1 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
2 <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
4 <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
5 <meta name="keywords" content="OpenJPEG, current, changes, changelog" />
6 <meta name="description" content="Log of changes in the package" />
7 <link rel="stylesheet" type="text/css" href="../../../css/common.css" />
8 <link rel="stylesheet" type="text/css" href="../../../css/changelog.css" />
12 OpenJPEG current: changelog
18 <table cellpadding='0' cellspacing='0'><tr><td align='center'><h1 class='tool'><a title='Home: ABI tracker for OpenJPEG' href='../../../timeline/openjpeg/index.html' class='tool'>ABI<br/>Tracker</a></h1></td><td width='30px;'></td><td><h1>(OpenJPEG)</h1></td></tr></table><hr/>
21 <h1>Changelog from Git</h1><br/><br/>
22 <div class='changelog'>
23 <pre class='wrap'>commit 2fbd4bb0b9c6178f12c852dc40db6ab05734bfe2
24 Author: Even Rouault <even.rouault@spatialys.com>
25 Date: 2017-08-04 18:01:29 +0200
27 opj_j2k_read_sot(): check current TPSot number regarding previous (non-zero) TNsot to avoid opj_j2k_merge_ppt() to be called several times. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2851. Credit to OSS Fuzz
29 commit 155fc2e279b85bd04709967b2797de4f69b0cf3e
30 Author: Antonin Descampe <antonin@gmail.com>
31 Date: 2017-08-02 17:07:29 +0200
33 Update abi-check to take into account new defaults for "add" git command
35 commit eb90d8ec935eba934bfd260cc80c8ef445dff4fd
36 Author: Antonin Descampe <antonin@gmail.com>
37 Date: 2017-08-02 16:50:11 +0200
39 WIP: fix abi-check and automatic upload
41 commit 48125b0d124bc668b971b1f5df5a3c39798cfcf9
42 Author: Even Rouault <even.rouault@spatialys.com>
43 Date: 2017-07-31 17:35:10 +0200
45 src/bin/jpwl/convert.c: add missing fclose() in error code path (suggested by maddin200, #976)
47 commit 13cde9fa37249628af6b6f10601b733f87a025f4
48 Author: Even Rouault <even.rouault@spatialys.com>
49 Date: 2017-07-30 19:46:52 +0200
51 src/lib/openjp2/*.h: use OPJ_ prefix for inclusion guards instead of reserved __ (#587)
53 commit 9a6d41d22b1a4f17a376d2f6f208c52c58b8e4b3
54 Author: Even Rouault <even.rouault@spatialys.com>
55 Date: 2017-07-30 19:27:01 +0200
57 opj_event_msg(): force zero termination of buffer
59 commit b716f8616394252724ca0811eab3a20ab42b2189
60 Author: Even Rouault <even.rouault@spatialys.com>
61 Date: 2017-07-30 19:26:47 +0200
63 Fix breakage of 22bf99ce0220811bfce1562ee61423cb0245b683
65 commit 22bf99ce0220811bfce1562ee61423cb0245b683
66 Author: Even Rouault <even.rouault@spatialys.com>
67 Date: 2017-07-30 19:07:16 +0200
69 Test return value of opj_j2k_setup_decoding_tile() (commit https://github.com/uclouvain/openjpeg/pull/561/commits/ec31fa0c7f1ff8979312c07296cba41584c458a0 by ak-dxdy, #561)
71 commit ffa9a4f6585dc199fb850dee4255e7a7b84aad63
72 Author: Even Rouault <even.rouault@spatialys.com>
73 Date: 2017-07-30 18:46:34 +0200
75 Fix warnings in USE_JPIP compilation mode
77 commit c22cbd8bdf8ff2ae372f94391a4be2d322b36b41
78 Author: Even Rouault <even.rouault@spatialys.com>
79 Date: 2017-07-30 18:43:25 +0200
81 Avoid heap buffer overflow in function pnmtoimage of convert.c, and unsigned integer overflow in opj_image_create() (CVE-2016-9118, #861)
83 commit 83342f2aafcab4599b49f780e35fd249e8402b61
84 Author: Even Rouault <even.rouault@spatialys.com>
85 Date: 2017-07-30 18:18:59 +0200
87 Fix Doxygen warnings (patch derived from Winfried's doxygen-dif.txt.zip, #849)
89 commit 4748318136626dd9e841ea1aa8b52adfbab26772
90 Author: Even Rouault <even.rouault@spatialys.com>
91 Date: 2017-07-30 17:26:03 +0200
93 j2k.c: remove hardcoded constants related to m_state, and useless FIXME
95 commit e23e0c94d0eb30623bc67be19c38c22ee5378344
