1 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
2 <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
4 <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
5 <meta name="keywords" content="OpenJPEG, current, changes, changelog" />
6 <meta name="description" content="Log of changes in the package" />
7 <link rel="stylesheet" type="text/css" href="../../../css/common.css" />
8 <link rel="stylesheet" type="text/css" href="../../../css/changelog.css" />
12 OpenJPEG current: changelog
18 <table cellpadding='0' cellspacing='0'><tr><td align='center'><h1 class='tool'><a title='Home: ABI tracker for OpenJPEG' href='../../../timeline/openjpeg/index.html' class='tool'>ABI<br/>Tracker</a></h1></td><td width='30px;'></td><td><h1>(OpenJPEG)</h1></td></tr></table><hr/>
21 <h1>Changelog from Git</h1><br/><br/>
22 <div class='changelog'>
23 <pre class='wrap'>commit 9a6d41d22b1a4f17a376d2f6f208c52c58b8e4b3
24 Author: Even Rouault <even.rouault@spatialys.com>
25 Date: 2017-07-30 19:27:01 +0200
27 opj_event_msg(): force zero termination of buffer
29 commit b716f8616394252724ca0811eab3a20ab42b2189
30 Author: Even Rouault <even.rouault@spatialys.com>
31 Date: 2017-07-30 19:26:47 +0200
33 Fix breakage of 22bf99ce0220811bfce1562ee61423cb0245b683
35 commit 22bf99ce0220811bfce1562ee61423cb0245b683
36 Author: Even Rouault <even.rouault@spatialys.com>
37 Date: 2017-07-30 19:07:16 +0200
39 Test return value of opj_j2k_setup_decoding_tile() (commit https://github.com/uclouvain/openjpeg/pull/561/commits/ec31fa0c7f1ff8979312c07296cba41584c458a0 by ak-dxdy, #561)
41 commit ffa9a4f6585dc199fb850dee4255e7a7b84aad63
42 Author: Even Rouault <even.rouault@spatialys.com>
43 Date: 2017-07-30 18:46:34 +0200
45 Fix warnings in USE_JPIP compilation mode
47 commit c22cbd8bdf8ff2ae372f94391a4be2d322b36b41
48 Author: Even Rouault <even.rouault@spatialys.com>
49 Date: 2017-07-30 18:43:25 +0200
51 Avoid heap buffer overflow in function pnmtoimage of convert.c, and unsigned integer overflow in opj_image_create() (CVE-2016-9118, #861)
53 commit 83342f2aafcab4599b49f780e35fd249e8402b61
54 Author: Even Rouault <even.rouault@spatialys.com>
55 Date: 2017-07-30 18:18:59 +0200
57 Fix Doxygen warnings (patch derived from Winfried's doxygen-dif.txt.zip, #849)
59 commit 4748318136626dd9e841ea1aa8b52adfbab26772
60 Author: Even Rouault <even.rouault@spatialys.com>
61 Date: 2017-07-30 17:26:03 +0200
63 j2k.c: remove hardcoded constants related to m_state, and useless FIXME
65 commit e23e0c94d0eb30623bc67be19c38c22ee5378344
66 Author: Even Rouault <even.rouault@spatialys.com>
67 Date: 2017-07-30 16:48:15 +0200
69 Avoid p_stream->m_user_data_length >= (OPJ_UINT64)p_stream->m_byte_offset assertion in opj_stream_get_number_byte_left(). Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2786. Credit to OSS Fuzz
71 commit 1ed8d67797ef57143e2c855b602016bf9d89337d
