commit eb90d8ec935eba934bfd260cc80c8ef445dff4fd
Author: Antonin Descampe <antonin@gmail.com>
Date: 2017-08-02 16:50:11 +0200
WIP: fix abi-check and automatic upload
commit 48125b0d124bc668b971b1f5df5a3c39798cfcf9
Author: Even Rouault <even.rouault@spatialys.com>
Date: 2017-07-31 17:35:10 +0200
src/bin/jpwl/convert.c: add missing fclose() in error code path (suggested by maddin200, #976)
commit 13cde9fa37249628af6b6f10601b733f87a025f4
Author: Even Rouault <even.rouault@spatialys.com>
Date: 2017-07-30 19:46:52 +0200
src/lib/openjp2/*.h: use OPJ_ prefix for inclusion guards instead of reserved __ (#587)
commit 9a6d41d22b1a4f17a376d2f6f208c52c58b8e4b3
Author: Even Rouault <even.rouault@spatialys.com>
Date: 2017-07-30 19:27:01 +0200
opj_event_msg(): force zero termination of buffer
commit b716f8616394252724ca0811eab3a20ab42b2189
Author: Even Rouault <even.rouault@spatialys.com>
Date: 2017-07-30 19:26:47 +0200
Fix breakage of 22bf99ce0220811bfce1562ee61423cb0245b683
commit 22bf99ce0220811bfce1562ee61423cb0245b683
Author: Even Rouault <even.rouault@spatialys.com>
Date: 2017-07-30 19:07:16 +0200
Test return value of opj_j2k_setup_decoding_tile() (commit https://github.com/uclouvain/openjpeg/pull/561/commits/ec31fa0c7f1ff8979312c07296cba41584c458a0 by ak-dxdy, #561)
commit ffa9a4f6585dc199fb850dee4255e7a7b84aad63
Author: Even Rouault <even.rouault@spatialys.com>
Date: 2017-07-30 18:46:34 +0200
Fix warnings in USE_JPIP compilation mode
commit c22cbd8bdf8ff2ae372f94391a4be2d322b36b41
Author: Even Rouault <even.rouault@spatialys.com>
Date: 2017-07-30 18:43:25 +0200
Avoid heap buffer overflow in function pnmtoimage of convert.c, and unsigned integer overflow in opj_image_create() (CVE-2016-9118, #861)
commit 83342f2aafcab4599b49f780e35fd249e8402b61
Author: Even Rouault <even.rouault@spatialys.com>
Date: 2017-07-30 18:18:59 +0200
Fix Doxygen warnings (patch derived from Winfried's doxygen-dif.txt.zip, #849)
commit 4748318136626dd9e841ea1aa8b52adfbab26772
Author: Even Rouault <even.rouault@spatialys.com>
Date: 2017-07-30 17:26:03 +0200
j2k.c: remove hardcoded constants related to m_state, and useless FIXME
commit e23e0c94d0eb30623bc67be19c38c22ee5378344
Author: Even Rouault <even.rouault@spatialys.com>
Date: 2017-07-30 16:48:15 +0200
Avoid p_stream->m_user_data_length >= (OPJ_UINT64)p_stream->m_byte_offset assertion in opj_stream_get_number_byte_left(). Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2786. Credit to OSS Fuzz
commit 1ed8d67797ef57143e2c855b602016bf9d89337d
Author: Even Rouault <even.rouault@spatialys.com>
Date: 2017-07-30 15:35:47 +0200
opj_j2k_set_decode_area: replace assertions by runtime checks. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2795. Credit to OSS Fuzz
commit 68832af20e3b3710424947e12762b6b52d3b6ac0
Author: Even Rouault <even.rouault@spatialys.com>
Date: 2017-07-30 15:22:24 +0200
opj_tcd_dc_level_shift_decode: avoid int32 overflow when prec == 31. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2799. Credit to OSS Fuzz
commit 517bf6fd86dae18b62390a03533d30da0e5bb701
Author: Even Rouault <even.rouault@spatialys.com>
Date: 2017-07-29 21:11:23 +0200
src/bin/jpwl/convert.c: fix memleak (fix suggested by maddin200, #631)
commit 51eb86d8f7a6297a4f0e8ca44977b72532de0353
Author: Even Rouault <even.rouault@spatialys.com>
