From 9700cdfa77dec0cc8fd03041cc45fed1b5cfd24c Mon Sep 17 00:00:00 2001 From: Bob Friesenhahn Date: Sun, 3 Nov 2019 14:00:24 -0600 Subject: [PATCH] ChangeLog updated with latest git commits. --- ChangeLog | 882 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 882 insertions(+) diff --git a/ChangeLog b/ChangeLog index 1f50e201..8c9a9d8d 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,885 @@ +2019-11-03 Bob Friesenhahn + + Added a step for updating the legacy ChangeLog file. + + Ignore emacs temporary files (ending with tilde character). + + Added release summary page for the 4.1.0 release. + + Fix Cmake HAVE_GETOPT for systems which declare getopt in stdio.h. Fix utility baked-in getopt prototype which appears when HAVE_GETOPT is not defined. + + Fax2tiff.sh needs to remove its output file in advance. Syntax changes so that bash is not required. + +2019-10-26 Even Rouault + + tif_jpeg.c: extra cast to silence Coverity warning. GDAL CID 1406475. + +2019-10-23 Even Rouault + + tif_jpeg.c: fix warning added by previous commit (on 32bit builds) + +2019-10-23 Even Rouault + + Merge branch 'coverity-fixes' into 'master' + Coverity fixes + + See merge request libtiff/libtiff!94 + +2019-10-22 Timothy Lyanguzov + + Use 64-bit calculations correctly. + + Fix size calculation to use 64-bit tmsize_t correctly. + + Make bytesperclumpline calculations using tmsize_t type. + +2019-10-03 Even Rouault + + tif_read: align code of TIFFReadRawStrip() and TIFFReadRawTile() that differed for non good reason. Non-functional change normally. (fixes GitLab #162) + +2019-10-01 Even Rouault + + HTML: update for GitLab issues. + +2019-09-29 Even Rouault + + html/v3.5.6-beta.html: redact URL of defunct web site. + + Website: update links to mailing list. + +2019-09-17 Even Rouault + + TIFFReadAndRealloc(): avoid too large memory allocation attempts. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=17244 + +2019-09-03 Even Rouault + + ByteCountLooksBad and EstimateStripByteCounts: avoid unsigned integer overflows. Fixes https://oss-fuzz.com/testcase-detail/5686156066291712 and https://oss-fuzz.com/testcase-detail/6332499206078464 + +2019-09-02 Even Rouault + + tif_ojpeg.c: avoid relying on isTiled macro being wrapped in () + + tif_ojpeg.c: avoid use of uninitialized memory on edge/broken file. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16844 + + tiff_read_rgba_fuzzer.cc: add a -DSTANDALONE mode for easier reproduction of oss-fuzz reports + +2019-09-01 Even Rouault + + tif_dirread.c: allocChoppedUpStripArrays(). avoid unsigned integer overflow. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16846 + +2019-08-27 Even Rouault + + tif_ojpeg.c: avoid unsigned integer overflow. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16793 + +2019-08-26 Even Rouault + + TIFFReadDirEntryData(): rewrite to avoid unsigned integer overflow (not a bug). Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16792 + + TIFFFetchDirectory(): fix invalid cast from uint64 to tmsize_t. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16784 + +2019-08-25 Even Rouault + + JPEG: avoid use of unintialized memory on corrupted files. + Follow-up of cf3ce6fab894414a336546f62adc57f02590a22c + Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16602 + Credit to OSS Fuzz + +2019-08-23 Even Rouault + + _TIFFPartialReadStripArray(): avoid unsigned integer overflow. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16685 + + OJPEGWriteHeaderInfo(): avoid unsigned integer overflow on strile dimensions close to UINT32_MAX. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16683 + + TIFFFillStrip(): avoid harmless unsigned integer overflow. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16653 + + EstimateStripByteCounts(): avoid unsigned integer overflow. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16643& + + tif_ojpeg: avoid unsigned integer overflow (probably not a bug). Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16635 + + tif_thunder: avoid unsigned integer overflow (not a bug). Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16632 + +2019-08-22 Even Rouault + + _TIFFMultiply32() / _TIFFMultiply64(): avoid relying on unsigned integer overflow (not a bug) + + EstimateStripByteCounts(): avoid unsigned integer overflow. + +2019-08-21 Even Rouault + + EstimateStripByteCounts(): avoid unsigned integer overflow. + +2019-08-20 Even Rouault + + EstimateStripByteCounts(): avoid harmless unsigned integer overflow. + + _TIFFPartialReadStripArray(): avoid triggering unsigned integer overflow with -fsanitize=unsigned-integer-overflow (not a bug, this is well defined by itself) + +2019-08-18 Even Rouault + + tiff2ps: fix use of wrong data type that caused issues (/Height being written as 0) on 64-bit big endian platforms + +2019-08-16 Even Rouault + + setByteArray(): fix previous commit. + + setByteArray(): avoid potential signed integer overflow. Pointed by Hendra Gunadi. No actual problem known (which does not mean there wouldn't be any. Particularly on 32bit builds) + +2019-08-15 Even Rouault + + RGBA interface: fix integer overflow potentially causing write heap buffer overflow, especially on 32 bit builds. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16443. Credit to OSS Fuzz + +2019-08-14 Even Rouault + + Merge branch 'fix_integer_overflow' into 'master' + Fix integer overflow in _TIFFCheckMalloc() and other implementation-defined behaviour (CVE-2019-14973) + + See merge request libtiff/libtiff!90 + +2019-08-13 Even Rouault + + Fix integer overflow in _TIFFCheckMalloc() and other implementation-defined behaviour (CVE-2019-14973) + _TIFFCheckMalloc()/_TIFFCheckRealloc() used a unsafe way to detect overflow + in the multiplication of nmemb and elem_size (which are of type tmsize_t, thus + signed), which was especially easily triggered on 32-bit builds (with recent + enough compilers that assume that signed multiplication cannot overflow, since + this is undefined behaviour by the C standard). The original issue which lead to + this fix was trigged from tif_fax3.c + + There were also unsafe (implementation defied), and broken in practice on 64bit + builds, ways of checking that a uint64 fits of a (signed) tmsize_t by doing + (uint64)(tmsize_t)uint64_var != uint64_var comparisons. Those have no known + at that time exploits, but are better to fix in a more bullet-proof way. + Or similarly use of (int64)uint64_var <= 0. + +2019-08-12 Even Rouault + + TIFFClientOpen(): fix memory leak if one of the required callbacks is not provided. Fixed Coverity GDAL CID 1404110 + + OJPEGReadBufferFill(): avoid very long processing time on corrupted files. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16400. master only + +2019-08-10 Even Rouault + + oss-fuzz/tiff_read_rgba_fuzzer.cc: fix wrong env variable value in previous commit + + oss-fuzz/tiff_read_rgba_fuzzer.cc: avoid issue with libjpeg-turbo and MSAN + + OJPEG: fix integer division by zero on corrupted subsampling factors. