summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* libtiff 4.1.0 releasedv4.1.0Bob Friesenhahn2019-11-037-12/+15
|
* ChangeLog updated with latest git commits.Bob Friesenhahn2019-11-031-0/+882
|
* Added a step for updating the legacy ChangeLog file.Bob Friesenhahn2019-11-031-21/+33
|
* Ignore emacs temporary files (ending with tilde character).Bob Friesenhahn2019-11-031-0/+1
|
* Added release summary page for the 4.1.0 release.Bob Friesenhahn2019-11-031-0/+198
|
* Fix Cmake HAVE_GETOPT for systems which declare getopt in stdio.h.Bob Friesenhahn2019-11-0311-11/+11
| | | | Fix utility baked-in getopt prototype which appears when HAVE_GETOPT is not defined.
* Fax2tiff.sh needs to remove its output file in advance. Syntax changes so ↵Bob Friesenhahn2019-11-031-1/+2
| | | | that bash is not required.
* tif_jpeg.c: extra cast to silence Coverity warning. GDAL CID 1406475Even Rouault2019-10-261-1/+1
|
* tif_jpeg.c: fix warning added by previous commit (on 32bit builds)Even Rouault2019-10-231-1/+1
|
* Merge branch 'coverity-fixes' into 'master'Even Rouault2019-10-232-3/+3
|\ | | | | | | | | Coverity fixes See merge request libtiff/libtiff!94
| * Use 64-bit calculations correctlyTimothy Lyanguzov2019-10-231-1/+1
| |
| * Fix size calculation to use 64-bit tmsize_t correctlyTimothy Lyanguzov2019-10-231-1/+1
| |
| * Make bytesperclumpline calculations using tmsize_t typeTimothy Lyanguzov2019-10-231-1/+1
|/
* tif_read: align code of TIFFReadRawStrip() and TIFFReadRawTile() that ↵Even Rouault2019-10-031-10/+12
| | | | differed for non good reason. Non-functional change normally. (fixes GitLab #162)
* HTML: update for GitLab issuesEven Rouault2019-10-013-11/+15
|
* html/v3.5.6-beta.html: redact URL of defunct web siteEven Rouault2019-09-291-1/+1
|
* Website: update links to mailing listEven Rouault2019-09-291-5/+5
|
* TIFFReadAndRealloc(): avoid too large memory allocation attempts. Fixes ↵Even Rouault2019-09-181-0/+16
| | | | https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=17244
* ByteCountLooksBad and EstimateStripByteCounts: avoid unsigned integer ↵Even Rouault2019-09-031-3/+13
| | | | overflows. Fixes https://oss-fuzz.com/testcase-detail/5686156066291712 and https://oss-fuzz.com/testcase-detail/6332499206078464
* tif_ojpeg.c: avoid relying on isTiled macro being wrapped in ()Even Rouault2019-09-021-2/+2
|
* tif_ojpeg.c: avoid use of uninitialized memory on edge/broken file. Fixes ↵Even Rouault2019-09-021-1/+7
| | | | https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16844
* tiff_read_rgba_fuzzer.cc: add a -DSTANDALONE mode for easier reproduction of ↵Even Rouault2019-09-021-0/+82
| | | | oss-fuzz reports
* tif_dirread.c: allocChoppedUpStripArrays(). avoid unsigned integer overflow. ↵Even Rouault2019-09-011-8/+21
| | | | Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16846
* tif_ojpeg.c: avoid unsigned integer overflow. Fixes ↵Even Rouault2019-08-271-1/+3
| | | | https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16793
* TIFFReadDirEntryData(): rewrite to avoid unsigned integer overflow (not a ↵Even Rouault2019-08-271-6/+6
| | | | bug). Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16792
* TIFFFetchDirectory(): fix invalid cast from uint64 to tmsize_t. Fixes ↵Even Rouault2019-08-261-2/+3
| | | | https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16784
* JPEG: avoid use of unintialized memory on corrupted filesEven Rouault2019-08-251-0/+14
| | | | | | Follow-up of cf3ce6fab894414a336546f62adc57f02590a22c Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16602 Credit to OSS Fuzz
* _TIFFPartialReadStripArray(): avoid unsigned integer overflow. Fixes ↵Even Rouault2019-08-241-0/+8
| | | | https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16685
* OJPEGWriteHeaderInfo(): avoid unsigned integer overflow on strile dimensions ↵Even Rouault2019-08-231-2/+2
| | | | close to UINT32_MAX. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16683
* TIFFFillStrip(): avoid harmless unsigned integer overflow. Fixes ↵Even Rouault2019-08-231-2/+8
