summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
...
* * libjpeg/tif_jpeg.c: error out at decoding time if anticipated libjpegerouault2017-06-242-1/+62
| | | | | | | | | | | memory allocation is above 100 MB. libjpeg in case of multiple scans, which is allowed even in baseline JPEG, if components are spread over several scans and not interleavedin a single one, needs to allocate memory (or backing store) for the whole strip/tile. See http://www.libjpeg-turbo.org/pmwiki/uploads/About/TwoIssueswiththeJPEGStandard.pdf This limitation may be overriden by setting the LIBTIFF_ALLOW_LARGE_LIBJPEG_MEM_ALLOC environment variable, or recompiling libtiff with a custom value of TIFF_LIBJPEG_LARGEST_MEM_ALLOC macro.
* * libtiff/tif_jpeg.c: add anti-denial of service measure to avoid excessiveerouault2017-06-242-1/+41
| | | | | | | CPU consumption on progressive JPEGs with a huge number of scans. See http://www.libjpeg-turbo.org/pmwiki/uploads/About/TwoIssueswiththeJPEGStandard.pdf Note: only affects libtiff since 2014-12-29 where support of non-baseline JPEG was added.
* * libtiff/tiffiop.h: add TIFF_NOSANITIZE_UNSIGNED_INT_OVERFLOW macro toerouault2017-06-187-51/+87
| | | | | | | | | | | | disable CLang warnings raised by -fsanitize=undefined,unsigned-integer-overflow * libtiff/tif_predict.c: decorate legitimate functions where unsigned int overflow occur with TIFF_NOSANITIZE_UNSIGNED_INT_OVERFLOW * libtiff/tif_dirread.c: avoid unsigned int overflow in EstimateStripByteCounts() and BYTECOUNTLOOKSBAD when file is too short. * libtiff/tif_jpeg.c: avoid (harmless) unsigned int overflow on tiled images. * libtiff/tif_fax3.c: avoid unsigned int overflow in Fax3Encode2DRow(). Could potentially be a bug with huge rows. * libtiff/tif_getimage.c: avoid many (harmless) unsigned int overflows.
* * libtiff/tif_dirread.c: TIFFFetchStripThing(): limit the number of itemserouault2017-06-122-17/+40
| | | | | | | read in StripOffsets/StripByteCounts tags to the number of strips to avoid excessive memory allocation. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2215 Credit to OSS Fuzz
* Reference GDAL ticketerouault2017-06-121-0/+1
|
* * libtiff/tif_dirread.c: fix regression of libtiff 4.0.8 inerouault2017-06-122-1/+15
| | | | | | | | ChopUpSingleUncompressedStrip() regarding update of newly single-strip uncompressed files whose bytecount is 0. Before the change of 2016-12-03, the condition bytecount==0 used to trigger an early exit/disabling of strip chop. Re-introduce that in update mode. Otherwise this cause later incorrect setting for the value of StripByCounts/StripOffsets.
* * .appveyor.yml, .travis.yml, build/travis-ci: apply patcheserouault2017-06-094-16/+50
| | | | | | 0001-ci-Travis-script-improvements.patch and 0002-ci-Invoke-helper-script-via-shell.patch by Roger Leigh (sent to mailing list)
* Re-add build/travis-ci with execution biterouault2017-06-091-0/+90
|
* remove build/travis-ci to re-add it with +x biterouault2017-06-091-90/+0
|
* * .travis.yml, build/travis-ci: new files fromerouault2017-06-087-13/+268
| | | | | | | | | | | | | | | | | | | | 0001-ci-Add-Travis-support-for-Linux-builds-with-Autoconf.patch by Roger Leigh (sent to mailing list on 2017-06-08) This patch adds support for the Travis-CI service. * .appveyor.yml: new file from 0002-ci-Add-AppVeyor-support.patch by Roger Leigh (sent to mailing list on 2017-06-08) This patch adds a .appveyor.yml file to the top-level. This allows one to opt in to having a branch built on Windows with Cygwin, MinGW and MSVC automatically when a branch is pushed to GitHub, GitLab, BitBucket or any other supported git hosting service. * CMakeLists.txt, test/CMakeLists.txt, test/TiffTestCommon.cmake: apply patch 0001-cmake-Improve-Cygwin-and-MingGW-test-support.patch from Roger Leigh (sent to mailing list on 2017-06-08) This patch makes the CMake build system support running the tests with MinGW or Cygwin.
* * libtiff/tif_swab.c: if DISABLE_CHECK_TIFFSWABMACROS is defined, do not doerouault2017-06-082-12/+18
| | | | | the #ifdef TIFFSwabXXX checks. Make it easier for GDAL to rename the symbols of its internal libtiff copy.