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15824. Credit to OSS Fuzz + + Merge branch 'ossfuzz_i386' + + contrib/oss-fuzz/build.sh: fix for i386 build of jbigkit, and use $LIB_FUZZING_ENGINE + +2019-08-10 Even Rouault + + Merge branch 'patch-1' into 'master' + fix two tiny typos + + See merge request libtiff/libtiff!89 + +2019-08-10 Reto Kromer + + fix two tiny typos. + +2019-08-09 Even Rouault + + Merge branch 'patch-1' into 'master' + fix a typo in man page + + See merge request libtiff/libtiff!88 + +2019-08-09 Reto Kromer + + fix typo. + +2019-08-04 Even Rouault + + Merge branch 'TIFFTAGID_Zero_reading_IGNORE' into 'master' + Suppressed Reading of Tiff tags with ID = 0 (like GPSVERSIONID) corrected. + + See merge request libtiff/libtiff!77 + +2019-08-04 Su Laus + + Reading of Tiff tags with ID = 0 (like GPSVERSIONID) corrected. + IGNORE placeholder in tif_dirread.c is now replaced by a field dir_ignore in the TIFFDirEntry structure + + Currently, in tif_dirread.c a special IGNORE value for the tif tags is defined + in order to flag status preventing already processed tags from further processing. + This irrational behaviour prevents reading of custom tags with id code 0 - like tag GPSVERSIONID from EXIF 2.31 definition. + + An additional field 'tdir_ignore' is now added to the TIFFDirEntry structure and code is changed + to allow tags with id code 0 to be read correctly. + + This change was already proposed as pending improvement in tif_dirread.c around line 32. + + Reference is also made to: + - Discussion in https://gitlab.com/libtiff/libtiff/merge_requests/39 + - http://bugzilla.maptools.org/show_bug.cgi?id=2540 + + Comments and indention adapted. + + Preparation to rebase onto master + +2019-07-16 Even Rouault + + Merge branch 'cmake_amd64' into 'master' + CMakeLists.txt: properly set value of HOST_FILLORDER to LSB2MSB for Windows CMake builds + + See merge request libtiff/libtiff!87 + +2019-07-15 Even Rouault + + CMakeLists.txt: properly set value of HOST_FILLORDER to LSB2MSB for Windows CMake builds + As can be seen in https://ci.appveyor.com/project/rleigh-codelibre/libtiff-didfs/builds/25846668/job/ory5w098j8wcij9x + log, the HOST_FILLORDER is not properly set: + + [00:02:58] -- CMAKE_HOST_SYSTEM_PROCESSOR set to AMD64 + [00:02:58] -- HOST_FILLORDER set to FILLORDER_MSB2LSB + + Ther reason is that we match the "amd64.*" lowercase string whereas + CMAKE_HOST_SYSTEM_PROCESSOR is set to AMD64 uppercase. + +2019-07-09 Even Rouault + + TIFFWriteCheck(): call TIFFForceStrileArrayWriting() when needed (should have gone with eaeca6274ae71cdfaeb9f673b6fb0f3cfc0e6ce5) (master only) + +2019-07-09 Even Rouault + + Merge branch 'fix_chromium_925269' into 'master' + OJPEG: avoid use of unintialized memory on corrupted files + + See merge request libtiff/libtiff!86 + +2019-07-05 Even Rouault + + OJPEG: avoid use of unintialized memory on corrupted files. + Fixes https://bugs.chromium.org/p/chromium/issues/detail?id=925269 + Patch from Lei Zhang with little adaptations. + +2019-06-29 Even Rouault + + Merge branch 'fix-division-by-zero' into 'master' + Return infinite distance when denominator is zero. + + See merge request libtiff/libtiff!85 + +2019-06-29 Dirk Lemstra + + Return infinite distance when denominator is zero. + +2019-06-29 Even Rouault + + Merge branch 'typetests' into 'master' + Add test to check that libtiff types have the correct size + + See merge request libtiff/libtiff!57 + +2019-05-31 Thomas Bernard + + make TIFF_SSIZE_T the same bitwidth as TIFF_SIZE_T. + it was previously the same bitwidth as unsigned char * + Pointers can be larger than size_t. + +2019-05-31 Thomas Bernard + + Add test to check that libtiff types have the correct size. + in configure/CMakeList.txt : + + - TIFF_INT8_T/TIFF_UINT8_T is signed/unsigned char + sizeof(char)==1 in C standard + - TIFF_INT16_T/TIFF_UINT16_T is signed/unsigned short + sizeof(short)>=2 in C standard + - TIFF_INT32_T/TIFF_UINT32_T is defined so its sizeof() is 4 + + - TIFF_INT64_T/TIFF_UINT64_T is defined so its sizeof() is 8 + + - TIFF_SIZE_T is defined so it has same sizeof() than size_t + + - TIFF_SSIZE_T is defined so it has same sizeof() than unsigned char * + +2019-05-29 Even Rouault + + Merge branch 'defer_strile_writing' into 'master' + Add TIFFDeferStrileArrayWriting() and TIFFForceStrileArrayWriting() + + See merge request libtiff/libtiff!82 + +2019-05-29 Even Rouault + + Merge branch 'TIFFReadFromUserBuffer' into 'master' + Add TIFFReadFromUserBuffer() + + See merge request libtiff/libtiff!81 + +2019-05-26 Even Rouault + + Fix vulnerability in 'D' (DeferStrileLoad) mode (master only) (fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=14908) + +2019-05-25 Even Rouault + + Replace 'stripped' by 'striped' in error messages. + +2019-05-25 Even Rouault + + Add TIFFDeferStrileArrayWriting() and TIFFForceStrileArrayWriting() + Those advanced writing functions must be used in a particular sequence + to make their intended effect. Their aim is to control when/where + the [Strip/Tile][Offsets/ByteCounts] arrays are written into the file. + + The purpose of this is to generate 'cloud-optimized geotiff' files where + the first KB of the file only contain the IFD entries without the potentially + large strile arrays. Those are written afterwards. + + The typical sequence of calls is: + TIFFOpen() + [ TIFFCreateDirectory(tif) ] + Set fields with calls to TIFFSetField(tif, ...) + TIFFDeferStrileArrayWriting(tif) + TIFFWriteCheck(tif, ...) + TIFFWriteDirectory(tif) + ... potentially create other directories and come back to the above directory + TIFFForceStrileArrayWriting(tif): emit the arrays at the end of file + + See test/defer_strile_writing.c for a practical example. + +2019-05-24 Even Rouault + + Fix vulnerability introduced by defer strile loading (master only) + Found on GDAL with https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=14894 + Disabling the TIFF_DEFERSTRILELOAD bit in ChopupStripArray() was a + bad idea since when using TIFFReadDirectory() to reload the directory again + would lead to a different value of td_rowsperstrip, which could confuse + readers if they relied on the value found initially. + + Fix typo in error message (master only) + +2019-05-22 Even Rouault + + Add TIFFReadFromUserBuffer() + This function replaces the use of TIFFReadEncodedStrip()/TIFFReadEncodedTile() + when the user can provide the buffer for the input data, for example when + he wants to avoid libtiff to read the strile offset/count values from the + [Strip|Tile][Offsets/ByteCounts] array. + + libtiff.def: add missing new symbols. + + test/defer_strile_loading.c: fix warning with Visual C++ + + _TIFFRewriteField(): fix for bigtiff case (master only) + 116cf67f4c59196605abdb244657c3070c4310af made StripByteCount/TileByteCount to + always be rewritten as TIFF_LONG8. + +2019-05-21 Even Rouault + + Merge branch 'ondemand_strile_offbytecount_loading' into 'master' + Make defer strile offset/bytecount loading available at runtime + + See merge request libtiff/libtiff!79 + +2019-05-21 Even Rouault + + Merge branch 'bigtiff_write_bytecount_on_long_when_possible' into 'master' + Create TileByteCounts/StripByteCounts tag with SHORT (ClassicTIFF/BigTIFF) or LONG (BigTIFF) type when possible + + See merge request libtiff/libtiff!78 + +2019-05-21 Even Rouault + + Merge branch 'html_link' into 'master' + libtiff.html, bigtiffpr.html: absolute => relative link + + See merge