96 Author: Even Rouault <even.rouault@spatialys.com>
97 Date: 2017-07-30 16:48:15 +0200
99 Avoid p_stream->m_user_data_length >= (OPJ_UINT64)p_stream->m_byte_offset assertion in opj_stream_get_number_byte_left(). Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2786. Credit to OSS Fuzz
101 commit 1ed8d67797ef57143e2c855b602016bf9d89337d
102 Author: Even Rouault <even.rouault@spatialys.com>
103 Date: 2017-07-30 15:35:47 +0200
105 opj_j2k_set_decode_area: replace assertions by runtime checks. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2795. Credit to OSS Fuzz
107 commit 68832af20e3b3710424947e12762b6b52d3b6ac0
108 Author: Even Rouault <even.rouault@spatialys.com>
109 Date: 2017-07-30 15:22:24 +0200
111 opj_tcd_dc_level_shift_decode: avoid int32 overflow when prec == 31. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2799. Credit to OSS Fuzz
113 commit 517bf6fd86dae18b62390a03533d30da0e5bb701
114 Author: Even Rouault <even.rouault@spatialys.com>
115 Date: 2017-07-29 21:11:23 +0200
117 src/bin/jpwl/convert.c: fix memleak (fix suggested by maddin200, #631)
119 commit 51eb86d8f7a6297a4f0e8ca44977b72532de0353
120 Author: Even Rouault <even.rouault@spatialys.com>
121 Date: 2017-07-29 19:43:23 +0200
123 Fix warnings in pi.c raised by VS11 analyze (#190)
125 commit 397f62c0a838e15d667ef50e27d5d011d2c79c04
126 Author: Even Rouault <even.rouault@spatialys.com>
127 Date: 2017-07-29 19:13:49 +0200
129 Fix write heap buffer overflow in opj_mqc_byteout(). Discovered by Ke Liu of Tencent's Xuanwu LAB (#835)
131 commit 11445eddad7e7fa5b273d1c83c91011c44e5d586
132 Author: Even Rouault <even.rouault@spatialys.com>
133 Date: 2017-07-29 19:03:13 +0200
135 opj_pi_update_decode_poc(): limit layno1 to the number of layers (CVE-2016-1626 and CVE-2016-1628, #850)
137 This has been recently fixed in a less elegant way per
138 80818c39f5bfbac37768fcee95b0ffeceaa77264
140 commit 3fbe71369019df0b47c7a2be4fab8c05768f2f32
141 Author: Even Rouault <even.rouault@spatialys.com>
142 Date: 2017-07-29 18:38:16 +0200
144 opj_tcd_get_decoded_tile_size(): fix potential UINT32 overflow (#854, CVE-2016-5152)
146 Fix derived from https://pdfium.googlesource.com/pdfium.git/+/d8cc503575463ff3d81b22dad292665f2c88911e/third_party/libopenjpeg20/0018-tcd_get_decoded_tile_size.patch
148 commit 5a3e7aaf339943bc988adbada39a1fc8f5046899
149 Author: Even Rouault <even.rouault@spatialys.com>
150 Date: 2017-07-29 17:56:12 +0200
152 color_cielab_to_rgb(): reject images with components of different dimensions to void read heap buffer overflow (#909)
154 commit 784d4d47e97b5d0fccccbd931349997a0e2074cc
155 Author: Even Rouault <even.rouault@spatialys.com>
156 Date: 2017-07-29 17:51:10 +0200
158 Fix breakage of 2fa0fc61f2d546c8b67e7c5a9cbc61d98e1f7af0 (#970)
160 commit 2fa0fc61f2d546c8b67e7c5a9cbc61d98e1f7af0
161 Author: Even Rouault <even.rouault@spatialys.com>
162 Date: 2017-07-29 17:28:55 +0200
164 imagetopnm(): make sure the alpha component has same dimension as other components to avoid read heap buffer overflow (#970)
166 commit db9ef99f6dd054a84fa8382c02869fb0656abfc8
167 Author: Even Rouault <even.rouault@spatialys.com>
168 Date: 2017-07-29 16:34:35 +0200
170 opj_t1_decode_cblk(): avoid undefined shift behaviour. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2487. Credit to OSS Fuzz
172 commit f6551f822fe020843299bd807ec6989abd070b2c
173 Author: Even Rouault <even.rouault@spatialys.com>
174 Date: 2017-07-29 16:29:11 +0200
176 opj_t1_clbl_decode_processor(): avoid undefined behaviour if roishift >= 31. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2506. Credit to OSS Fuzz
178 commit 9906fbf737692486cebabe98169988d818e2e66a
179 Author: Even Rouault <even.rouault@spatialys.com>
180 Date: 2017-07-29 16:22:36 +0200