Date: 2017-07-29 19:43:23 +0200
Fix warnings in pi.c raised by VS11 analyze (#190)
commit 397f62c0a838e15d667ef50e27d5d011d2c79c04
Author: Even Rouault <even.rouault@spatialys.com>
Date: 2017-07-29 19:13:49 +0200
Fix write heap buffer overflow in opj_mqc_byteout(). Discovered by Ke Liu of Tencent's Xuanwu LAB (#835)
commit 11445eddad7e7fa5b273d1c83c91011c44e5d586
Author: Even Rouault <even.rouault@spatialys.com>
Date: 2017-07-29 19:03:13 +0200
opj_pi_update_decode_poc(): limit layno1 to the number of layers (CVE-2016-1626 and CVE-2016-1628, #850)
This has been recently fixed in a less elegant way per
80818c39f5bfbac37768fcee95b0ffeceaa77264
commit 3fbe71369019df0b47c7a2be4fab8c05768f2f32
Author: Even Rouault <even.rouault@spatialys.com>
Date: 2017-07-29 18:38:16 +0200
opj_tcd_get_decoded_tile_size(): fix potential UINT32 overflow (#854, CVE-2016-5152)
Fix derived from https://pdfium.googlesource.com/pdfium.git/+/d8cc503575463ff3d81b22dad292665f2c88911e/third_party/libopenjpeg20/0018-tcd_get_decoded_tile_size.patch
commit 5a3e7aaf339943bc988adbada39a1fc8f5046899
Author: Even Rouault <even.rouault@spatialys.com>
Date: 2017-07-29 17:56:12 +0200
color_cielab_to_rgb(): reject images with components of different dimensions to void read heap buffer overflow (#909)
commit 784d4d47e97b5d0fccccbd931349997a0e2074cc
Author: Even Rouault <even.rouault@spatialys.com>
Date: 2017-07-29 17:51:10 +0200
Fix breakage of 2fa0fc61f2d546c8b67e7c5a9cbc61d98e1f7af0 (#970)
commit 2fa0fc61f2d546c8b67e7c5a9cbc61d98e1f7af0
Author: Even Rouault <even.rouault@spatialys.com>
Date: 2017-07-29 17:28:55 +0200
imagetopnm(): make sure the alpha component has same dimension as other components to avoid read heap buffer overflow (#970)
commit db9ef99f6dd054a84fa8382c02869fb0656abfc8
Author: Even Rouault <even.rouault@spatialys.com>
Date: 2017-07-29 16:34:35 +0200
opj_t1_decode_cblk(): avoid undefined shift behaviour. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2487. Credit to OSS Fuzz
commit f6551f822fe020843299bd807ec6989abd070b2c
Author: Even Rouault <even.rouault@spatialys.com>
Date: 2017-07-29 16:29:11 +0200
opj_t1_clbl_decode_processor(): avoid undefined behaviour if roishift >= 31. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2506. Credit to OSS Fuzz
commit 9906fbf737692486cebabe98169988d818e2e66a
Author: Even Rouault <even.rouault@spatialys.com>
Date: 2017-07-29 16:22:36 +0200
Avoid assertion in opj_j2k_merge_ppt() in case premature EOC is encountered in opj_j2k_read_tile_header(). Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2785. Credit to OSS Fuzz
commit 71b4f5b124d14ed609763b11e19d2d480bc32f58
Author: Even Rouault <even.rouault@spatialys.com>
Date: 2017-07-29 15:52:11 +0200
opj_pi_next_pcrl(): avoid undefined shift behaviour. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2787. Credit to OSS Fuzz
commit d6654d906c1ae66590b6d600458a91f1ee923de5
Author: Even Rouault <even.rouault@spatialys.com>
Date: 2017-07-28 22:15:47 +0200
opj_int_ceildiv(): fix int32 overflow. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2494. Credit to OSS Fuzz
commit 361c4506fdfb9b6f0e41d86d5d0ea1efb5704ecf
Author: Even Rouault <even.rouault@spatialys.com>
Date: 2017-07-28 22:06:26 +0200
opj_tcd_dc_level_shift_decode(): avoid int overflow. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2516. Credit to OSS Fuzz