* * libtiff/tif_dirinfo.c, tif_dirread.c: add _TIFFCheckFieldIsValidForCodec(),erouault2017-06-014-3/+131
| | | | | | | | | | | | | | | | | | | and use it in TIFFReadDirectory() so as to ignore fields whose tag is a codec-specified tag but this codec is not enabled. This avoids TIFFGetField() to behave differently depending on whether the codec is enabled or not, and thus can avoid stack based buffer overflows in a number of TIFF utilities such as tiffsplit, tiffcmp, thumbnail, etc. Patch derived from 0063-Handle-properly-CODEC-specific-tags.patch (http://bugzilla.maptools.org/show_bug.cgi?id=2580) by Raphaël Hertzog. Fixes: http://bugzilla.maptools.org/show_bug.cgi?id=2580 http://bugzilla.maptools.org/show_bug.cgi?id=2693 http://bugzilla.maptools.org/show_bug.cgi?id=2625 (CVE-2016-10095) http://bugzilla.maptools.org/show_bug.cgi?id=2564 (CVE-2015-7554) http://bugzilla.maptools.org/show_bug.cgi?id=2561 (CVE-2016-5318) http://bugzilla.maptools.org/show_bug.cgi?id=2499 (CVE-2014-8128) http://bugzilla.maptools.org/show_bug.cgi?id=2441 http://bugzilla.maptools.org/show_bug.cgi?id=2433
* * libtiff/tif_getimage.c: initYCbCrConversion(): stricter validation forerouault2017-05-292-2/+10
| | | | | | | refBlackWhite coefficients values. To avoid invalid float->int32 conversion (when refBlackWhite[0] == 2147483648.f) Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1907 Credit to OSS Fuzz
* Fix date in changelog entryerouault2017-05-291-1/+1
|
* * libtiff/tif_color.c: TIFFYCbCrToRGBInit(): stricter clamping to avoiderouault2017-05-292-4/+11
| | | | | | int32 overflow in TIFFYCbCrtoRGB(). Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1844 Credit to OSS Fuzz
* libtiff 4.0.8 releasedRelease-v4-0-8bfriesen2017-05-219-37/+25
|
* html/v4.0.8.html: Add description of changes targeting the 4.0.8 release.bfriesen2017-05-216-18/+456
|
* * libtiff/tif_getimage.c: initYCbCrConversion(): stricter validation forerouault2017-05-202-8/+20
| | | | | | | | refBlackWhite coefficients values. To avoid invalid float->int32 conversion. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1718 Credit to OSS Fuzz Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1663
* * libtiff/tif_getimage.c: initYCbCrConversion(): check luma[1] is not zeroerouault2017-05-182-1/+10
| | | | | | to avoid division by zero. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1665 Credit to OSS Fuzz
* * libtiff/tif_read.c: _TIFFVSetField(): fix outside range cast of double toerouault2017-05-172-2/+8
| | | | | float. Credit to Google Autofuzz project
* * libtiff/tif_getimage.c: initYCbCrConversion(): add basic validation oferouault2017-05-172-1/+32
| | | | | | | luma and refBlackWhite coefficients (just check they are not NaN for now), to avoid potential float to int overflows. Fixes ://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1663 Credit to OSS Fuzz
* * libtiff/tif_pixarlog.c: PixarLogDecode(): resync tif_rawcp witherouault2017-05-172-1/+16
| | | | | | | next_in and tif_rawcc with avail_in at beginning and end of function, similarly to what is done in LZWDecode(). Likely needed so that it works properly with latest chnges in tif_read.c in CHUNKY_STRIP_READ_SUPPORT mode. But untested...
* * libtiff/tif_lzw.c: update dec_bitsleft at beginning of LZWDecode(),erouault2017-05-172-2/+13
| | | | | | and update tif_rawcc at end of LZWDecode(). This is needed to properly work with the latest chnges in tif_read.c in CHUNKY_STRIP_READ_SUPPORT mode.
* * libtiff/tif_luv.c: LogL16InitState(): avoid excessive memoryerouault2017-05-142-2/+10
| | | | | allocation when RowsPerStrip tag is missing. Credit to OSS-Fuzz (locally run, on GDAL)
* * libtiff/tif_packbits.c: fix out-of-buffer read in PackBitsDecode()erouault2017-05-142-1/+13
| | | | | Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1563 Credit to OSS-Fuzz
* * libtiff/tif_pixarlog.c, tif_luv.c: avoid potential int32erouault2017-05-133-20/+26
| | | | | | overflows in multiply_ms() and add_ms(). Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1558 Credit to OSS-Fuzz
* * libtiff/tif_color.c: avoid potential int32 overflow inerouault2017-05-132-10/+37
| | | | | | TIFFYCbCrToRGBInit() Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1533 Credit to OSS-Fuzz
* * libtiff/tif_read.c: update tif_rawcc in CHUNKY_STRIP_READ_SUPPORTerouault2017-05-132-2/+17
| | | | | | | | mode with tif_rawdataloaded when calling TIFFStartStrip() or TIFFFillStripPartial(). This avoids reading beyond tif_rawdata when bytecount > tif_rawdatasize. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1545. Credit to OSS-Fuzz
* * libtiff/tif_read.c: TIFFFillStripPartial():erouault2017-05-122-122/+137
| | | | | | avoid excessive memory allocation in case of shorten files. Only effective on 64 bit builds. Credit to OSS-Fuzz (locally run, on GDAL)
* * libtiff/tif_read.c: TIFFFillStripPartial() / TIFFSeek(),erouault2017-05-122-4/+30
| | | | | | avoid potential integer overflows with read_ahead in CHUNKY_STRIP_READ_SUPPORT mode. Should especially occur on 32 bit platforms.