182 Avoid assertion in opj_j2k_merge_ppt() in case premature EOC is encountered in opj_j2k_read_tile_header(). Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2785. Credit to OSS Fuzz
184 commit 71b4f5b124d14ed609763b11e19d2d480bc32f58
185 Author: Even Rouault <even.rouault@spatialys.com>
186 Date: 2017-07-29 15:52:11 +0200
188 opj_pi_next_pcrl(): avoid undefined shift behaviour. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2787. Credit to OSS Fuzz
190 commit d6654d906c1ae66590b6d600458a91f1ee923de5
191 Author: Even Rouault <even.rouault@spatialys.com>
192 Date: 2017-07-28 22:15:47 +0200
194 opj_int_ceildiv(): fix int32 overflow. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2494. Credit to OSS Fuzz
196 commit 361c4506fdfb9b6f0e41d86d5d0ea1efb5704ecf
197 Author: Even Rouault <even.rouault@spatialys.com>
198 Date: 2017-07-28 22:06:26 +0200
200 opj_tcd_dc_level_shift_decode(): avoid int overflow. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2516. Credit to OSS Fuzz
202 commit 7bdbe490cba9990916f94a40379cc787434340ff
203 Author: Even Rouault <even.rouault@spatialys.com>
204 Date: 2017-07-28 21:55:22 +0200
206 Fix null pointer dereference in opj_jp2_apply_pclr(). Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2558. Credit to OSS Fuzz
208 commit 16aeb9282f6b3877aa8365c461ba8d3d1338adae
209 Author: Even Rouault <even.rouault@spatialys.com>
210 Date: 2017-07-28 21:39:30 +0200
212 Fix null pointer dereference in opj_j2k_add_mct() (#895)
214 Fixes openjeg-crashes-2017-07-27/issue879-poc1.j2k of #895
216 commit c5bf5ef4d6552e9159aaad29cb27826acd1a3389
217 Author: Even Rouault <even.rouault@spatialys.com>
218 Date: 2017-07-28 21:29:55 +0200
220 Avoid use-after-free when a MCT marker is found after a MCC one (#895)
222 Fixes openjeg-crashes-2017-07-27/issue880-poc2.j2k of #895
224 commit e03e9474667e5117341351699f0b1dbb06f93346
225 Author: Even Rouault <even.rouault@spatialys.com>
226 Date: 2017-07-27 22:29:17 +0200
228 Avoid undefined shift behaviour if bit depth == 32 (#895)
230 Fixes openjeg-crashes-2017-07-27/id:000000,sig:11,src:003798,op:ext_AO,pos:128.jp2
232 commit 820fcfe8bb101a2862c076b02c9b6b636ce39d2f
233 Author: Even Rouault <even.rouault@spatialys.com>
234 Date: 2017-07-27 19:34:54 +0200
236 opj_j2k_update_image_data / opj_tcd_update_tile_data: fix unaligned load/store (#895)
238 When components don't have the same width, unaligned load/store are possible.
240 Fixes openjeg-crashes-2017-07-27/id:000000,sig:11,src:001342,op:flip4,pos:162.jp2 of #895
242 commit 6c4e5bacb9d9791fc6ff074bd7958b3820d70514
243 Author: Even Rouault <even.rouault@spatialys.com>
244 Date: 2017-07-27 19:22:14 +0200
246 opj_pi_next_rpcl / opj_pi_next_pcrl / opj_pi_next_cprl: avoid int overflow (#895)
248 Fixes int overflow on openjeg-crashes-2017-07-27/id:000000,sig:08,src:000879,op:flip2,pos:128.jp2
250 commit 178194c093422c9564efc41f9ecb5c630b43f723
251 Author: Even Rouault <even.rouault@spatialys.com>
252 Date: 2017-07-27 18:51:51 +0200
254 opj_jp2_check_color(): replace assertion regarding mtyp by runtime check (#672, #895)
256 Fixes test case openjeg-crashes-2017-07-27/id:000000,sig:06,src:000001,op:flip1,pos:808.jp2
259 commit d6fa30099797c68c6a67decf58571dd59dbf734b
260 Author: Even Rouault <even.rouault@spatialys.com>
261 Date: 2017-07-26 23:25:38 +0200
263 Avoids undefined shift behaviour in m_dc_level_shift computation
265 Fixes warning found on clusterfuzz-testcase-minimized-5146316340461568
266 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2495
270 commit a88cbb6a0b3539461dfb29922102953b7a7fc3a7
271 Author: Even Rouault <even.rouault@spatialys.com>
272 Date: 2017-07-26 22:53:59 +0200
274 Fix various undefined shift behaviour in pi.c
276 Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2496
