Lemures Lemniscati [Mon, 14 Dec 2020 14:00:04 +0000 (23:00 +0900)]
Set ${OPENJPEG_INSTALL_DOC_DIR} to DESTINATION of HTMLs
Use ${OPENJPEG_INSTALL_DOC_DIR} as DESTINATION of HTML documents,
instead of share/doc.
Even Rouault [Thu, 10 Dec 2020 14:55:41 +0000 (15:55 +0100)]
Merge pull request #1306 from matthew-sharp/master
Use INC_DIR for OPENJPEG_INCLUDE_DIRS (fixes uclouvain#1174)
Matthew Sharp [Wed, 9 Dec 2020 23:17:46 +0000 (10:17 +1100)]
Use INC_DIR for OPENJPEG_INCLUDE_DIRS (fixes uclouvain#1174)
This fixes the case where the cmake file is accessed via a symlink.
Even Rouault [Sat, 5 Dec 2020 10:39:23 +0000 (11:39 +0100)]
Merge pull request #1304 from rouault/fix_1302
pi.c: avoid out of bounds access with POC (fixes #1302)
Even Rouault [Fri, 4 Dec 2020 19:45:25 +0000 (20:45 +0100)]
pi.c: avoid out of bounds access with POC (fixes #1302)
Even Rouault [Fri, 4 Dec 2020 19:37:43 +0000 (20:37 +0100)]
Merge pull request #1303 from zodf0055980/fix#1283
Encoder: grow again buffer size
yuan [Fri, 4 Dec 2020 11:00:22 +0000 (19:00 +0800)]
Encoder: grow again buffer size in opj_tcd_code_block_enc_allocate_data() (fixes #1283)
Even Rouault [Wed, 2 Dec 2020 22:56:57 +0000 (23:56 +0100)]
Merge pull request #1301 from rouault/fix_1299
opj_j2k_write_sod(): avoid potential heap buffer overflow (fixes #1299) (probably master only)
Even Rouault [Wed, 2 Dec 2020 22:56:39 +0000 (23:56 +0100)]
Merge pull request #1300 from rouault/complement_1293
pi.c: avoid out of bounds access with POC (refs https://github.com/uclouvain/openjpeg/issues/1293#issuecomment-
737122836)
Even Rouault [Wed, 2 Dec 2020 22:56:30 +0000 (23:56 +0100)]
Merge pull request #1298 from rouault/fix_1297
opj_t2_encode_packet(): avoid out of bound access of #1297, but likely not the proper fix
Even Rouault [Wed, 2 Dec 2020 13:10:16 +0000 (14:10 +0100)]
opj_j2k_write_sod(): avoid potential heap buffer overflow (fixes #1299) (probably master only)
Even Rouault [Wed, 2 Dec 2020 13:02:17 +0000 (14:02 +0100)]
pi.c: avoid out of bounds access with POC (refs https://github.com/uclouvain/openjpeg/issues/1293#issuecomment-
737122836)
Even Rouault [Wed, 2 Dec 2020 12:13:26 +0000 (13:13 +0100)]
opj_t2_encode_packet(): avoid out of bound access of #1297, but likely not the proper fix
Even Rouault [Wed, 2 Dec 2020 09:05:39 +0000 (10:05 +0100)]
Merge pull request #1295 from rouault/fix_1293
opj_j2k_setup_encoder(): validate POC compno0 and compno1 (fixes #1293)
Even Rouault [Wed, 2 Dec 2020 09:05:31 +0000 (10:05 +0100)]
Merge pull request #1296 from rouault/workaround_1294
opj_t2_encode_packet(): avoid out of bound access of #1294, but likely not the proper fix
Even Rouault [Tue, 1 Dec 2020 18:39:09 +0000 (19:39 +0100)]
opj_j2k_setup_encoder(): validate POC compno0 (fixes #1293)
Even Rouault [Tue, 1 Dec 2020 18:51:35 +0000 (19:51 +0100)]
opj_t2_encode_packet(): avoid out of bound access of #1294, but likely not the proper fix
Even Rouault [Tue, 1 Dec 2020 10:35:59 +0000 (11:35 +0100)]
Merge pull request #1292 from rouault/fix_1286