| | | | https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16653
* EstimateStripByteCounts(): avoid unsigned integer overflow. Fixes ↵Even Rouault2019-08-231-1/+5
| | | | https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16643&
* tif_ojpeg: avoid unsigned integer overflow (probably not a bug). Fixes ↵Even Rouault2019-08-231-1/+2
| | | | https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16635
* tif_thunder: avoid unsigned integer overflow (not a bug). Fixes ↵Even Rouault2019-08-231-5/+5
| | | | https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16632
* _TIFFMultiply32() / _TIFFMultiply64(): avoid relying on unsigned integer ↵Even Rouault2019-08-223-20/+16
| | | | overflow (not a bug)
* EstimateStripByteCounts(): avoid unsigned integer overflowEven Rouault2019-08-221-0/+2
|
* EstimateStripByteCounts(): avoid unsigned integer overflowEven Rouault2019-08-211-14/+17
|
* EstimateStripByteCounts(): avoid harmless unsigned integer overflowEven Rouault2019-08-201-2/+8
|
* _TIFFPartialReadStripArray(): avoid triggering unsigned integer overflow ↵Even Rouault2019-08-201-1/+8
| | | | with -fsanitize=unsigned-integer-overflow (not a bug, this is well defined by itself)
* tiff2ps: fix use of wrong data type that caused issues (/Height being ↵Even Rouault2019-08-181-6/+6
| | | | written as 0) on 64-bit big endian platforms
* setByteArray(): fix previous commitEven Rouault2019-08-161-1/+1
|
* setByteArray(): avoid potential signed integer overflow. Pointed by Hendra ↵Even Rouault2019-08-161-2/+2
| | | | Gunadi. No actual problem known (which does not mean there wouldn't be any. Particularly on 32bit builds)
* RGBA interface: fix integer overflow potentially causing write heap buffer ↵Even Rouault2019-08-151-6/+20
| | | | overflow, especially on 32 bit builds. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16443. Credit to OSS Fuzz
* Merge branch 'fix_integer_overflow' into 'master'Even Rouault2019-08-148-107/+71
|\ | | | | | | | | Fix integer overflow in _TIFFCheckMalloc() and other implementation-defined behaviour (CVE-2019-14973) See merge request libtiff/libtiff!90
| * Fix integer overflow in _TIFFCheckMalloc() and other implementation-defined ↵Even Rouault2019-08-138-107/+71
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | behaviour (CVE-2019-14973) _TIFFCheckMalloc()/_TIFFCheckRealloc() used a unsafe way to detect overflow in the multiplication of nmemb and elem_size (which are of type tmsize_t, thus signed), which was especially easily triggered on 32-bit builds (with recent enough compilers that assume that signed multiplication cannot overflow, since this is undefined behaviour by the C standard). The original issue which lead to this fix was trigged from tif_fax3.c There were also unsafe (implementation defied), and broken in practice on 64bit builds, ways of checking that a uint64 fits of a (signed) tmsize_t by doing (uint64)(tmsize_t)uint64_var != uint64_var comparisons. Those have no known at that time exploits, but are better to fix in a more bullet-proof way. Or similarly use of (int64)uint64_var <= 0.
* | TIFFClientOpen(): fix memory leak if one of the required callbacks is not ↵Even Rouault2019-08-121-0/+1
| | | | | | | | provided. Fixed Coverity GDAL CID 1404110
* | OJPEGReadBufferFill(): avoid very long processing time on corrupted files. ↵Even Rouault2019-08-121-2/+7
| | | | | | | | Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16400. master only
* | oss-fuzz/tiff_read_rgba_fuzzer.cc: fix wrong env variable value in previous ↵Even Rouault2019-08-111-1/+1
| | | | | | | | commit
* | oss-fuzz/tiff_read_rgba_fuzzer.cc: avoid issue with libjpeg-turbo and MSANEven Rouault2019-08-111-0/+9
| |
* | OJPEG: fix integer division by zero on corrupted subsampling factors. Fixes ↵Even Rouault2019-08-101-0/+6
| | | | | | | | https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15824. Credit to OSS Fuzz
* | Merge branch 'ossfuzz_i386'Even Rouault2019-08-101-2/+9
|\ \
View Lorry Controller Status