459 commit 6589c609f6d6b3743715fceefbdac6e4ecb76aee
460 Author: Even Rouault <even.rouault@spatialys.com>
461 Date: 2019-04-25 00:28:05 +0200
463 opj_j2k_check_poc_val(): fix starting index for checking layer dimension
465 The standard mandates that the layer index always starts at zero for every
468 commit 1e3a57563defb6aa7cf24ffd2394d4a820e13bda
469 Author: Even Rouault <even.rouault@spatialys.com>
470 Date: 2019-04-25 00:17:13 +0200
472 compression: emit POC marker when only one single POC is requested (fixes #1191)
474 commit 5dd75f62e20efff9f094fd1dbd0d4d00e8b37689
475 Author: Even Rouault <even.rouault@spatialys.com>
476 Date: 2019-04-23 16:52:21 +0200
478 j2k.c: use correct naming convention for total_data_size variable
480 commit 3aef207f90e937d4931daf6d411e092f76d82e66
481 Author: Young Xiao <YangX92@hotmail.com>
482 Date: 2019-03-16 20:09:59 +0800
484 bmp_read_rle4_data(): avoid potential infinite loop
486 commit 21399f6b7d318fcdf4406d5e88723c4922202aa3
487 Author: Young Xiao <YangX92@hotmail.com>
488 Date: 2019-03-16 19:57:27 +0800
490 convertbmp: detect invalid file dimensions early
492 width/length dimensions read from bmp headers are not necessarily
493 valid. For instance they may have been maliciously set to very large
494 values with the intention to cause DoS (large memory allocation, stack
495 overflow). In these cases we want to detect the invalid size as early
498 This commit introduces a counter which verifies that the number of
499 written bytes corresponds to the advertized width/length.
501 See commit 8ee335227bbc for details.
503 Signed-off-by: Young Xiao <YangX92@hotmail.com>
505 commit d0dd894ae24d0f2f09072adf1b966033dd64672d
506 Author: Antonin Descampe <antonin@gmail.com>
507 Date: 2019-04-02 15:37:38 +0200
509 Comment back opj_previous_version in abi_check.sh
511 commit 291e45bb045e63334729ad9a894595f8e1e2b2c7
512 Author: Antonin Descampe <antonin@gmail.com>
513 Date: 2019-04-02 15:12:59 +0200
515 Update version number for automatic abi check
517 commit 57096325457f96d8cd07bd3af04fe81d7a2ba788
518 Author: Antonin Descampe <antonin@gmail.com>
519 Date: 2019-04-02 14:45:15 +0200
521 update token for appveyor auto release
523 commit 8b9a89bc2e61652d30bbc56673f8f03ef464430f
524 Author: Antonin Descampe <antonin@gmail.com>
525 Date: 2019-04-02 14:25:09 +0200
527 update token for automatic release
529 commit d1d422c126cbc2a5435340bd85f4b52ff0477101
530 Author: Antonin Descampe <antonin@gmail.com>
531 Date: 2019-04-02 12:08:52 +0200
533 Update for release 2.3.1
535 commit d3b0b8927acf2e050a6379320d36fc3bb3751fe3
536 Author: Antonin Descampe <info@openjpeg.org>
537 Date: 2019-04-02 11:03:16 +0200
539 Update for release 2.3.1
541 commit c7798bb0c636c89ab7f0bab4d89e7f0136e0e55a
542 Author: Antonin Descampe <info@openjpeg.org>
543 Date: 2019-04-02 11:02:20 +0200
545 update for release 2.3.1
547 commit 8196ab531e79602fe3c947d09d3240c25c358731
548 Author: Antonin Descampe <info@openjpeg.org>
549 Date: 2019-04-02 11:00:58 +0200
551 Update BUILD version for release 2.3.1
553 commit 69a7a312dccebc8b5f28f8a5e4a703cb8d447d44
554 Merge: d6b8aed 5151426
555 Author: Even Rouault <even.rouault@mines-paris.org>