request libtiff/libtiff!80 + +2019-05-14 Thomas Bernard + + libtiff.html, bigtiffpr.html: absolute => relative link. + +2019-05-10 Even Rouault + + Make defer strile offset/bytecount loading available at runtime. + ... and add per-strile offset/bytecount loading capabilities. + + Part of this commit makes the behaviour that was previously met when + libtiff was compiled with -DDEFER_STRILE_LOAD available for default builds + when specifying the new 'D' (Deferred) TIFFOpen() flag. In that mode, the [Tile/Strip][ByteCounts/Offsets] + arrays are only loaded when first accessed. This can speed-up the opening + of files stored on the network when just metadata retrieval is needed. + This mode has been used for years by the GDAL library when compiled with + its embeded libtiff copy. + + To avoid potential out-of-tree code (typically codecs) that would use + the td_stripbytecount and td_stripoffset array inconditionnaly assuming they + have been loaded, those have been suffixed with _p (for protected). The + use of the new functions mentionned below is then recommended. + + Another addition of this commit is the capability of loading only the + values of the offset/bytecount of the strile of interest instead of the + whole array. This is enabled with the new 'O' (Ondemand) flag of TIFFOpen() + (which implies 'D'). That behaviour has also been used by GDAL, which hacked + into the td_stripoffset/td_stripbytecount arrays directly. The new code + added in the _TIFFFetchStrileValue() and _TIFFPartialReadStripArray() internal + functions is mostly a port of what was in GDAL GTiff driver previously. + + Related to that, the public TIFFGetStrileOffset[WithErr]() and TIFFGetStrileByteCount[WithErr]() + functions have been added to API. They are of particular interest when + using sparse files (with offset == bytecount == 0) and you want to detect + if a strile is present or not without decompressing the data, or updating + an existing sparse file. + They will also be used to enable a future enhancement where client code can entirely + skip bytecount loading in some situtations + + A new test/defer_strile_loading.c test has been added to test the above + capabilities. + +2019-05-10 Even Rouault + + Creation: use SHORT type when possible for StripByteCounts/TileByteCounts + This follows the same logic as previous commit. + +2019-05-09 Even Rouault + + BigTIFF creation: write TileByteCounts/StripByteCounts tag with LONG when possible + In most situations of BigTIFF file, the tile/strip sizes are of reasonable size, + that is they fit on a 4-byte LONG. So in that case, use LONG instead of LONG8 + to save some space. For uncompressed file, it is easy to detect such situations + by checking at the TIFFTileSize64()/TIFFStripSize64() return. For compressed file, + we must take into account the fact that compression may sometimes result in + larger compressed data. So we allow this optimization only for a few select + compression times, and take a huge security margin (10x factor). We also only + apply this optimization on multi-strip files, so as to allow easy on-the-fly + growing of single-strip files whose strip size could grow above the 4GB threshold. + + This change is compatible with the BigTIFF specification. According to + https://www.awaresystems.be/imaging/tiff/bigtiff.html: + "The StripOffsets, StripByteCounts, TileOffsets, and TileByteCounts tags are + allowed to have the datatype TIFF_LONG8 in BigTIFF. Old datatypes TIFF_LONG, + and TIFF_SHORT where allowed in the TIFF 6.0 specification, are still valid in BigTIFF, too. " + On a practical point of view, this