Encoder: avoid global buffer overflow on irreversible conversion when…
Even Rouault [Mon, 30 Nov 2020 21:37:07 +0000 (22:37 +0100)]
Encoder: avoid global buffer overflow on irreversible conversion when too many decomposition levels are specified (fixes #1286)
Even Rouault [Mon, 30 Nov 2020 22:28:31 +0000 (23:28 +0100)]
Merge pull request #1291 from rouault/tnsot_zero_missing_eoc
Decoding: deal with some SPOT6 images that have tiles with a single tile-part with TPsot == 0 and TNsot == 0, and with missing EOC
Even Rouault [Mon, 30 Nov 2020 21:31:51 +0000 (22:31 +0100)]
pngtoimage(): fix wrong computation of x1,y1 if -d option is used, that would result in a heap buffer overflow (fixes #1284)
Even Rouault [Mon, 30 Nov 2020 16:36:27 +0000 (17:36 +0100)]
Decoding: deal with some SPOT6 images that have tiles with a single tile-part with TPsot == 0 and TNsot == 0, and with missing EOC
Even Rouault [Fri, 27 Nov 2020 13:25:11 +0000 (14:25 +0100)]
Merge pull request #1288 from zodf0055980/master
Free p_tcd_marker_info to avoid memory leak
yuan [Wed, 25 Nov 2020 16:22:49 +0000 (00:22 +0800)]
Free p_tcd_marker_info to avoid memory leak
Even Rouault [Wed, 25 Nov 2020 15:59:46 +0000 (16:59 +0100)]
Merge pull request #1287 from zodf0055980/master
Encoder: grow again buffer size
yuan [Wed, 25 Nov 2020 12:41:39 +0000 (20:41 +0800)]
Encoder: grow again buffer size in opj_tcd_code_block_enc_allocate_data() (fixes #1283)
Even Rouault [Mon, 23 Nov 2020 17:14:02 +0000 (18:14 +0100)]
Encoder: grow again buffer size in opj_tcd_code_block_enc_allocate_data() (fixes #1283)
Even Rouault [Mon, 23 Nov 2020 12:49:05 +0000 (13:49 +0100)]
Encoder: grow buffer size in opj_tcd_code_block_enc_allocate_data() to avoid write heap buffer overflow in opj_mqc_flush (fixes #1283)
Even Rouault [Mon, 23 Nov 2020 12:38:27 +0000 (13:38 +0100)]
Fix typo in internal function name
Even Rouault [Fri, 9 Oct 2020 11:25:27 +0000 (13:25 +0200)]
Merge pull request #1253 from rouault/floating_point_irreversible_encoding
Single-threaded performance improvements in forward DWT for 5-3 and 9-7 (and other improvements)
Pei JIA [Wed, 23 Sep 2020 09:34:31 +0000 (02:34 -0700)]
Bump Java compatibility from 1.5 to 1.6 (#1263)
Even Rouault [Wed, 16 Sep 2020 09:52:10 +0000 (11:52 +0200)]
Merge pull request #1276 from rouault/fix_1243
Encoder: avoid uint32 overflow when allocating memory for codestream buffer (fixes #1243)
Even Rouault [Wed, 16 Sep 2020 09:27:53 +0000 (11:27 +0200)]
Encoder: avoid uint32 overflow when allocating memory for codestream buffer (fixes #1243)
Even Rouault [Tue, 30 Jun 2020 20:05:13 +0000 (22:05 +0200)]
Merge pull request #1262 from rouault/fix_1261
opj_decompress: fix double-free on input directory with mix of valid and invalid images
Even Rouault [Sun, 28 Jun 2020 12:19:59 +0000 (14:19 +0200)]
opj_decompress: fix double-free on input directory with mix of valid and invalid images (CVE-2020-15389)
Fixes #1261
Credits to @Ruia-ruia for reporting and analysis.