556 Date: 2019-03-29 12:25:39 +0100
558 Merge pull request #1188 from rouault/fix_abi_check
560 abi-check.sh: fix broken download URL
562 commit 5151426d6e6f7f0e1ae6f050aaa7cec6bc4ffd08
563 Author: Even Rouault <even.rouault@spatialys.com>
564 Date: 2019-03-29 11:53:23 +0100
566 abi-check.sh: fix broken download URL
568 commit d6b8aed5612e6be6d3a4053867fbd2ae0cb7c8af
569 Merge: 25b815d a1d32a5
570 Author: Even Rouault <even.rouault@mines-paris.org>
571 Date: 2019-03-29 11:52:38 +0100
573 Merge pull request #1187 from rouault/fix_ubsan_in_opj_t1_encode_cblks
575 opj_t1_encode_cblks: fix UBSAN signed integer overflow
577 commit a1d32a596a94280178c44a55d7e7f1acd992ed5d
578 Author: Even Rouault <even.rouault@spatialys.com>
579 Date: 2019-03-29 11:17:39 +0100
581 opj_t1_encode_cblks: fix UBSAN signed integer overflow
583 Fixes #1053 / CVE-2018-5727
585 Note: I don't consider this issue to be a security vulnerability, in
587 At least with gcc or clang compilers on x86_64 which generate the same
588 assembly code with or without that fix.
590 commit 25b815dc460dbf9def7e6b822c8998727094f85a
591 Author: Even Rouault <even.rouault@spatialys.com>
592 Date: 2019-03-29 10:44:35 +0100
594 Revert "[JPWL] tgatoimage(): avoid excessive memory allocation attempt,"
596 This reverts commit 05be3084460e46282ee63f04c72c451f3271fd28.
598 This commit doesn't compile due to missing OPJ_UINT64 type
600 commit e1740e7ce79d0a1676db4da0f4189b64e85f52cb
601 Author: Even Rouault <even.rouault@spatialys.com>
602 Date: 2019-03-29 10:40:58 +0100
604 Revert "[MJ2] Avoid index out of bounds access to pi->include[]"
606 This reverts commit c277159986c80142180fbe5efb256bbf3bdf3edc.
608 The commit didn't compile. include_size is not defined in openmj2
610 commit b2751967ecabf8d8856e85ab91e25d4f235e2eb3
611 Author: Sebastian Rasmussen <sebras@gmail.com>
612 Date: 2018-10-31 20:22:11 +0100
614 openjp2/j2k: Report error if all wanted components are not decoded.
616 Previously the caller had to check whether each component data had
617 been decoded. This means duplicating the checking in every user of
618 openjpeg which is unnecessary. If the caller wantes to decode all
619 or a set of, or a specific component then openjpeg ought to error
620 out if it was unable to do so.
624 commit 51f097e6d5754ddae93e716276fe8176b44ec548
625 Merge: e7640f5 8ee3352
626 Author: Even Rouault <even.rouault@mines-paris.org>
627 Date: 2018-12-21 16:41:00 +0100
629 Merge pull request #1172 from hlef/master
631 convertbmp: detect invalid file dimensions early (CVE-2018-6616)
633 commit 8ee335227bbcaf1614124046aa25e53d67b11ec3
634 Author: Hugo Lefeuvre <hle@debian.org>
635 Date: 2018-12-14 04:58:40 +0100
637 convertbmp: detect invalid file dimensions early
639 width/length dimensions read from bmp headers are not necessarily
640 valid. For instance they may have been maliciously set to very large
641 values with the intention to cause DoS (large memory allocation, stack
642 overflow). In these cases we want to detect the invalid size as early
645 This commit introduces a counter which verifies that the number of
646 written bytes corresponds to the advertized width/length.
