openjpeg/src/bin, branch v2.3.1 Fork of openjpeg library for JPEG2000 encoding and decoding https://git.carlh.net/cgit/openjpeg/atom?h=v2.3.1 2019-03-29T09:44:35Z Revert "[JPWL] tgatoimage(): avoid excessive memory allocation attempt," 2019-03-29T09:44:35Z Even Rouault even.rouault@spatialys.com 2019-03-29T09:44:35Z urn:sha1:25b815dc460dbf9def7e6b822c8998727094f85a This reverts commit 05be3084460e46282ee63f04c72c451f3271fd28. This commit doesn't compile due to missing OPJ_UINT64 type convertbmp: detect invalid file dimensions early 2018-12-14T04:10:35Z Hugo Lefeuvre hle@debian.org 2018-12-14T03:58:40Z urn:sha1:8ee335227bbcaf1614124046aa25e53d67b11ec3 width/length dimensions read from bmp headers are not necessarily valid. For instance they may have been maliciously set to very large values with the intention to cause DoS (large memory allocation, stack overflow). In these cases we want to detect the invalid size as early as possible. This commit introduces a counter which verifies that the number of written bytes corresponds to the advertized width/length. Fixes #1059 (CVE-2018-6616). Merge pull request #1168 from Young-X/fix_dev 2018-12-07T20:27:38Z Even Rouault even.rouault@mines-paris.org 2018-12-07T20:27:38Z urn:sha1:e7640f58f122d1228f3d750864543ad4703e18fc Fix multiple potential vulnerabilities and bugs [JPWL] tgatoimage(): avoid excessive memory allocation attempt, 2018-11-28T06:44:06Z Young Xiao YangX92@hotmail.com 2018-11-28T06:44:06Z urn:sha1:05be3084460e46282ee63f04c72c451f3271fd28 and fixes unaligned load Signed-off-by: Young Xiao <YangX92@hotmail.com> [JPWL] opj_compress: reorder checks related to code block dimensions to avoid potential int overflow 2018-11-28T06:39:14Z Young_X YangX92@hotmail.com 2018-11-23T09:12:06Z urn:sha1:ce9583d1d7627e007a34a31ae4e22a00d78bd153 Signed-off-by: Young_X <YangX92@hotmail.com> color_apply_icc_profile: avoid potential heap buffer overflow 2018-11-27T22:31:30Z Even Rouault even.rouault@spatialys.com 2018-11-27T22:31:30Z urn:sha1:2e5ab1d9987831c981ff05862e8ccf1381ed58ea Derived from a patch by Thuan Pham [JPWL] imagetotga(): fix read heap buffer overflow if numcomps < 3 (#987) 2018-11-23T09:08:57Z Young_X YangX92@hotmail.com 2018-11-23T07:58:23Z urn:sha1:46822d0eddc3324b2a056bc60ffa997027bebd66 Signed-off-by: Young_X <YangX92@hotmail.com> [JPWL] fix CVE-2018-16375 2018-11-23T09:08:56Z Young_X YangX92@hotmail.com 2018-11-23T07:02:26Z urn:sha1:619e1b086eaa21ebd9b23eb67deee543b07bf06f Signed-off-by: Young_X <YangX92@hotmail.com> Merge pull request #1160 from hlef/master 2018-11-16T08:42:19Z Even Rouault even.rouault@mines-paris.org 2018-11-16T08:42:19Z urn:sha1:92023cd6c377e0384a7725949b25655d4d94dced jp3d/jpwl convert: fix write stack buffer overflow jp2: convert: fix null pointer dereference 2018-11-07T17:53:18Z Hugo Lefeuvre hle@debian.org 2018-11-07T17:48:29Z urn:sha1:cab352e249ed3372dd9355c85e837613fff98fa2 Tile components in a JP2 image might have null data pointer by defining a zero component size (for example using large horizontal or vertical sampling periods). This null data pointer leads to null image component data pointer, causing crash when dereferenced without != null check in imagetopnm. Add != null check. This commit addresses #1152 (CVE-2018-18088).