72 Author: Even Rouault <even.rouault@spatialys.com>
73 Date: 2017-07-30 15:35:47 +0200
75 opj_j2k_set_decode_area: replace assertions by runtime checks. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2795. Credit to OSS Fuzz
77 commit 68832af20e3b3710424947e12762b6b52d3b6ac0
78 Author: Even Rouault <even.rouault@spatialys.com>
79 Date: 2017-07-30 15:22:24 +0200
81 opj_tcd_dc_level_shift_decode: avoid int32 overflow when prec == 31. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2799. Credit to OSS Fuzz
83 commit 517bf6fd86dae18b62390a03533d30da0e5bb701
84 Author: Even Rouault <even.rouault@spatialys.com>
85 Date: 2017-07-29 21:11:23 +0200
87 src/bin/jpwl/convert.c: fix memleak (fix suggested by maddin200, #631)
89 commit 51eb86d8f7a6297a4f0e8ca44977b72532de0353
90 Author: Even Rouault <even.rouault@spatialys.com>
91 Date: 2017-07-29 19:43:23 +0200
93 Fix warnings in pi.c raised by VS11 analyze (#190)
95 commit 397f62c0a838e15d667ef50e27d5d011d2c79c04
96 Author: Even Rouault <even.rouault@spatialys.com>
97 Date: 2017-07-29 19:13:49 +0200
99 Fix write heap buffer overflow in opj_mqc_byteout(). Discovered by Ke Liu of Tencent's Xuanwu LAB (#835)
101 commit 11445eddad7e7fa5b273d1c83c91011c44e5d586
102 Author: Even Rouault <even.rouault@spatialys.com>
103 Date: 2017-07-29 19:03:13 +0200
105 opj_pi_update_decode_poc(): limit layno1 to the number of layers (CVE-2016-1626 and CVE-2016-1628, #850)
107 This has been recently fixed in a less elegant way per
108 80818c39f5bfbac37768fcee95b0ffeceaa77264
110 commit 3fbe71369019df0b47c7a2be4fab8c05768f2f32
111 Author: Even Rouault <even.rouault@spatialys.com>
112 Date: 2017-07-29 18:38:16 +0200
114 opj_tcd_get_decoded_tile_size(): fix potential UINT32 overflow (#854, CVE-2016-5152)
116 Fix derived from https://pdfium.googlesource.com/pdfium.git/+/d8cc503575463ff3d81b22dad292665f2c88911e/third_party/libopenjpeg20/0018-tcd_get_decoded_tile_size.patch
118 commit 5a3e7aaf339943bc988adbada39a1fc8f5046899
119 Author: Even Rouault <even.rouault@spatialys.com>
120 Date: 2017-07-29 17:56:12 +0200
122 color_cielab_to_rgb(): reject images with components of different dimensions to void read heap buffer overflow (#909)
124 commit 784d4d47e97b5d0fccccbd931349997a0e2074cc
125 Author: Even Rouault <even.rouault@spatialys.com>
126 Date: 2017-07-29 17:51:10 +0200
128 Fix breakage of 2fa0fc61f2d546c8b67e7c5a9cbc61d98e1f7af0 (#970)
130 commit 2fa0fc61f2d546c8b67e7c5a9cbc61d98e1f7af0
131 Author: Even Rouault <even.rouault@spatialys.com>
132 Date: 2017-07-29 17:28:55 +0200
134 imagetopnm(): make sure the alpha component has same dimension as other components to avoid read heap buffer overflow (#970)
136 commit db9ef99f6dd054a84fa8382c02869fb0656abfc8
137 Author: Even Rouault <even.rouault@spatialys.com>
138 Date: 2017-07-29 16:34:35 +0200