648 Fixes #1059 (CVE-2018-6616).
650 commit e7640f58f122d1228f3d750864543ad4703e18fc
651 Merge: e0f5212 05be308
652 Author: Even Rouault <even.rouault@mines-paris.org>
653 Date: 2018-12-07 21:27:38 +0100
655 Merge pull request #1168 from Young-X/fix_dev
657 Fix multiple potential vulnerabilities and bugs
659 commit 05be3084460e46282ee63f04c72c451f3271fd28
660 Author: Young Xiao <YangX92@hotmail.com>
661 Date: 2018-11-28 14:44:06 +0800
663 [JPWL] tgatoimage(): avoid excessive memory allocation attempt,
664 and fixes unaligned load
666 Signed-off-by: Young Xiao <YangX92@hotmail.com>
668 commit bd88611ed9ad7144ec4f3de54790cd848175891b
669 Author: Young_X <YangX92@hotmail.com>
670 Date: 2018-11-23 17:15:05 +0800
672 [JP3D] To avoid divisions by zero / undefined behaviour on shift (CVE-2018-14423
674 Signed-off-by: Young_X <YangX92@hotmail.com>
676 commit ce9583d1d7627e007a34a31ae4e22a00d78bd153
677 Author: Young_X <YangX92@hotmail.com>
678 Date: 2018-11-23 17:12:06 +0800
680 [JPWL] opj_compress: reorder checks related to code block dimensions to avoid potential int overflow
682 Signed-off-by: Young_X <YangX92@hotmail.com>
684 commit c58df149900df862806d0e892859b41115875845
685 Author: Young_X <YangX92@hotmail.com>
686 Date: 2018-11-23 16:24:19 +0800
688 [OPENJP2] change the way to compute *p_tx0, *p_tx1, *p_ty0, *p_ty1 in function
689 opj_get_encoding_parameters
691 Signed-off-by: Young_X <YangX92@hotmail.com>
693 commit c277159986c80142180fbe5efb256bbf3bdf3edc
694 Author: Young_X <YangX92@hotmail.com>
695 Date: 2018-11-23 16:12:53 +0800
697 [MJ2] Avoid index out of bounds access to pi->include[]
699 Signed-off-by: Young_X <YangX92@hotmail.com>
701 commit e0f5212888c0c1abc5e060a75a3a4a5ff99afd1a
702 Merge: 92023cd 2e5ab1d
703 Author: Even Rouault <even.rouault@mines-paris.org>
704 Date: 2018-11-28 00:04:30 +0100
706 Merge pull request #1170 from rouault/fix_color_apply_icc_profile
708 color_apply_icc_profile: avoid potential heap buffer overflow
710 commit 2e5ab1d9987831c981ff05862e8ccf1381ed58ea
711 Author: Even Rouault <even.rouault@spatialys.com>
712 Date: 2018-11-27 23:31:30 +0100
714 color_apply_icc_profile: avoid potential heap buffer overflow
716 Derived from a patch by Thuan Pham
718 commit 46822d0eddc3324b2a056bc60ffa997027bebd66
719 Author: Young_X <YangX92@hotmail.com>
720 Date: 2018-11-23 15:58:23 +0800
722 [JPWL] imagetotga(): fix read heap buffer overflow if numcomps < 3 (#987)
724 Signed-off-by: Young_X <YangX92@hotmail.com>
726 commit 619e1b086eaa21ebd9b23eb67deee543b07bf06f
727 Author: Young_X <YangX92@hotmail.com>
728 Date: 2018-11-23 15:02:26 +0800
730 [JPWL] fix CVE-2018-16375
732 Signed-off-by: Young_X <YangX92@hotmail.com>
734 commit c5bd64ea146162967c29bd2af0cbb845ba3eaaaf
735 Author: Young_X <YangX92@hotmail.com>
736 Date: 2018-11-23 14:47:36 +0800
738 [MJ2] To avoid divisions by zero / undefined behaviour on shift
740 Signed-off-by: Young_X <YangX92@hotmail.com>
742 commit 92023cd6c377e0384a7725949b25655d4d94dced
743 Merge: c196b23 cab352e
744 Author: Even Rouault <even.rouault@mines-paris.org>
745 Date: 2018-11-16 09:42:19 +0100
747 Merge pull request #1160 from hlef/master
749 jp3d/jpwl convert: fix write stack buffer overflow
751 commit c196b23b90321b5c7e3238294607a2e8626c503f
752 Author: ichlubna <43234438+ichlubna@users.noreply.github.com>
753 Date: 2018-11-16 09:40:31 +0100
755 openjp3d: Int overflow fixed (#1159)
757 When compressing a lot of slices (starting from 44 FullHD slices with 3 8bit components in our experiments) the rate values are high enough to cause an int overflow that leads to negative lengths and wrong results. The cast happens too late.