279 commit 6c5fe9407b7768eb2ac55b83511bc103551d207a
280 Author: Even Rouault <even.rouault@spatialys.com>
281 Date: 2017-07-26 22:22:44 +0200
283 Avoid potential undefined shift behaviour in opj_bio_read() from opj_t2_read_packet_header()
285 Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2485
288 commit dbf527bf2a53bc88e6cf1373991002ec0e8e22a1
289 Merge: 5e795d9 94c4b73
290 Author: Even Rouault <even.rouault@mines-paris.org>
291 Date: 2017-07-26 22:05:32 +0200
293 Merge pull request #800 from rouault/tier1_optimizations_multithreading_pterm_check
295 Implement predictive termination check
297 commit 94c4b7300cc515330bf798bb45eb0d68e2c84aa0
298 Author: Even Rouault <even.rouault@spatialys.com>
299 Date: 2017-07-26 21:39:50 +0200
301 T1 decoder: check code stream errors when predictable termination is enabled and emit a warning when errors are found
303 commit 5e795d90a1e47616e0c7a2e39381c13ccf7fd6dd
304 Author: Even Rouault <even.rouault@spatialys.com>
305 Date: 2017-07-26 21:06:38 +0200
307 Spelling fixes (patch by ka7, #890, rebased on top of master)
309 commit 2be20ce7d9996e960d79f3ad6ec439a9895849ed
310 Author: Even Rouault <even.rouault@spatialys.com>
311 Date: 2017-07-26 21:04:01 +0200
313 Reformat src/bin/wx/OPJViewer/source/OPJThreads.cpp src/bin/wx/OPJViewer/source/imagjpeg2000.cpp wrapping/java/openjp2/JavaOpenJPEG.c
315 commit 94cc97c58acfa574e734fac5eb673c516c0ac469
316 Author: Even Rouault <even.rouault@spatialys.com>
317 Date: 2017-07-26 20:13:09 +0200
319 opj_decompress: fix null pointer dereference on comps[].data on id_000167,sig_11,src_006079,op_havoc,rep_4 (#939)
321 commit 8d2e69e37d01bf6a0440d3109d92235c3c586ffe
322 Author: Even Rouault <even.rouault@spatialys.com>
323 Date: 2017-07-26 19:49:38 +0200
325 Fix assertion / memory leak in opj_j2k_merge_ppt() on corrupted images (#939)
327 Fixes issue on id:000020,sig:06,src:001958,op:flip4,pos:149 that has two
328 SOT markers for the same tile with the same tile part number, causing
329 opj_j2k_merge_ppt() to be called several times.
331 commit 5c5319984b81e2aa32d1d83abdef0cdb8dbe7b18
332 Author: Even Rouault <even.rouault@spatialys.com>
333 Date: 2017-07-26 18:05:56 +0200
335 Avoid division by zero in opj_pi_next_rpcl, opj_pi_next_pcrl, opj_pi_next_cprl (#938)
337 Fixes crash on id_000004,sig_06,src_000679,op_arith8,pos_49,val_-17
339 commit 80818c39f5bfbac37768fcee95b0ffeceaa77264
340 Author: Even Rouault <even.rouault@spatialys.com>
341 Date: 2017-07-26 12:24:26 +0200
343 Avoid index out of bounds access to pi->include[] (#938)
345 Fix id:000098,sig:11,src:005411,op:havoc,rep:2 test case
347 commit d27ccf01c68a31ad62b33d2dc1ba2bb1eeaafe7b
348 Author: Even Rouault <even.rouault@spatialys.com>
349 Date: 2017-07-26 11:30:56 +0200
351 Avoid division by zero in opj_pi_next_rpcl, opj_pi_next_pcrl and opj_pi_next_cprl (#938)
353 Fixes issues with id:000026,sig:08,src:002419,op:int32,pos:60,val:+32 and
354 id:000019,sig:08,src:001098,op:flip1,pos:49
356 commit 39e962a0ca5e53722f6badda8e93681aad412cf1
357 Merge: 60f8ddf 90ced71
358 Author: Even Rouault <even.rouault@mines-paris.org>
359 Date: 2017-07-13 13:33:21 +0200
361 Merge pull request #969 from jeroen/staticlibs
363 install static libraries
365 commit 90ced71601f05e87b4fa922261554eeeb11118b9
366 Author: Jeroen <jeroenooms@gmail.com>
367 Date: 2017-07-13 11:34:15 +0200
369 install static libraries
371 commit 60f8ddf577b20ccbb3dc0559b624115b9ba522ba
372 Author: Even Rouault <even.rouault@spatialys.com>
373 Date: 2017-07-06 12:11:37 +0200
377 commit a38c4496b631bb5d3f8d5ea42d394544523a9bc6
378 Author: Even Rouault <even.rouault@spatialys.com>
379 Date: 2017-07-05 21:33:42 +0200
381 Remove unused m_DA_x0, m_DA_y0, m_DA_x1, m_DA_y1 members from opj_j2k_dec structure