140 opj_t1_decode_cblk(): avoid undefined shift behaviour. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2487. Credit to OSS Fuzz
142 commit f6551f822fe020843299bd807ec6989abd070b2c
143 Author: Even Rouault <even.rouault@spatialys.com>
144 Date: 2017-07-29 16:29:11 +0200
146 opj_t1_clbl_decode_processor(): avoid undefined behaviour if roishift >= 31. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2506. Credit to OSS Fuzz
148 commit 9906fbf737692486cebabe98169988d818e2e66a
149 Author: Even Rouault <even.rouault@spatialys.com>
150 Date: 2017-07-29 16:22:36 +0200
152 Avoid assertion in opj_j2k_merge_ppt() in case premature EOC is encountered in opj_j2k_read_tile_header(). Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2785. Credit to OSS Fuzz
154 commit 71b4f5b124d14ed609763b11e19d2d480bc32f58
155 Author: Even Rouault <even.rouault@spatialys.com>
156 Date: 2017-07-29 15:52:11 +0200
158 opj_pi_next_pcrl(): avoid undefined shift behaviour. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2787. Credit to OSS Fuzz
160 commit d6654d906c1ae66590b6d600458a91f1ee923de5
161 Author: Even Rouault <even.rouault@spatialys.com>
162 Date: 2017-07-28 22:15:47 +0200
164 opj_int_ceildiv(): fix int32 overflow. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2494. Credit to OSS Fuzz
166 commit 361c4506fdfb9b6f0e41d86d5d0ea1efb5704ecf
167 Author: Even Rouault <even.rouault@spatialys.com>
168 Date: 2017-07-28 22:06:26 +0200
170 opj_tcd_dc_level_shift_decode(): avoid int overflow. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2516. Credit to OSS Fuzz
172 commit 7bdbe490cba9990916f94a40379cc787434340ff
173 Author: Even Rouault <even.rouault@spatialys.com>
174 Date: 2017-07-28 21:55:22 +0200
176 Fix null pointer dereference in opj_jp2_apply_pclr(). Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2558. Credit to OSS Fuzz
178 commit 16aeb9282f6b3877aa8365c461ba8d3d1338adae
179 Author: Even Rouault <even.rouault@spatialys.com>
180 Date: 2017-07-28 21:39:30 +0200
182 Fix null pointer dereference in opj_j2k_add_mct() (#895)
184 Fixes openjeg-crashes-2017-07-27/issue879-poc1.j2k of #895
186 commit c5bf5ef4d6552e9159aaad29cb27826acd1a3389
187 Author: Even Rouault <even.rouault@spatialys.com>
188 Date: 2017-07-28 21:29:55 +0200
190 Avoid use-after-free when a MCT marker is found after a MCC one (#895)
192 Fixes openjeg-crashes-2017-07-27/issue880-poc2.j2k of #895
194 commit e03e9474667e5117341351699f0b1dbb06f93346
195 Author: Even Rouault <even.rouault@spatialys.com>
196 Date: 2017-07-27 22:29:17 +0200
198 Avoid undefined shift behaviour if bit depth == 32 (#895)
200 Fixes openjeg-crashes-2017-07-27/id:000000,sig:11,src:003798,op:ext_AO,pos:128.jp2
202 commit 820fcfe8bb101a2862c076b02c9b6b636ce39d2f
203 Author: Even Rouault <even.rouault@spatialys.com>
204 Date: 2017-07-27 19:34:54 +0200
206 opj_j2k_update_image_data / opj_tcd_update_tile_data: fix unaligned load/store (#895)