Even Rouault [Mon, 22 Jun 2020 20:35:44 +0000 (22:35 +0200)]
Merge pull request #1260 from sebras/fix-issue-1259
openjp2: Plug image leak when failing to allocate codestream index.
Even Rouault [Mon, 22 Jun 2020 20:12:08 +0000 (22:12 +0200)]
Merge pull request #1258 from sebras/fix-issue-1257
openjp2: Plug memory leak when setting data as TLS fails.
Sebastian Rasmussen [Mon, 22 Jun 2020 18:18:19 +0000 (02:18 +0800)]
openjp2: Plug image leak when failing to allocate codestream index.
This fixes issue #1259.
Sebastian Rasmussen [Mon, 22 Jun 2020 18:18:19 +0000 (02:18 +0800)]
openjp2: Plug memory leak when setting data as TLS fails.
Previously the Tier 1 handle was not freed when setting it as
TLS failed.
This fixes issue #1257.
Even Rouault [Mon, 22 Jun 2020 19:03:23 +0000 (21:03 +0200)]
Merge pull request #1256 from sebras/master
openjp2: Error out if failing to create Tier 1 handle.
Sebastian Rasmussen [Mon, 22 Jun 2020 18:18:19 +0000 (02:18 +0800)]
openjp2: Error out if failing to create Tier 1 handle.
Previously when the handle failed to be created (e.g. when
opj_calloc returned NULL due to low memory), the code still
assumed that the t1 handle pointer was valid and dereferenced
NULL, causing a crash. After this commit OpenJPEG will instead
error out under this condition.
This fixes issue #1255.
szukw000 [Wed, 10 Jun 2020 15:40:50 +0000 (17:40 +0200)]
Testing for invalid values of width, height, numcomps (#1254)
Even Rouault [Sun, 24 May 2020 13:38:21 +0000 (15:38 +0200)]
T1 encoder: speed-up by aggressive inlining and more cache friendly data organization
~ 9% speed improvement seen on 10980x10980 uint16 image, T36JTT_20160914T074612_B02.tif
opj_compress time from 17.2s to 15.8s
Even Rouault [Fri, 22 May 2020 21:57:51 +0000 (23:57 +0200)]
Forward DWT 9-7: major speed up by vectorizing vertical pass
`bench_dwt -I -encode` times goes from 8.6s to 2.1s
Even Rouault [Fri, 22 May 2020 15:50:15 +0000 (17:50 +0200)]
Forward DWT 5-3: major speed up by vectorizing vertical pass
`bench_dwt -encode` times goes from 7.9s to 1.7s
Even Rouault [Fri, 22 May 2020 13:58:47 +0000 (15:58 +0200)]
Forward DWT: small code refactoring to allow future improvements for the vertical pass
Even Rouault [Fri, 22 May 2020 13:06:29 +0000 (15:06 +0200)]
dwt.c: remove unused typedef
Even Rouault [Fri, 22 May 2020 13:03:40 +0000 (15:03 +0200)]
Forward DWT 5x3: performance improvements in horizontal pass, and modest in vertical pass
Even Rouault [Thu, 21 May 2020 19:20:19 +0000 (21:20 +0200)]
Forward DWT: small code refactoring to allow future improvements for the horizontal pass
Even Rouault [Thu, 21 May 2020 14:54:48 +0000 (16:54 +0200)]
Speed-up 9x7 IDWD by ~30% with OPJ_NUM_THREADS=2
"bench_dwt -I" time goes from 2.2s to 1.5s
Even Rouault [Thu, 21 May 2020 09:24:29 +0000 (11:24 +0200)]
Remove useless + 5U margin in opj_dwt_decode_tile_97()
Nothing in code analysis nor test suite shows that this margin is
needed.
