openjpeg/src, branch v2.3.1Fork of openjpeg library for JPEG2000 encoding and decodinghttps://git.carlh.net/cgit/openjpeg/atom?h=v2.3.12019-03-29T10:17:39Zopj_t1_encode_cblks: fix UBSAN signed integer overflow2019-03-29T10:17:39ZEven Rouaulteven.rouault@spatialys.com2019-03-29T10:17:39Zurn:sha1:a1d32a596a94280178c44a55d7e7f1acd992ed5d
Fixes #1053 / CVE-2018-5727
Note: I don't consider this issue to be a security vulnerability, in
practice.
At least with gcc or clang compilers on x86_64 which generate the same
assembly code with or without that fix.
Revert "[JPWL] tgatoimage(): avoid excessive memory allocation attempt,"2019-03-29T09:44:35ZEven Rouaulteven.rouault@spatialys.com2019-03-29T09:44:35Zurn:sha1:25b815dc460dbf9def7e6b822c8998727094f85a
This reverts commit 05be3084460e46282ee63f04c72c451f3271fd28.
This commit doesn't compile due to missing OPJ_UINT64 type
Revert "[MJ2] Avoid index out of bounds access to pi->include[]"2019-03-29T09:40:58ZEven Rouaulteven.rouault@spatialys.com2019-03-29T09:40:58Zurn:sha1:e1740e7ce79d0a1676db4da0f4189b64e85f52cb
This reverts commit c277159986c80142180fbe5efb256bbf3bdf3edc.
The commit didn't compile. include_size is not defined in openmj2
convertbmp: detect invalid file dimensions early2018-12-14T04:10:35ZHugo Lefeuvrehle@debian.org2018-12-14T03:58:40Zurn:sha1:8ee335227bbcaf1614124046aa25e53d67b11ec3
width/length dimensions read from bmp headers are not necessarily
valid. For instance they may have been maliciously set to very large
values with the intention to cause DoS (large memory allocation, stack
overflow). In these cases we want to detect the invalid size as early
as possible.
This commit introduces a counter which verifies that the number of
written bytes corresponds to the advertized width/length.
Fixes #1059 (CVE-2018-6616).
Merge pull request #1168 from Young-X/fix_dev2018-12-07T20:27:38ZEven Rouaulteven.rouault@mines-paris.org2018-12-07T20:27:38Zurn:sha1:e7640f58f122d1228f3d750864543ad4703e18fc
Fix multiple potential vulnerabilities and bugs[JPWL] tgatoimage(): avoid excessive memory allocation attempt,2018-11-28T06:44:06ZYoung XiaoYangX92@hotmail.com2018-11-28T06:44:06Zurn:sha1:05be3084460e46282ee63f04c72c451f3271fd28
and fixes unaligned load
Signed-off-by: Young Xiao <YangX92@hotmail.com>
[JP3D] To avoid divisions by zero / undefined behaviour on shift (CVE-2018-144232018-11-28T06:39:15ZYoung_XYangX92@hotmail.com2018-11-23T09:15:05Zurn:sha1:bd88611ed9ad7144ec4f3de54790cd848175891b
Signed-off-by: Young_X <YangX92@hotmail.com>
[JPWL] opj_compress: reorder checks related to code block dimensions to avoid potential int overflow2018-11-28T06:39:14ZYoung_XYangX92@hotmail.com2018-11-23T09:12:06Zurn:sha1:ce9583d1d7627e007a34a31ae4e22a00d78bd153
Signed-off-by: Young_X <YangX92@hotmail.com>
[OPENJP2] change the way to compute *p_tx0, *p_tx1, *p_ty0, *p_ty1 in function2018-11-28T06:39:14ZYoung_XYangX92@hotmail.com2018-11-23T08:24:19Zurn:sha1:c58df149900df862806d0e892859b41115875845
opj_get_encoding_parameters
Signed-off-by: Young_X <YangX92@hotmail.com>
[MJ2] Avoid index out of bounds access to pi->include[]2018-11-28T06:39:14ZYoung_XYangX92@hotmail.com2018-11-23T08:12:53Zurn:sha1:c277159986c80142180fbe5efb256bbf3bdf3edc
Signed-off-by: Young_X <YangX92@hotmail.com>