commit 7bdbe490cba9990916f94a40379cc787434340ff
Author: Even Rouault <even.rouault@spatialys.com>
Date: 2017-07-28 21:55:22 +0200
Fix null pointer dereference in opj_jp2_apply_pclr(). Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2558. Credit to OSS Fuzz
commit 16aeb9282f6b3877aa8365c461ba8d3d1338adae
Author: Even Rouault <even.rouault@spatialys.com>
Date: 2017-07-28 21:39:30 +0200
Fix null pointer dereference in opj_j2k_add_mct() (#895)
Fixes openjeg-crashes-2017-07-27/issue879-poc1.j2k of #895
commit c5bf5ef4d6552e9159aaad29cb27826acd1a3389
Author: Even Rouault <even.rouault@spatialys.com>
Date: 2017-07-28 21:29:55 +0200
Avoid use-after-free when a MCT marker is found after a MCC one (#895)
Fixes openjeg-crashes-2017-07-27/issue880-poc2.j2k of #895
commit e03e9474667e5117341351699f0b1dbb06f93346
Author: Even Rouault <even.rouault@spatialys.com>
Date: 2017-07-27 22:29:17 +0200
Avoid undefined shift behaviour if bit depth == 32 (#895)
Fixes openjeg-crashes-2017-07-27/id:000000,sig:11,src:003798,op:ext_AO,pos:128.jp2
commit 820fcfe8bb101a2862c076b02c9b6b636ce39d2f
Author: Even Rouault <even.rouault@spatialys.com>
Date: 2017-07-27 19:34:54 +0200
opj_j2k_update_image_data / opj_tcd_update_tile_data: fix unaligned load/store (#895)
When components don't have the same width, unaligned load/store are possible.
Fixes openjeg-crashes-2017-07-27/id:000000,sig:11,src:001342,op:flip4,pos:162.jp2 of #895
commit 6c4e5bacb9d9791fc6ff074bd7958b3820d70514
Author: Even Rouault <even.rouault@spatialys.com>
Date: 2017-07-27 19:22:14 +0200
opj_pi_next_rpcl / opj_pi_next_pcrl / opj_pi_next_cprl: avoid int overflow (#895)
Fixes int overflow on openjeg-crashes-2017-07-27/id:000000,sig:08,src:000879,op:flip2,pos:128.jp2
commit 178194c093422c9564efc41f9ecb5c630b43f723
Author: Even Rouault <even.rouault@spatialys.com>
Date: 2017-07-27 18:51:51 +0200
opj_jp2_check_color(): replace assertion regarding mtyp by runtime check (#672, #895)
Fixes test case openjeg-crashes-2017-07-27/id:000000,sig:06,src:000001,op:flip1,pos:808.jp2
of #895
commit d6fa30099797c68c6a67decf58571dd59dbf734b
Author: Even Rouault <even.rouault@spatialys.com>
Date: 2017-07-26 23:25:38 +0200
Avoids undefined shift behaviour in m_dc_level_shift computation
Fixes warning found on clusterfuzz-testcase-minimized-5146316340461568
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2495
Credit to OSS Fuzz
commit a88cbb6a0b3539461dfb29922102953b7a7fc3a7
Author: Even Rouault <even.rouault@spatialys.com>
Date: 2017-07-26 22:53:59 +0200
Fix various undefined shift behaviour in pi.c
Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2496
Credit to OSS Fuzz
commit 6c5fe9407b7768eb2ac55b83511bc103551d207a
Author: Even Rouault <even.rouault@spatialys.com>
Date: 2017-07-26 22:22:44 +0200
Avoid potential undefined shift behaviour in opj_bio_read() from opj_t2_read_packet_header()
Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2485
Credit to OSS Fuzz
commit dbf527bf2a53bc88e6cf1373991002ec0e8e22a1
Merge: 5e795d9 94c4b73
Author: Even Rouault <even.rouault@mines-paris.org>
Date: 2017-07-26 22:05:32 +0200
Merge pull request #800 from rouault/tier1_optimizations_multithreading_pterm_check
Implement predictive termination check
commit 94c4b7300cc515330bf798bb45eb0d68e2c84aa0