It dates back to commit
dbeebe72b9d35f6ff807c21c7f217b569fa894f6
where vector 9x7 decoding was introduced.
Even Rouault [Thu, 21 May 2020 09:23:00 +0000 (11:23 +0200)]
Speed-up 9x7 IDWD by ~20%
"bench_dwt -I" time goes from 2.8s to 2.2s
Even Rouault [Wed, 20 May 2020 21:20:48 +0000 (23:20 +0200)]
bench_dwt.c: add a -I switch to test irreversible FWDT/IDWT
Even Rouault [Wed, 20 May 2020 19:10:55 +0000 (21:10 +0200)]
Merge pull request #1211 from sebras/master
Add check to validate SGcod/SPcoc/SPcod parameter values.
Even Rouault [Wed, 20 May 2020 17:24:09 +0000 (19:24 +0200)]
Irreversible decoding: partially revert previous commit, to fix failures in test suite
Even Rouault [Wed, 20 May 2020 16:00:45 +0000 (18:00 +0200)]
Irreversible compression/decompression DWT: use 1/K constant as per standard
The previous constant opj_c13318 was mysteriously equal to 2/K , and in
the DWT, we had to divide K and opj_c13318 by 2... The issue was that the
band->stepsize computation in tcd.c didn't take into account the log2gain of
the band.
The effect of this change is expected to be mostly equivalent to the previous
situation, except some difference in rounding. But it leads to a dramatic
reduction of the mean square error and peak error in the irreversible encoding
of issue141.tif !
Even Rouault [Wed, 20 May 2020 11:14:16 +0000 (13:14 +0200)]
Irreversible decoding: align code more closely to the standard by avoid messing up with stepsize (no functional change)
Even Rouault [Wed, 20 May 2020 09:36:05 +0000 (11:36 +0200)]
opj_dwt_encode_1_real(): avoid many bound comparisons, similarly to decoding side
Even Rouault [Tue, 19 May 2020 20:26:22 +0000 (22:26 +0200)]
opj_j2k_setup_encoder(): add validation of tile width and height to avoid potential division by zero
Even Rouault [Tue, 19 May 2020 17:45:00 +0000 (19:45 +0200)]
opj_mct_encode_real(): add SSE optimization
Even Rouault [Tue, 19 May 2020 16:03:58 +0000 (18:03 +0200)]
Testing: revise testing of lossy encoding by comparing PEAK and MSE with original image
Even Rouault [Tue, 19 May 2020 16:03:29 +0000 (18:03 +0200)]
compare_images.c: code reformatting
Even Rouault [Mon, 18 May 2020 18:17:07 +0000 (20:17 +0200)]
tcd.c: add comment
Even Rouault [Mon, 18 May 2020 18:15:07 +0000 (20:15 +0200)]
Encoder: use floating-point operations for irreversible transformation
Even Rouault [Mon, 18 May 2020 16:09:10 +0000 (18:09 +0200)]
dwt.c: change sign of constants to match standard and compensate (no functional change)
Even Rouault [Thu, 30 Apr 2020 09:52:42 +0000 (11:52 +0200)]
Add multithreaded support in the DWT encoder.
Update the bench_dwt utility to have a -decode/-encode switch
Measured performance gains for DWT encoder on a
Intel(R) Core(TM) i7-6700HQ CPU @ 2.60GHz (4 cores, hyper threaded)
Encoding time:
$ ./bin/bench_dwt -encode -num_threads 1
time for dwt_encode: total = 8.348 s, wallclock = 8.352 s
$ ./bin/bench_dwt -encode -num_threads 2
time for dwt_encode: total = 9.776 s, wallclock = 4.904 s
$ ./bin/bench_dwt -encode -num_threads 4
time for dwt_encode: total = 13.188 s, wallclock = 3.310 s
$ ./bin/bench_dwt -encode -num_threads 8
time for dwt_encode: total = 30.024 s, wallclock = 4.064 s
Scaling is probably limited by memory access patterns causing
memory access to be the bottleneck.