208 When components don't have the same width, unaligned load/store are possible.
210 Fixes openjeg-crashes-2017-07-27/id:000000,sig:11,src:001342,op:flip4,pos:162.jp2 of #895
212 commit 6c4e5bacb9d9791fc6ff074bd7958b3820d70514
213 Author: Even Rouault <even.rouault@spatialys.com>
214 Date: 2017-07-27 19:22:14 +0200
216 opj_pi_next_rpcl / opj_pi_next_pcrl / opj_pi_next_cprl: avoid int overflow (#895)
218 Fixes int overflow on openjeg-crashes-2017-07-27/id:000000,sig:08,src:000879,op:flip2,pos:128.jp2
220 commit 178194c093422c9564efc41f9ecb5c630b43f723
221 Author: Even Rouault <even.rouault@spatialys.com>
222 Date: 2017-07-27 18:51:51 +0200
224 opj_jp2_check_color(): replace assertion regarding mtyp by runtime check (#672, #895)
226 Fixes test case openjeg-crashes-2017-07-27/id:000000,sig:06,src:000001,op:flip1,pos:808.jp2
229 commit d6fa30099797c68c6a67decf58571dd59dbf734b
230 Author: Even Rouault <even.rouault@spatialys.com>
231 Date: 2017-07-26 23:25:38 +0200
233 Avoids undefined shift behaviour in m_dc_level_shift computation
235 Fixes warning found on clusterfuzz-testcase-minimized-5146316340461568
236 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2495
240 commit a88cbb6a0b3539461dfb29922102953b7a7fc3a7
241 Author: Even Rouault <even.rouault@spatialys.com>
242 Date: 2017-07-26 22:53:59 +0200
244 Fix various undefined shift behaviour in pi.c
246 Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2496
249 commit 6c5fe9407b7768eb2ac55b83511bc103551d207a
250 Author: Even Rouault <even.rouault@spatialys.com>
251 Date: 2017-07-26 22:22:44 +0200
253 Avoid potential undefined shift behaviour in opj_bio_read() from opj_t2_read_packet_header()
255 Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2485
258 commit dbf527bf2a53bc88e6cf1373991002ec0e8e22a1
259 Merge: 5e795d9 94c4b73
260 Author: Even Rouault <even.rouault@mines-paris.org>
261 Date: 2017-07-26 22:05:32 +0200
263 Merge pull request #800 from rouault/tier1_optimizations_multithreading_pterm_check
265 Implement predictive termination check
267 commit 94c4b7300cc515330bf798bb45eb0d68e2c84aa0
268 Author: Even Rouault <even.rouault@spatialys.com>
269 Date: 2017-07-26 21:39:50 +0200
271 T1 decoder: check code stream errors when predictable termination is enabled and emit a warning when errors are found
273 commit 5e795d90a1e47616e0c7a2e39381c13ccf7fd6dd
274 Author: Even Rouault <even.rouault@spatialys.com>
275 Date: 2017-07-26 21:06:38 +0200
277 Spelling fixes (patch by ka7, #890, rebased on top of master)
279 commit 2be20ce7d9996e960d79f3ad6ec439a9895849ed
280 Author: Even Rouault <even.rouault@spatialys.com>
281 Date: 2017-07-26 21:04:01 +0200
283 Reformat src/bin/wx/OPJViewer/source/OPJThreads.cpp src/bin/wx/OPJViewer/source/imagjpeg2000.cpp wrapping/java/openjp2/JavaOpenJPEG.c
285 commit 94cc97c58acfa574e734fac5eb673c516c0ac469
286 Author: Even Rouault <even.rouault@spatialys.com>
287 Date: 2017-07-26 20:13:09 +0200
289 opj_decompress: fix null pointer dereference on comps[].data on id_000167,sig_11,src_006079,op_havoc,rep_4 (#939)
291 commit 8d2e69e37d01bf6a0440d3109d92235c3c586ffe
292 Author: Even Rouault <even.rouault@spatialys.com>
293 Date: 2017-07-26 19:49:38 +0200
295 Fix assertion / memory leak in opj_j2k_merge_ppt() on corrupted images (#939)
297 Fixes issue on id:000020,sig:06,src:001958,op:flip4,pos:149 that has two
298 SOT markers for the same tile with the same tile part number, causing
299 opj_j2k_merge_ppt() to be called several times.