is also compatible on reading/writing of + older libtiff 4.X versions. + + The only glitch I found, which is rather minor, is when using such a BigTIFF + file with TileByteCounts/StripByteCounts written with TIFF_LONG, and updating + it with an older libtiff 4.X version with a change in the + [Tile/Strip][ByteCounts/Offsets] array. In that case the _TIFFRewriteField() + function will rewrite the directory and array with TIFF_LONG8, instead of updating + the existing array (this is an issue fixed by this commit). The file will + still be valid however, hence the minor severity of this. + +2019-05-08 Even Rouault + + Merge branch 'bug2799' into 'master' + fix fax2tiff + + See merge request libtiff/libtiff!55 + +2019-05-08 Even Rouault + + Merge branch 'bug_2829' into 'master' + WIN32: use tif_win32.c when building with CMake + + See merge request libtiff/libtiff!75 + +2019-05-06 Even Rouault + + Merge branch 'FILESOURCE_SCENETYPE_reading' into 'master' + Reading error for FileSource and SceneType tags corrected. + + See merge request libtiff/libtiff!76 + +2019-05-06 Su Laus + + Reading error for FileSource and SceneType tags corrected. + EXIF tags FILESOURCE and SCENETYPE are defined as TIFF_UNDEFINED and field_readcount==1! + There is a bug in TIFFReadDirEntryByte() preventing to read correctly type TIFF_UNDEFINED fields with field_readcount==1 + Upgrade of TIFFReadDirEntryByte() with added TIFF_UNDEFINED switch-entry allows libtiff to read those tags correctly. + +2019-04-25 Thomas Bernard + + WIN32: use tif_win32.c when building with CMake. + see http://bugzilla.maptools.org/show_bug.cgi?id=2829 + + the top CMakeLists.txt defines + win32_io and USE_WIN32_FILEIO + + WIN32_IO is defined nowhere in CMake (only in automake things) + +2019-04-25 Even Rouault + + Merge branch 'gitlab_pages' into 'master' + Advertise https://libtiff.gitlab.io/libtiff/ as mirror + + See merge request libtiff/libtiff!70 + +2019-04-25 Even Rouault + + Merge branch 'bug_2844' into 'master' + tiff2ps.c: PSDataColorContig(): avoid heap buffer overrun + + See merge request libtiff/libtiff!69 + +2019-04-25 Even Rouault + + Merge branch 'issue_2785' into 'master' + tiff2pdf.c: don't call t2p_tile_collapse_left() for Ycbcr + + See merge request libtiff/libtiff!64 + +2019-04-11 Even Rouault + + Merge branch 'fix_gdal_1439' into 'master' + TIFFWriteEncodedStrip/TIFFWriteEncodedTile: fix rewriting of LZW-compressed data + + See merge request libtiff/libtiff!74 + +2019-04-11 Even Rouault + + TIFFWriteEncodedStrip/TIFFWriteEncodedTile: fix rewriting of LZW-compressed data + Fixes https://github.com/OSGeo/gdal/issues/1439 + + When rewriting a LZW tile/strip whose existing size is very close to a multiple of + 1024 bytes (and larger than 8192 bytes) with compressed data that is larger, + the new data was not placed at the end of the file, causing corruption. + +2019-04-08 Even Rouault + + Merge branch 'bug2848' into 'master' + tif_luv.c: LogLuvSetupEncode() error must return 0 + + See merge request libtiff/libtiff!72 + +2019-04-03 Thomas Bernard + + build/gitlab-ci: fix typo. + + show test-suite.log in gitlab-ci. + useful when build fails + + Add output check for tiff2ps. + note : the reference files have been generated in master branch + +2019-03-23 Even Rouault + + tif_read.c: potentially fix false positive from Coverity Scan. CID 1400288 + + tif_read.c: potentially fix false positive from Coverity Scan. CID 1400271 + + tif_zip.c: remove dead code. CID 1400360. + + tif_webp.c: remove false positive warning about dereference before null check. CID 1400255 + + tif_pixarlog.c: remove dead