summaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)Author
2017-07-31Catch images broken by AFLszukw000
2017-07-30src/lib/openjp2/*.h: use OPJ_ prefix for inclusion guards instead of ↵Even Rouault
reserved __ (#587)
2017-07-30opj_event_msg(): force zero termination of bufferEven Rouault
2017-07-30Fix breakage of 22bf99ce0220811bfce1562ee61423cb0245b683Even Rouault
2017-07-30Test return value of opj_j2k_setup_decoding_tile() (commit ↵Even Rouault
https://github.com/uclouvain/openjpeg/pull/561/commits/ec31fa0c7f1ff8979312c07296cba41584c458a0 by ak-dxdy, #561)
2017-07-30Fix warnings in USE_JPIP compilation modeEven Rouault
2017-07-30Avoid heap buffer overflow in function pnmtoimage of convert.c, and unsigned ↵Even Rouault
integer overflow in opj_image_create() (CVE-2016-9118, #861)
2017-07-30Fix Doxygen warnings (patch derived from Winfried's doxygen-dif.txt.zip, #849)Even Rouault
2017-07-30j2k.c: remove hardcoded constants related to m_state, and useless FIXMEEven Rouault
2017-07-30Avoid p_stream->m_user_data_length >= (OPJ_UINT64)p_stream->m_byte_offset ↵Even Rouault
assertion in opj_stream_get_number_byte_left(). Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2786. Credit to OSS Fuzz
2017-07-30opj_j2k_set_decode_area: replace assertions by runtime checks. Fixes ↵Even Rouault
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2795. Credit to OSS Fuzz
2017-07-30opj_tcd_dc_level_shift_decode: avoid int32 overflow when prec == 31. Fixes ↵Even Rouault
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2799. Credit to OSS Fuzz
2017-07-29src/bin/jpwl/convert.c: fix memleak (fix suggested by maddin200, #631)Even Rouault
2017-07-29Fix warnings in pi.c raised by VS11 analyze (#190)Even Rouault
2017-07-29Fix write heap buffer overflow in opj_mqc_byteout(). Discovered by Ke Liu of ↵Even Rouault
Tencent's Xuanwu LAB (#835)
2017-07-29opj_pi_update_decode_poc(): limit layno1 to the number of layers ↵Even Rouault
(CVE-2016-1626 and CVE-2016-1628, #850) This has been recently fixed in a less elegant way per 80818c39f5bfbac37768fcee95b0ffeceaa77264
2017-07-29opj_tcd_get_decoded_tile_size(): fix potential UINT32 overflow (#854, ↵Even Rouault
CVE-2016-5152) Fix derived from https://pdfium.googlesource.com/pdfium.git/+/d8cc503575463ff3d81b22dad292665f2c88911e/third_party/libopenjpeg20/0018-tcd_get_decoded_tile_size.patch
2017-07-29color_cielab_to_rgb(): reject images with components of different dimensions ↵Even Rouault
to void read heap buffer overflow (#909)
2017-07-29Fix breakage of 2fa0fc61f2d546c8b67e7c5a9cbc61d98e1f7af0 (#970)Even Rouault
2017-07-29imagetopnm(): make sure the alpha component has same dimension as other ↵Even Rouault
components to avoid read heap buffer overflow (#970)
2017-07-29opj_t1_decode_cblk(): avoid undefined shift behaviour. Fixes ↵Even Rouault
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2487. Credit to OSS Fuzz
2017-07-29opj_t1_clbl_decode_processor(): avoid undefined behaviour if roishift >= 31. ↵Even Rouault
Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2506. Credit to OSS Fuzz
2017-07-29Avoid assertion in opj_j2k_merge_ppt() in case premature EOC is encountered ↵Even Rouault
in opj_j2k_read_tile_header(). Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2785. Credit to OSS Fuzz
2017-07-29opj_pi_next_pcrl(): avoid undefined shift behaviour. Fixes ↵Even Rouault
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2787. Credit to OSS Fuzz
2017-07-28opj_int_ceildiv(): fix int32 overflow. Fixes ↵Even Rouault
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2494. Credit to OSS Fuzz
2017-07-28opj_tcd_dc_level_shift_decode(): avoid int overflow. Fixes ↵Even Rouault
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2516. Credit to OSS Fuzz
