diff options
| author | Antonin Descampe <antonin@descampe.net> | 2017-08-08 16:51:54 -0700 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2017-08-08 16:51:54 -0700 |
| commit | 0394f8d0f1c981e0bc587beddc14d1fb0b265b1b (patch) | |
| tree | 568c654ba7aaa5a6872875d4c61ec02b459e7497 /src/lib/openjp2/j2k.c | |
| parent | 3b1b0672663b59853b63d48f94b63ca497883527 (diff) | |
| parent | bc3cb7410023e9d0c7ff9972a0bc8cf1fe9b32a4 (diff) | |
Merge pull request #975 from szukw000/changes-for-afl-tests
Catch images broken by AFL
Diffstat (limited to 'src/lib/openjp2/j2k.c')
| -rw-r--r-- | src/lib/openjp2/j2k.c | 37 |
1 files changed, 36 insertions, 1 deletions
diff --git a/src/lib/openjp2/j2k.c b/src/lib/openjp2/j2k.c index 3737655b..5a169e18 100644 --- a/src/lib/openjp2/j2k.c +++ b/src/lib/openjp2/j2k.c @@ -2054,6 +2054,7 @@ static OPJ_BOOL opj_j2k_read_siz(opj_j2k_t *p_j2k, OPJ_UINT32 l_remaining_size; OPJ_UINT32 l_nb_tiles; OPJ_UINT32 l_tmp, l_tx1, l_ty1; + OPJ_UINT32 l_prec0, l_sgnd0; opj_image_t *l_image = 00; opj_cp_t *l_cp = 00; opj_image_comp_t * l_img_comp = 00; @@ -2156,7 +2157,20 @@ static OPJ_BOOL opj_j2k_read_siz(opj_j2k_t *p_j2k, "Error with SIZ marker: illegal tile offset\n"); return OPJ_FALSE; } + if (!p_j2k->dump_state) { + OPJ_UINT32 siz_w, siz_h; + siz_w = l_image->x1 - l_image->x0; + siz_h = l_image->y1 - l_image->y0; + + if (p_j2k->ihdr_w > 0 && p_j2k->ihdr_h > 0 + && (p_j2k->ihdr_w != siz_w || p_j2k->ihdr_h != siz_h)) { + opj_event_msg(p_manager, EVT_ERROR, + "Error with SIZ marker: IHDR w(%u) h(%u) vs. SIZ w(%u) h(%u)\n", p_j2k->ihdr_w, + p_j2k->ihdr_h, siz_w, siz_h); + return OPJ_FALSE; + } + } #ifdef USE_JPWL if (l_cp->correct) { /* if JPWL is on, we check whether TX errors have damaged @@ -2211,6 +2225,8 @@ static OPJ_BOOL opj_j2k_read_siz(opj_j2k_t *p_j2k, l_img_comp = l_image->comps; + l_prec0 = 0; + l_sgnd0 = 0; /* Read the component information */ for (i = 0; i < l_image->numcomps; ++i) { OPJ_UINT32 tmp; @@ -2218,6 +2234,20 @@ static OPJ_BOOL opj_j2k_read_siz(opj_j2k_t *p_j2k, ++p_header_data; l_img_comp->prec = (tmp & 0x7f) + 1; l_img_comp->sgnd = tmp >> 7; + + if (p_j2k->dump_state == 0) { + if (i == 0) { + l_prec0 = l_img_comp->prec; + l_sgnd0 = l_img_comp->sgnd; + } else if (l_cp->bpc_is_255 == 0 + && (l_img_comp->prec != l_prec0 || l_img_comp->sgnd != l_sgnd0)) { + opj_event_msg(p_manager, EVT_ERROR, + "Invalid precision and/or sgnd values for comp[%d]:\n" + " [0] prec(%d) sgnd(%d) [%d] prec(%d) sgnd(%d)\n", i, l_prec0, l_sgnd0, + i, l_img_comp->prec, l_img_comp->sgnd); + return OPJ_FALSE; + } + } opj_read_bytes(p_header_data, &tmp, 1); /* XRsiz_i */ ++p_header_data; l_img_comp->dx = (OPJ_UINT32)tmp; /* should be between 1 and 255 */ @@ -2240,7 +2270,6 @@ static OPJ_BOOL opj_j2k_read_siz(opj_j2k_t *p_j2k, i, l_img_comp->prec); return OPJ_FALSE; } - #ifdef USE_JPWL if (l_cp->correct) { /* if JPWL is on, we check whether TX errors have damaged @@ -2277,6 +2306,10 @@ static OPJ_BOOL opj_j2k_read_siz(opj_j2k_t *p_j2k, ++l_img_comp; } + if (l_cp->tdx == 0 || l_cp->tdy == 0) { + return OPJ_FALSE; + } + /* Compute the number of tiles */ l_cp->tw = (OPJ_UINT32)opj_int_ceildiv((OPJ_INT32)(l_image->x1 - l_cp->tx0), (OPJ_INT32)l_cp->tdx); @@ -6345,6 +6378,7 @@ void opj_j2k_setup_decoder(opj_j2k_t *j2k, opj_dparameters_t *parameters) j2k->m_cp.m_specific_param.m_dec.m_layer = parameters->cp_layer; j2k->m_cp.m_specific_param.m_dec.m_reduce = parameters->cp_reduce; + j2k->dump_state = (parameters->flags & OPJ_DPARAMETERS_DUMP_FLAG); #ifdef USE_JPWL j2k->m_cp.correct = parameters->jpwl_correct; j2k->m_cp.exp_comps = parameters->jpwl_exp_comps; @@ -8735,6 +8769,7 @@ OPJ_BOOL opj_j2k_decode_tile(opj_j2k_t * p_j2k, opj_event_msg(p_manager, EVT_ERROR, "Failed to decode.\n"); return OPJ_FALSE; } + p_j2k->m_tcd->enumcs = p_j2k->enumcs; /* p_data can be set to NULL when the call will take care of using */ /* itself the TCD data. This is typically the case for whole single */ |