759 commit cab352e249ed3372dd9355c85e837613fff98fa2
760 Author: Hugo Lefeuvre <hle@debian.org>
761 Date: 2018-11-07 18:48:29 +0100
763 jp2: convert: fix null pointer dereference
765 Tile components in a JP2 image might have null data pointer by defining a
766 zero component size (for example using large horizontal or vertical
767 sampling periods). This null data pointer leads to null image component
768 data pointer, causing crash when dereferenced without != null check in
773 This commit addresses #1152 (CVE-2018-18088).
775 commit 0bc90e4062a5f9258c91eca018c019b179066c62
776 Author: Hugo Lefeuvre <hle@debian.org>
777 Date: 2018-10-22 16:59:41 +0200
779 jp3d/jpwl convert: fix write stack buffer overflow
781 Missing buffer length formatter in fscanf call might lead to write
782 stack buffer overflow.
784 fixes #1044 (CVE-2017-17480)
786 commit 948332e6ed17565100d1df5f6fdbf66865218e36
787 Author: Stefan Weil <sw@weilnetz.de>
788 Date: 2018-10-31 20:44:30 +0100
790 Fix some potential overflow issues (#1161)
792 * Fix some potential overflow issues
794 Put sizeof to the beginning of the multiplication to enforce that
795 size_t instead of smaller integer types is used for the calculation.
797 This fixes warnings from LGTM:
799 Multiplication result may overflow 'unsigned int'
800 before it is converted to 'unsigned long'.
802 It also allows removing some type casts.
804 Signed-off-by: Stefan Weil <sw@weilnetz.de>
806 * Fix code indentation
808 Signed-off-by: Stefan Weil <sw@weilnetz.de>
810 commit e52909f4c7896c5efff3340d707c12d0df55d3f9
811 Merge: cd900d9 943db0f
812 Author: Even Rouault <even.rouault@mines-paris.org>
813 Date: 2018-10-31 20:41:52 +0100
815 Merge pull request #1163 from nforro/memory-and-resource-leaks
817 Fix several memory and resource leaks
819 commit 943db0f1c28ca6a7df6d18483f97166a03be9bf7
820 Author: Nikola Forró <nforro@redhat.com>
821 Date: 2018-10-31 13:39:05 +0100
823 Fix several memory and resource leaks
825 Signed-off-by: Nikola Forró <nforro@redhat.com>
827 commit cd900d96618ab77e79812db654731dd6b5fc7bd8
828 Author: Even Rouault <even.rouault@spatialys.com>
829 Date: 2018-10-18 11:45:45 +0200
831 opj_thread_pool_setup(): fix infinite waiting if a thread creation failed
833 commit 0e6a5553cfef21b764d289585af2c6934a95456b
834 Merge: 8fc09e5 ca16fe5
835 Author: Even Rouault <even.rouault@mines-paris.org>
836 Date: 2018-09-22 23:54:12 +0200
838 Merge pull request #1148 from hlef/master
840 CVE-2018-5785: fix issues with zero bitmasks
842 commit 8fc09e50e557fa6af4c099b9c6d36bb1071ee1ed
843 Author: Even Rouault <even.rouault@spatialys.com>
844 Date: 2018-09-22 23:47:56 +0200
846 opj_jp2_apply_pclr(): remove useless assert that can trigger on some files (fixes #1125)
848 commit aaf48ee6bae91032f025f9ac11592c4085a0d96b
849 Merge: ee827ad cc38247
850 Author: Even Rouault <even.rouault@spatialys.com>
851 Date: 2018-09-22 23:12:50 +0200
853 Merge branch 'pr1095'
855 commit cc3824767bde397fedb8a1ae4786a222ba860c8d
856 Author: Karol Babioch <kbabioch@suse.de>
857 Date: 2018-03-02 14:40:58 +0100
859 opj_mj2_extract: Check provided output prefix for length
861 This uses snprintf() with correct buffer length instead of sprintf(), which
862 prevents a buffer overflow when providing a long output prefix. Furthermore
863 the program exits with an error when the provided output prefix is too long.
