projects / openjpeg.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 9a21e1e)
[trunk] Fixed a crash on 0xh or wx0 image size decoding
authorMatthieu Darbois <mayeut@users.noreply.github.com>
Thu, 18 Dec 2014 22:19:52 +0000 (22:19 +0000)
committerMatthieu Darbois <mayeut@users.noreply.github.com>
Thu, 18 Dec 2014 22:19:52 +0000 (22:19 +0000)
Update  issue 427

src/lib/openjp2/j2k.c patch | blob | history
tests/nonregression/CMakeLists.txt patch | blob | history
tests/nonregression/test_suite.ctest.in patch | blob | history

diff --git a/src/lib/openjp2/j2k.c b/src/lib/openjp2/j2k.c
index ff00d7c4d4c8bb0f045736861bceeb89e06cd8ba..656bf6dedae68ec16e1502c9d0607c3d455f9513 100644 (file)
--- a/src/lib/openjp2/j2k.c
+++ b/src/lib/openjp2/j2k.c
@@ -1981,8 +1981,9 @@ static OPJ_BOOL opj_j2k_read_siz(opj_j2k_t *p_j2k,
         }
 
         /* testcase 4035.pdf.SIGSEGV.d8b.3375 */
-        if (l_image->x0 > l_image->x1 || l_image->y0 > l_image->y1) {
-                opj_event_msg(p_manager, EVT_ERROR, "Error with SIZ marker: negative image size (%d x %d)\n", l_image->x1 - l_image->x0, l_image->y1 - l_image->y0);
+        /* testcase issue427-null-image-size.jp2 */
+        if ((l_image->x0 >= l_image->x1) || (l_image->y0 >= l_image->y1)) {
+                opj_event_msg(p_manager, EVT_ERROR, "Error with SIZ marker: negative or zero image size (%d x %d)\n", l_image->x1 - l_image->x0, l_image->y1 - l_image->y0);
                 return OPJ_FALSE;
         }
         /* testcase 2539.pdf.SIGFPE.706.1712 (also 3622.pdf.SIGFPE.706.2916 and 4008.pdf.SIGFPE.706.3345 and maybe more) */
diff --git a/tests/nonregression/CMakeLists.txt b/tests/nonregression/CMakeLists.txt
index 242e52fe2464f3371e9290c8269438d7d8b00509..be349ec070c607fce2adf635de61419cc0f7c019 100644 (file)
--- a/tests/nonregression/CMakeLists.txt
+++ b/tests/nonregression/CMakeLists.txt
@@ -43,6 +43,7 @@ set(BLACKLIST_JPEG2000_TMP
     edf_c2_1674177.jp2
     edf_c2_1673169.jp2
     issue429.jp2
+    issue427-null-image-size.jp2
    )
 
 # Define a list of file which should be gracefully rejected:
diff --git a/tests/nonregression/test_suite.ctest.in b/tests/nonregression/test_suite.ctest.in
index 4dcc0a6703e31310a7c32588f989310af2f90c72..ace54f947ee30f76fe4dba07e26f7ff17bb26c52 100644 (file)
--- a/tests/nonregression/test_suite.ctest.in
+++ b/tests/nonregression/test_suite.ctest.in
@@ -229,6 +229,8 @@ opj_decompress -i @INPUT_NR_PATH@/issue411-ycc420.jp2 -o @TEMP_PATH@/issue411-yc
 !opj_decompress -i @INPUT_NR_PATH@/issue429.jp2 -o @TEMP_PATH@/issue429.jp2.pgx
 # issue 432 (from pdfium fuzz engine) Overflow in tcd tilec data size computation.
 !opj_decompress -i @INPUT_NR_PATH@/issue432.jp2 -o @TEMP_PATH@/issue432.jp2.pgx
+# issue 427 image width is 0
+!opj_decompress -i @INPUT_NR_PATH@/issue427-null-image-size.jp2 -o @TEMP_PATH@/issue427-null-image-size.jp2.pgx
 
 # decode with specific area
 # prec=12; nb_c=1 
Fork of openjpeg with some changes used by DCP-o-matic.