* Rename variable added in previous commit to avoid symbol clasherouault2017-05-101-5/+5
|
* * libtiff/tif_read.c: TIFFFillStrip() and TIFFFillTile():erouault2017-05-102-13/+191
| | | | | | avoid excessive memory allocation in case of shorten files. Only effective on 64 bit builds and non-mapped cases. Credit to OSS-Fuzz (locally run, on GDAL)
* * libtiff/tif_zip.c, tif_pixarlog.c, tif_predict.c: fix memoryerouault2017-05-104-4/+24
| | | | | | leak when the underlying codec (ZIP, PixarLog) succeeds its setupdecode() method, but PredictorSetup fails. Credit to OSS-Fuzz (locally run, on GDAL)
* * libtiff/tif_read.c: TIFFFillStrip(): add limitation to the numbererouault2017-05-102-1/+40
| | | | | of bytes read in case td_stripbytecount[strip] is bigger than reasonable, so as to avoid excessive memory allocation.
* * tools/tiff2bw.c: close TIFF handle in error code path.erouault2017-04-282-1/+13
| | | | Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2677
* * litiff/tif_fax3.c: avoid crash in Fax3Close() on empty file.erouault2017-04-273-3/+17
| | | | | | | | Patch by Alan Coopersmith + complement by myself. Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2673 * tools/fax2tiff.c: emit appropriate message if the input file is empty. Patch by Alan Coopersmith. Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2672
* * libtiff/tif_ojpeg.c: fix potential memory leak inerouault2017-04-272-2/+17
| | | | | | | OJPEGReadHeaderInfoSecTablesQTable, OJPEGReadHeaderInfoSecTablesDcTable and OJPEGReadHeaderInfoSecTablesAcTable Patch by Nicolás Peña. Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2670
* * libtiff/tif_dirread.c: fix memory leak in non DEFER_STRILE_LOADerouault2017-04-273-3/+32
| | | | | | | mode (ie default) when there is both a StripOffsets and TileOffsets tag, or a StripByteCounts and TileByteCounts Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2689 * tools/tiff2ps.c: call TIFFClose() in error code paths.
* * libtiff/tif_fax3.c, tif_predict.c, tif_getimage.c: fix GCC 7erouault2017-02-254-32/+72
| | | | -Wimplicit-fallthrough warnings.
* * libtiff/tif_pixarlog.c: fix memory leak in error code path oferouault2017-02-182-1/+13
| | | | | PixarLogSetupDecode(). Patch by Nicolás Peña. Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2665
* * libtiff/tif_lzw.c: in LZWPostEncode(), increase, if necessary, theerouault2017-02-182-1/+27
| | | | | | code bit-width after flushing the remaining code and before emitting the EOI code. Fixes http://bugzilla.maptools.org/show_bug.cgi?id=1982
* * libtiff/tif_jpeg.c: only run JPEGFixupTagsSubsampling() if theerouault2017-01-312-2/+10
| | | | | YCbCrSubsampling tag is not explicitly present. This helps a bit to reduce the I/O amount when te tag is present (especially on cloud hosted files).
* * tools/raw2tiff.c: avoid integer division by zero.erouault2017-01-142-2/+13
| | | | Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2631
* * libtiff/tif_ojpeg.c: fix leak in OJPEGReadHeaderInfoSecTablesQTable,erouault2017-01-122-2/+9
| | | | OJPEGReadHeaderInfoSecTablesDcTable and OJPEGReadHeaderInfoSecTablesAcTable
* * libtiff/tif_ojpeg.c: fix leak in OJPEGReadHeaderInfoSecTablesAcTableerouault2017-01-122-1/+11
| | | | | | when read fails. Patch by Nicolás Peña. Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2659
* * libtiff/tif_luv.c, tif_lzw.c, tif_packbits.c: return 0 in Encodeerouault2017-01-114-12/+20
| | | | | functions instead of -1 when TIFFFlushData1() fails. Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2130
* * tools/tiffcp.c: error out cleanly in cpContig2SeparateByRow anderouault2017-01-112-3/+30
| | | | | | cpSeparate2ContigByRow if BitsPerSample != 8 to avoid heap based overflow. Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2656 and http://bugzilla.maptools.org/show_bug.cgi?id=2657
* Fix commit messageerouault2017-01-111-1/+1
|
* * libtiff/tiffiop.h, tif_unix.c, tif_win32.c, tif_vms.c: add _TIFFcalloc()erouault2017-01-116-6/+41
| | | | | | * libtiff/tif_read.c: TIFFReadBufferSetup(): use _TIFFcalloc() to zero initialize tif_rawdata. Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2651
* Initialize variable to fix MSVC warning (caused by previous commit)erouault2017-01-111-2/+2
|
View Lorry Controller Status