2017-07-28Fix null pointer dereference in opj_jp2_apply_pclr(). Fixes ↵Even Rouault
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2558. Credit to OSS Fuzz
2017-07-28Fix null pointer dereference in opj_j2k_add_mct() (#895)Even Rouault
Fixes openjeg-crashes-2017-07-27/issue879-poc1.j2k of #895
2017-07-28Avoid use-after-free when a MCT marker is found after a MCC one (#895)Even Rouault
Fixes openjeg-crashes-2017-07-27/issue880-poc2.j2k of #895
2017-07-27Avoid undefined shift behaviour if bit depth == 32 (#895)Even Rouault
Fixes openjeg-crashes-2017-07-27/id:000000,sig:11,src:003798,op:ext_AO,pos:128.jp2
2017-07-27opj_j2k_update_image_data / opj_tcd_update_tile_data: fix unaligned ↵Even Rouault
load/store (#895) When components don't have the same width, unaligned load/store are possible. Fixes openjeg-crashes-2017-07-27/id:000000,sig:11,src:001342,op:flip4,pos:162.jp2 of #895
2017-07-27opj_pi_next_rpcl / opj_pi_next_pcrl / opj_pi_next_cprl: avoid int overflow ↵Even Rouault
(#895) Fixes int overflow on openjeg-crashes-2017-07-27/id:000000,sig:08,src:000879,op:flip2,pos:128.jp2
2017-07-27opj_jp2_check_color(): replace assertion regarding mtyp by runtime check ↵Even Rouault
(#672, #895) Fixes test case openjeg-crashes-2017-07-27/id:000000,sig:06,src:000001,op:flip1,pos:808.jp2 of #895
2017-07-27Avoids undefined shift behaviour in m_dc_level_shift computationEven Rouault
Fixes warning found on clusterfuzz-testcase-minimized-5146316340461568 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2495 Credit to OSS Fuzz
2017-07-26Fix various undefined shift behaviour in pi.cEven Rouault
Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2496 Credit to OSS Fuzz
2017-07-26Avoid potential undefined shift behaviour in opj_bio_read() from ↵Even Rouault
opj_t2_read_packet_header() Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2485 Credit to OSS Fuzz
2017-07-26T1 decoder: check code stream errors when predictable termination is enabled ↵Even Rouault
and emit a warning when errors are found
2017-07-26Spelling fixes (patch by ka7, #890, rebased on top of master)Even Rouault
2017-07-26Reformat src/bin/wx/OPJViewer/source/OPJThreads.cpp ↵Even Rouault
src/bin/wx/OPJViewer/source/imagjpeg2000.cpp wrapping/java/openjp2/JavaOpenJPEG.c
2017-07-26opj_decompress: fix null pointer dereference on comps[].data on ↵Even Rouault
id_000167,sig_11,src_006079,op_havoc,rep_4 (#939)
2017-07-26Fix assertion / memory leak in opj_j2k_merge_ppt() on corrupted images (#939)Even Rouault
Fixes issue on id:000020,sig:06,src:001958,op:flip4,pos:149 that has two SOT markers for the same tile with the same tile part number, causing opj_j2k_merge_ppt() to be called several times.
2017-07-26Avoid division by zero in opj_pi_next_rpcl, opj_pi_next_pcrl, ↵Even Rouault
opj_pi_next_cprl (#938) Fixes crash on id_000004,sig_06,src_000679,op_arith8,pos_49,val_-17
2017-07-26Avoid index out of bounds access to pi->include[] (#938)Even Rouault
Fix id:000098,sig:11,src:005411,op:havoc,rep:2 test case
2017-07-26Avoid division by zero in opj_pi_next_rpcl, opj_pi_next_pcrl and ↵Even Rouault
opj_pi_next_cprl (#938) Fixes issues with id:000026,sig:08,src:002419,op:int32,pos:60,val:+32 and id:000019,sig:08,src:001098,op:flip1,pos:49
2017-07-13install static librariesJeroen
2017-07-06Comment fixEven Rouault
2017-07-05Remove unused m_DA_x0, m_DA_y0, m_DA_x1, m_DA_y1 members from opj_j2k_dec ↵Even Rouault
structure
2017-07-03opj_j2k_read_header_procedure(): validate marker size to avoid excessive ↵Even Rouault
memory allocation attempt
2017-07-03Merge pull request #954 from jeroen/staticEven Rouault
build both shared and static library
2017-06-30IDWT 5x3: fix bug in AVX2 implementation (#953, #957)Even Rouault
generated by cgit v1.2.3 (git 2.46.0) at 2026-04-19 22:13:40 +0000