The slightly worse results with threads==8 than with thread==4
is due to hyperthreading being not appropriate here.
Even Rouault [Wed, 29 Apr 2020 09:50:17 +0000 (11:50 +0200)]
Add multithreading support in the T1 (entropy phase) encoder
- API wise, opj_codec_set_threads() can be used on the encoding side
- opj_compress has a -threads switch similar to opj_uncompress
Even Rouault [Wed, 20 May 2020 18:29:31 +0000 (20:29 +0200)]
Merge pull request #1246 from rouault/write_plt
Add support for generation of PLT markers in encoder
Even Rouault [Tue, 21 Apr 2020 13:55:44 +0000 (15:55 +0200)]
Add support for generation of PLT markers in encoder
* -PLT switch added to opj_compress
* Add a opj_encoder_set_extra_options() function that
accepts a PLT=YES option, and could be expanded later
for other uses.
-------
Testing with a Sentinel2 10m band, T36JTT_20160914T074612_B02.jp2,
coming from S2A_MSIL1C_20160914T074612_N0204_R135_T36JTT_20160914T081456.SAFE
Decompress it to TIFF:
```
opj_uncompress -i T36JTT_20160914T074612_B02.jp2 -o T36JTT_20160914T074612_B02.tif
```
Recompress it with similar parameters as original:
```
opj_compress -n 5 -c [256,256],[256,256],[256,256],[256,256],[256,256] -t 1024,1024 -PLT -i T36JTT_20160914T074612_B02.tif -o T36JTT_20160914T074612_B02_PLT.jp2
```
Dump codestream detail with GDAL dump_jp2.py utility (https://github.com/OSGeo/gdal/blob/master/gdal/swig/python/samples/dump_jp2.py)
```
python dump_jp2.py T36JTT_20160914T074612_B02.jp2 > /tmp/dump_sentinel2_ori.txt
python dump_jp2.py T36JTT_20160914T074612_B02_PLT.jp2 > /tmp/dump_sentinel2_openjpeg_plt.txt
```
The diff between both show very similar structure, and identical number of packets in PLT markers
Now testing with Kakadu (KDU803_Demo_Apps_for_Linux-x86-64_200210)
Full file decompression:
```
kdu_expand -i T36JTT_20160914T074612_B02_PLT.jp2 -o tmp.tif
Consumed 121 tile-part(s) from a total of 121 tile(s).
Consumed 80,318,806 codestream bytes (excluding any file format) = 5.329697
bits/pel.
Processed using the multi-threaded environment, with
8 parallel threads of execution
```
Partial decompresson (presumably using PLT markers):
```
kdu_expand -i T36JTT_20160914T074612_B02.jp2 -o tmp.pgm -region "{0.5,0.5},{0.01,0.01}"
kdu_expand -i T36JTT_20160914T074612_B02_PLT.jp2 -o tmp2.pgm -region "{0.5,0.5},{0.01,0.01}"
diff tmp.pgm tmp2.pgm && echo "same !"
```
-------
Funded by ESA for S2-MPC project
Even Rouault [Sat, 18 Apr 2020 16:25:44 +0000 (18:25 +0200)]
struct opj_j2k: remove unused fields, and add some documentation
Even Rouault [Thu, 16 Apr 2020 22:39:46 +0000 (00:39 +0200)]
Merge pull request #1244 from rouault/fix_pi_warnings
Fix warnings about signed/unsigned casts in pi.c
szukw000 [Thu, 16 Apr 2020 22:37:33 +0000 (00:37 +0200)]
color_apply_icc_profile: add checks on the number of components (#1236)
Eduardo Barretto [Thu, 16 Apr 2020 22:09:40 +0000 (19:09 -0300)]
jp3d/jpwl/mj2/jpip: Fix resource leaks (#1226)
This issues were found by cppcheck and coverity.