867 commit ee827ad3f32469d4854b2da71c9703a2af359f9f
868 Merge: 5d94bcd 1eb9a57
869 Author: Even Rouault <even.rouault@spatialys.com>
870 Date: 2018-09-22 23:05:54 +0200
872 Merge branch 'pr1107'
874 commit 1eb9a57ac1216209a4d9adf87bc47ba19810d3b3
875 Author: szukw000 <szukw000@arcor.de>
876 Date: 2018-03-13 18:11:54 +0100
878 opj_mj2_extract: Avoid segfault for long filenames
880 commit 5d94bcd89c6e281614955c56cbfebb11b866a9dd
881 Merge: b54c06f 0fa7ebe
882 Author: Even Rouault <even.rouault@mines-paris.org>
883 Date: 2018-09-22 22:59:36 +0200
885 Merge pull request #1136 from reverson/master
889 commit b54c06fb350d318c8e74755710b3480eae3b9911
890 Merge: 17bbb0e 4aaf52e
891 Author: Even Rouault <even.rouault@mines-paris.org>
892 Date: 2018-09-22 22:59:17 +0200
894 Merge pull request #1119 from stweil/ssize_t
896 Use local type declaration for POSIX standard type only for MS compiler
898 commit 17bbb0e23ff03bb722914841a9b962b21fe7a310
899 Merge: ccc4441 3d6ffaf
900 Author: Even Rouault <even.rouault@mines-paris.org>
901 Date: 2018-09-22 22:55:33 +0200
903 Merge pull request #1128 from stweil/typos
905 Fix some typos in code comments and documentation
907 commit ccc4441aeb7bf4928e55bd543fab8de662f6d5e7
908 Merge: c6ee006 24fd3ce
909 Author: Even Rouault <even.rouault@mines-paris.org>
910 Date: 2018-09-22 22:54:51 +0200
912 Merge pull request #1140 from bukatlib/fix_relpath
914 Relative path to header files is hardcoded in OpenJPEGConfig.cmake.in file
916 commit c6ee006250b093f443e226288c6c866c5ebe12f5
917 Merge: 2d28610 98363e2
918 Author: Even Rouault <even.rouault@mines-paris.org>
919 Date: 2018-09-22 22:47:27 +0200
921 Merge pull request #1141 from szukw000/changes-in-pnmtoimage
923 Changes in pnmtoimage if image data are missing
925 commit 2d2861036cfb68560e0cf21340760781ea78595d
926 Merge: 1b9a81d 31a03b3
927 Author: Even Rouault <even.rouault@mines-paris.org>
928 Date: 2018-09-22 22:28:04 +0200
930 Merge pull request #1143 from stweil/format
932 openjp2/jp2: Fix two format strings
934 commit 1b9a81dff7c22ed0cb22bf1033e6dfee1292da31
935 Merge: 9d1a9dc c28ed52
936 Author: Even Rouault <even.rouault@mines-paris.org>
937 Date: 2018-09-22 22:27:14 +0200
939 Merge pull request #1149 from rouault/fix_knownfailures
941 Update knownfailures- files given current configurations
943 commit c28ed521633c074f1e4891208028fe97f7602a14
944 Author: Even Rouault <even.rouault@spatialys.com>
945 Date: 2018-09-22 21:56:50 +0200
947 Update knownfailures- files given current configurations