Author: Even Rouault <even.rouault@spatialys.com>
Date: 2017-07-26 21:39:50 +0200
T1 decoder: check code stream errors when predictable termination is enabled and emit a warning when errors are found
commit 5e795d90a1e47616e0c7a2e39381c13ccf7fd6dd
Author: Even Rouault <even.rouault@spatialys.com>
Date: 2017-07-26 21:06:38 +0200
Spelling fixes (patch by ka7, #890, rebased on top of master)
commit 2be20ce7d9996e960d79f3ad6ec439a9895849ed
Author: Even Rouault <even.rouault@spatialys.com>
Date: 2017-07-26 21:04:01 +0200
Reformat src/bin/wx/OPJViewer/source/OPJThreads.cpp src/bin/wx/OPJViewer/source/imagjpeg2000.cpp wrapping/java/openjp2/JavaOpenJPEG.c
commit 94cc97c58acfa574e734fac5eb673c516c0ac469
Author: Even Rouault <even.rouault@spatialys.com>
Date: 2017-07-26 20:13:09 +0200
opj_decompress: fix null pointer dereference on comps[].data on id_000167,sig_11,src_006079,op_havoc,rep_4 (#939)
commit 8d2e69e37d01bf6a0440d3109d92235c3c586ffe
Author: Even Rouault <even.rouault@spatialys.com>
Date: 2017-07-26 19:49:38 +0200
Fix assertion / memory leak in opj_j2k_merge_ppt() on corrupted images (#939)
Fixes issue on id:000020,sig:06,src:001958,op:flip4,pos:149 that has two
SOT markers for the same tile with the same tile part number, causing
opj_j2k_merge_ppt() to be called several times.
commit 5c5319984b81e2aa32d1d83abdef0cdb8dbe7b18
Author: Even Rouault <even.rouault@spatialys.com>
Date: 2017-07-26 18:05:56 +0200
Avoid division by zero in opj_pi_next_rpcl, opj_pi_next_pcrl, opj_pi_next_cprl (#938)
Fixes crash on id_000004,sig_06,src_000679,op_arith8,pos_49,val_-17
commit 80818c39f5bfbac37768fcee95b0ffeceaa77264
Author: Even Rouault <even.rouault@spatialys.com>
Date: 2017-07-26 12:24:26 +0200
Avoid index out of bounds access to pi->include[] (#938)
Fix id:000098,sig:11,src:005411,op:havoc,rep:2 test case
commit d27ccf01c68a31ad62b33d2dc1ba2bb1eeaafe7b
Author: Even Rouault <even.rouault@spatialys.com>
Date: 2017-07-26 11:30:56 +0200
Avoid division by zero in opj_pi_next_rpcl, opj_pi_next_pcrl and opj_pi_next_cprl (#938)
Fixes issues with id:000026,sig:08,src:002419,op:int32,pos:60,val:+32 and
id:000019,sig:08,src:001098,op:flip1,pos:49
commit 39e962a0ca5e53722f6badda8e93681aad412cf1
Merge: 60f8ddf 90ced71
Author: Even Rouault <even.rouault@mines-paris.org>
Date: 2017-07-13 13:33:21 +0200
Merge pull request #969 from jeroen/staticlibs
install static libraries
commit 90ced71601f05e87b4fa922261554eeeb11118b9
Author: Jeroen <jeroenooms@gmail.com>
Date: 2017-07-13 11:34:15 +0200
install static libraries
commit 60f8ddf577b20ccbb3dc0559b624115b9ba522ba
Author: Even Rouault <even.rouault@spatialys.com>
Date: 2017-07-06 12:11:37 +0200
Comment fix
commit a38c4496b631bb5d3f8d5ea42d394544523a9bc6
Author: Even Rouault <even.rouault@spatialys.com>
Date: 2017-07-05 21:33:42 +0200
Remove unused m_DA_x0, m_DA_y0, m_DA_x1, m_DA_y1 members from opj_j2k_dec structure
commit 1a8eac6a90ca61f3703f9b97afc2ec4918f0ab55
Author: Even Rouault <even.rouault@spatialys.com>
Date: 2017-07-03 14:14:03 +0200
Add tests/fuzzers for OSS Fuzz (#965)
commit c308de39edc1697efbd5c10dc4852a58f9b86558
Author: Even Rouault <even.rouault@spatialys.com>
Date: 2017-07-03 14:33:57 +0200
opj_j2k_read_header_procedure(): validate marker size to avoid excessive memory allocation attempt
...