Even Rouault [Thu, 16 Apr 2020 18:52:44 +0000 (20:52 +0200)]
Fix warnings about signed/unsigned casts in pi.c
Even Rouault [Thu, 16 Apr 2020 18:33:22 +0000 (20:33 +0200)]
Rename mis-named function opj_tcd_get_encoded_tile_size() to opj_tcd_get_encoder_input_buffer_size()
Even Rouault [Wed, 1 Apr 2020 20:00:19 +0000 (22:00 +0200)]
Merge pull request #1240 from rouault/fix_crash_opj_decompress
opj_decompress: add sanity checks to avoid segfault in case of decoding error
Even Rouault [Wed, 1 Apr 2020 18:58:55 +0000 (20:58 +0200)]
opj_decompress: add sanity checks to avoid segfault in case of decoding error
Prevent crashes like:
opj_decompress -i 0722_5-1_2019.jp2 -o out.ppm -r 4 -t 0
where 0722_5-1_2019.jp2 is
https://drive.google.com/file/d/1ZxOUZg2-FKjYwa257VFLMpTXRWxEoP0a/view?usp=sharing
Even Rouault [Thu, 13 Feb 2020 08:59:17 +0000 (09:59 +0100)]
opj_compress: improve help message regarding new IMF switch
Even Rouault [Thu, 13 Feb 2020 08:54:20 +0000 (09:54 +0100)]
Merge pull request #1235 from rouault/imf
Implement writing of IMF profiles
Even Rouault [Wed, 12 Feb 2020 14:55:16 +0000 (15:55 +0100)]
Implement writing of IMF profiles
Add -IMF switch to opj_compress as well
Even Rouault [Wed, 12 Feb 2020 14:55:02 +0000 (15:55 +0100)]
openjpeg.h: fix values of OPJ_PROFILE_IMF_ constants
Even Rouault [Mon, 10 Feb 2020 10:20:20 +0000 (11:20 +0100)]
Merge pull request #1234 from rouault/md5_libtiff_4_1
tests: add alternate checksums for libtiff 4.1
Even Rouault [Fri, 7 Feb 2020 20:53:10 +0000 (21:53 +0100)]
tests: add alternate checksums for libtiff 4.1
Fixes #1233
libtiff 4.1 slightly modifies the way it generates files. So
add the new expected md5sum.
Not super elegant solution admitedly.
Even Rouault [Thu, 30 Jan 2020 12:07:31 +0000 (13:07 +0100)]
Merge pull request #1232 from rouault/fix_1231
opj_tcd_init_tile(): avoid integer overflow
Even Rouault [Wed, 29 Jan 2020 23:59:57 +0000 (00:59 +0100)]
opj_tcd_init_tile(): avoid integer overflow
That could lead to later assertion failures.
Fixes #1231 / CVE-2020-8112
Max Moroz [Mon, 13 Jan 2020 17:07:54 +0000 (09:07 -0800)]
tests/fuzzers: link fuzz binaries using $LIB_FUZZING_ENGINE. (#1230)
This was changed some time ago (https://google.github.io/oss-fuzz/getting-started/new-project-guide/) but the build didn't fail as there is a fallback mechanism. The main advantage of the new approach is that for libFuzzer this produces more performant binaries (as `$LIB_FUZZING_ENGINE` expands into `-fsanitize=fuzzer`, which links libFuzzer from the compiler-rt, allowing better optimization tricks).
I'm also experimenting with dataflow (https://github.com/google/oss-fuzz/issues/1632) on your project, and the dataflow config doesn't have a fallback (as it's a new configuration), therefore I'm proposing a change to migrate from `-lFuzzingEngine` to `$LIB_FUZZING_ENGINE`.