301 commit 5c5319984b81e2aa32d1d83abdef0cdb8dbe7b18
302 Author: Even Rouault <even.rouault@spatialys.com>
303 Date: 2017-07-26 18:05:56 +0200
305 Avoid division by zero in opj_pi_next_rpcl, opj_pi_next_pcrl, opj_pi_next_cprl (#938)
307 Fixes crash on id_000004,sig_06,src_000679,op_arith8,pos_49,val_-17
309 commit 80818c39f5bfbac37768fcee95b0ffeceaa77264
310 Author: Even Rouault <even.rouault@spatialys.com>
311 Date: 2017-07-26 12:24:26 +0200
313 Avoid index out of bounds access to pi->include[] (#938)
315 Fix id:000098,sig:11,src:005411,op:havoc,rep:2 test case
317 commit d27ccf01c68a31ad62b33d2dc1ba2bb1eeaafe7b
318 Author: Even Rouault <even.rouault@spatialys.com>
319 Date: 2017-07-26 11:30:56 +0200
321 Avoid division by zero in opj_pi_next_rpcl, opj_pi_next_pcrl and opj_pi_next_cprl (#938)
323 Fixes issues with id:000026,sig:08,src:002419,op:int32,pos:60,val:+32 and
324 id:000019,sig:08,src:001098,op:flip1,pos:49
326 commit 39e962a0ca5e53722f6badda8e93681aad412cf1
327 Merge: 60f8ddf 90ced71
328 Author: Even Rouault <even.rouault@mines-paris.org>
329 Date: 2017-07-13 13:33:21 +0200
331 Merge pull request #969 from jeroen/staticlibs
333 install static libraries
335 commit 90ced71601f05e87b4fa922261554eeeb11118b9
336 Author: Jeroen <jeroenooms@gmail.com>
337 Date: 2017-07-13 11:34:15 +0200
339 install static libraries
341 commit 60f8ddf577b20ccbb3dc0559b624115b9ba522ba
342 Author: Even Rouault <even.rouault@spatialys.com>
343 Date: 2017-07-06 12:11:37 +0200
347 commit a38c4496b631bb5d3f8d5ea42d394544523a9bc6
348 Author: Even Rouault <even.rouault@spatialys.com>
349 Date: 2017-07-05 21:33:42 +0200
351 Remove unused m_DA_x0, m_DA_y0, m_DA_x1, m_DA_y1 members from opj_j2k_dec structure
353 commit 1a8eac6a90ca61f3703f9b97afc2ec4918f0ab55
354 Author: Even Rouault <even.rouault@spatialys.com>
355 Date: 2017-07-03 14:14:03 +0200
357 Add tests/fuzzers for OSS Fuzz (#965)
359 commit c308de39edc1697efbd5c10dc4852a58f9b86558
360 Author: Even Rouault <even.rouault@spatialys.com>
361 Date: 2017-07-03 14:33:57 +0200
363 opj_j2k_read_header_procedure(): validate marker size to avoid excessive memory allocation attempt
365 commit 5736b1a3683261a5b31fc19a691731dc9fce5920
366 Merge: ecbfcbc a0839cc
367 Author: Even Rouault <even.rouault@mines-paris.org>
368 Date: 2017-07-03 12:03:29 +0200
370 Merge pull request #954 from jeroen/static
372 build both shared and static library
374 commit ecbfcbc2764ff1b09e693d57e3ef5764518f1e1c
375 Merge: e673c8b 96d757c
376 Author: Even Rouault <even.rouault@mines-paris.org>
377 Date: 2017-07-01 13:51:52 +0200
379 Merge pull request #964 from rouault/remove_useless_knownfailures
381 Remove useless knownfailures (since LAZY encoding is fixed)
383 commit e673c8bd4da9f0414da472ac5f3d8e03e5102982
384 Author: Even Rouault <even.rouault@mines-paris.org>
385 Date: 2017-07-01 12:54:39 +0200
387 Merge pull request #963 from rouault/travis_avx2
389 Enable AVX2 at runtime on Travis-CI and AppVeyor
391 commit 96d757cb8e6c3fb0e133817e5057ee5eae6a594d
392 Author: Even Rouault <even.rouault@spatialys.com>
393 Date: 2017-07-01 04:24:46 +0200
395 Remove useless knownfailures (since LAZY encoding is fixed)
397 commit a0839cca24e19f1f0906e30ee1009ce89e4942b4
398 Author: Jeroen Ooms <jeroenooms@gmail.com>
399 Date: 2017-06-16 13:58:25 +0200
401 only build both static and dynamic on non-windows
403 commit 1329b3240aafb1b31328091eb6f7720787b391be
404 Author: Jeroen Ooms <jeroenooms@gmail.com>
405 Date: 2017-06-16 13:27:19 +0200
407 build both shared and static library