Even Rouault [Sat, 11 Jan 2020 10:29:11 +0000 (11:29 +0100)]
Merge pull request #1229 from rouault/fix_1228
opj_j2k_update_image_dimensions(): reject images whose coordinates are beyond INT_MAX (fixes #1228)
Even Rouault [Sat, 11 Jan 2020 00:51:19 +0000 (01:51 +0100)]
opj_j2k_update_image_dimensions(): reject images whose coordinates are beyond INT_MAX (fixes #1228)
Even Rouault [Sun, 17 Nov 2019 12:08:41 +0000 (13:08 +0100)]
Merge pull request #1217 from rouault/fix_ossfuzz_18979
pi.c: avoid integer overflow, resulting in later invalid access to memory in opj_t2_decode_packets()
Robert Ancell [Sun, 17 Nov 2019 02:09:59 +0000 (15:09 +1300)]
JPWL: convert: Fix buffer overflow reading an image file less than four characters (#1196)
Fixes #1068
Even Rouault [Sun, 17 Nov 2019 01:47:26 +0000 (02:47 +0100)]
Merge pull request #1218 from rouault/fix_broken_abi_check
abi-check.sh: fix false postive ABI error, and display output error log
Even Rouault [Sun, 17 Nov 2019 00:35:26 +0000 (01:35 +0100)]
abi-check.sh: fix false postive ABI error, and display output error log
There is currently a false positive ABI check failure between v2.3.1
and current. It disappears when removing the generated reports of v2.3.1
and recreating them. It is likely that some tooling has evolved since
the initial v2.3.1 report generation.
Even Rouault [Sun, 17 Nov 2019 00:18:26 +0000 (01:18 +0100)]
pi.c: avoid integer overflow, resulting in later invalid access to memory in opj_t2_decode_packets(). Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18979
Even Rouault [Thu, 3 Oct 2019 09:04:30 +0000 (11:04 +0200)]
opj_tcd_mct_decode()/opj_mct_decode()/opj_mct_encode_real()/opj_mct_decode_real(): proper deal with a number of samples larger than 4 billion (refs #1151)
Sebastian Rasmussen [Wed, 31 Oct 2018 14:56:11 +0000 (15:56 +0100)]
openjp2/j2k: Validate all SGcod/SPcod/SPcoc parameter values.
Previously the multiple component transformation SGcod(C)
and wavelet transformation SPcod(H)/SPcoc(E) parameter
values were never checked, allowing for out of range values.
The lack of validation allowed the bit stream provided in
issue #1158 through. After this commit an error message
points to the marker segments' parameters as being out of
range.
input/nonregression/edf_c2_20.jp2 contains an SPcod(H) value
of 17, but according to Table A-20 of the specification only
values 0 and 1 are valid. input/nonregression/issue826.jp2
contains a SGcod(B) value of 2, but according to Table A-17
of the specification only values 0 and 1 are valid.
input/nonregression/oss-fuzz2785.jp2 contains a SGcod(B)
value of 32, but it is likewise limited to 0 or 1. These test
cases have been updated to consistently fail to parse the
headers since they contain out of bounds values.
This fixes issue #1210.
Sebastian Rasmussen [Tue, 3 Sep 2019 23:18:37 +0000 (01:18 +0200)]
openjp2/j2k: Make comments adhere to specification.
The function is used to read both SPcod and SPcoc, so all
comments should refer to both marker segments' parameter names.
Even Rouault [Tue, 3 Sep 2019 15:03:54 +0000 (17:03 +0200)]
Merge pull request #1164 from sebras/master
openjp2/j2k: Report error if all wanted components are not decoded.
Even Rouault [Sat, 15 Jun 2019 07:55:16 +0000 (09:55 +0200)]
opj_decompress_fuzzer: remove checks regarding input dimensions (fixes #1079)
Even Rouault [Sun, 26 May 2019 09:06:01 +0000 (11:06 +0200)]
test_decode_area.c: assign tdy to *ptileh instead of *ptilew (fixes #1195)
Even Rouault [Fri, 26 Apr 2019 17:52:52 +0000 (19:52 +0200)]
Merge pull request #1185 from Young-X/fix
Fix several potential vulnerabilities