code. CID 1400342. + + tif_pixarlog.c: avoid false positive Coverity Scan warnings about overflow. CID 1400300 and 1400367 + + tif_lzw.c: silence CoverityScan false positive. CID 1400355. + + tif_luv.c: silence CoverityScan false positive. CID 1400231, 1400251, 1400254, 1400272, 1400318, 1400356 + + TryChopUpUncompressedBigTiff(): avoid potential division by zero. master only. GDAL Coverity CID 1400263 + +2019-03-22 Thomas Bernard + + tif_luv.c: LogLuvSetupEncode() error must return 0. + see http://bugzilla.maptools.org/show_bug.cgi?id=2848 + + if wrongly returning 1, the processing of incorrect file continues, + which causes problems. + +2019-03-22 Thomas Bernard + + add a test for fax2tiff tool. + +2019-02-28 Thomas Bernard + + tiff2pdf.c: don't call t2p_tile_collapse_left() when buffer size is wrong + see http://bugzilla.maptools.org/show_bug.cgi?id=2785 + + Advertise https://libtiff.gitlab.io/libtiff/ as mirror. + I'm put it above the maptools.org mirror because + Even Rouault believe at some point it will be completely removed + +2019-02-28 Even Rouault + + Merge branch 'bug_2826' into 'master' + tiff2pdf.c: check colormap pointers when loading CMYK with colormap + + See merge request libtiff/libtiff!65 + +2019-02-28 Thomas Bernard + + tiff2pdf.c: check colormap pointers. + Avoid access to non initialized pointers + http://bugzilla.maptools.org/show_bug.cgi?id=2826 + +2019-02-27 Even Rouault + + Merge branch 'fix_warnings' into 'master' + tiff2ps.c: fix warning caused by integer promotion + + See merge request libtiff/libtiff!68 + +2019-02-23 Thomas Bernard + + PSDataColorContig(): avoid heap buffer overrun. + fixes http://bugzilla.maptools.org/show_bug.cgi?id=2844 + each iteration of the loop read nc bytes + +2019-02-22 Thomas Bernard + + tiff2ps.c: fix warning caused by integer promotion. + uint8 value is promoted to int in (value << 24) so -fsanitize + yield runtime errors : + tiff2ps.c:2969:33: runtime error: left shift of 246 by 24 places cannot be represented in type 'int' + +2019-02-22 Even Rouault + + Merge branch 'large_strile_improvements' into 'master' + Large strile support improvements + + See merge request libtiff/libtiff!63 + +2019-02-21 Even Rouault + + Merge branch 'gitlab-pages' into 'master' + ci: Add pages job + + See merge request libtiff/libtiff!45 + +2019-02-19 Even Rouault + + Merge branch 'issue_2833' into 'master' + tiffcp.c: check that (Tile Width)*(Samples/Pixel) do no overflow + + See merge request libtiff/libtiff!60 + +2019-02-19 Even Rouault + + Merge branch 'issue_2831' into 'master' + tiffcrop.c: fix invertImage() for bps 2 and 4 + + See merge request libtiff/libtiff!61 + +2019-02-19 Even Rouault + + Merge branch 'issue_2842' into 'master' + move _TIFFClampDoubleToFloat() to tif_aux.c + + See merge request libtiff/libtiff!62 + +2019-02-19 Even Rouault + + tif_zip.c: allow reading and writing strips/tiles with more than 4 GB of compressed or uncompressed data + + tif_dirread.c: when strip chopping is enabled, extend this mechanism to multi-strip uncompressed files with strips larger than 2GB to expose them as strips of ~500 MB + +2019-02-19 Even Rouault + + Merge branch 'size_t_typo' into 'master' + CMakeLists.txt: fix TIFF_SIZE_T + + See merge request libtiff/libtiff!59 + +2019-02-12 Thomas Bernard + + move _TIFFClampDoubleToFloat() to tif_aux.c. + the same function was declared in tif_dir.c and tif_dirwrite.c + + see http://bugzilla.maptools.org/show_bug.cgi?id=2842 + +2019-02-11 Thomas Bernard + + tiffcrop.c: fix invertImage() for bps 2 and 4. + too much bytes were processed, causing a heap buffer overrun + http://bugzilla.maptools.org/show_bug.cgi?id=2831 + the loop counter must be + for (col = 0; col < width; col += 8 / bps) + + Also the values were not properly calculated. It should be + 255-x, 15-x, 3-x for bps 8, 4, 2. + + But anyway it is easyer to invert all bits as 255-x = ~x, etc. + (substracting from a binary number composed of all 1 is like inverting + the bits) + +2019-02-11 Thomas Bernard + + tiffcp.c: use INT_MAX. + + check that (Tile Width)*(Samples/Pixel) do no overflow. + fixes bug 2833 + +2019-02-03 Thomas Bernard + + CMakeLists.txt: fix TIFF_SIZE_T. + +2019-02-02 Even Rouault + + Merge branch 'master' into 'master' + Fix for simple memory leak that was assigned CVE-2019-6128. + + See merge request libtiff/libtiff!50 + +2019-02-02 Even Rouault + + Merge branch 'bug2835' into 'master' + tiff2ps: fix heap-buffer-overflow + + See merge request libtiff/libtiff!53 + +2019-02-02 Even Rouault + + Fix warning (use of uninitialized value) added per d0a842c5dbad2609aed43c701a12ed12461d3405 (fixes https://gitlab.com/libtiff/libtiff/merge_requests/54#note_137742985) + +2019-02-02 Yuri Aksenov + + fix fax2tiff. + see http://bugzilla.maptools.org/show_bug.cgi?id=2799 + fixes d9bc8472e72549f29c0062c1cbd3d56f279f3be2 + +2019-02-02 Even Rouault + + Merge branch 'tiffcrop' into 'master' + tiffcrop: shut up clang warnings + + See merge request libtiff/libtiff!52 + +2019-02-01 Even Rouault + + Merge branch 'bug2833' into 'master' + TIFFWriteDirectoryTagTransferfunction() : fix NULL dereferencing + + See merge request libtiff/libtiff!54 + +2019-02-01 Even Rouault + + Merge branch 'gitignore' into 'master' + add test/ files to .gitignore + + See merge request libtiff/libtiff!56 + +2019-02-01 Even Rouault + + Merge branch 'master' into 'master' + tif_dir: unset transferfunction field if necessary (CVE-2018-19210) + + See merge request libtiff/libtiff!47 + +2019-01-29 Thomas Bernard + + add test/ files to .gitignore. + +2019-01-29 Thomas Bernard + + TIFFWriteDirectoryTagTransferfunction() : fix NULL dereferencing. + http://bugzilla.maptools.org/show_bug.cgi?id=2833 + + we must check the pointer is not NULL before memcmp() the memory + +2019-01-29 Thomas Bernard + + tiff2ps: fix heap-buffer-overflow. + http://bugzilla.maptools.org/show_bug.cgi?id=2834 + + usually the test (i < byte_count) is OK because the byte_count is divisible by samplesperpixel. + But if that is not the case, (i + ncomps) < byte_count should be used, or + maybe (i + samplesperpixel) <= byte_count + +2019-01-28 Thomas Bernard + + tiffcrop: shut up clang warnings. + make the out filename building a bit more simple + and remove the use of strcat() + +2019-01-23 Scott Gayou + + Fix for simple memory leak that was assigned CVE-2019-6128. + pal2rgb failed to free memory on a few errors. This was reported + here: http://bugzilla.maptools.org/show_bug.cgi?id=2836. + +2019-01-05 Bob Friesenhahn + + Fix tiff2ps error regarding "Inconsistent value of es" by allowing es to be zero. Problem was reported to the tiff mailing list by Julian H. Stacey on January 5, 2019. + +2018-12-13 Hugo Lefeuvre + + tif_dir: unset transferfunction field if necessary. + The number of entries in the transfer table is determined as following: + + (td->td_samplesperpixel - td->td_extrasamples) > 1 ? 3 : 1 + + This means that whenever td->td_samplesperpixel or td->td_extrasamples are + modified we also need to make sure that the number of required entries in + the transfer table didn't change. + + If it changed and the number of entries is higher than before we should + invalidate the transfer table field and free previously allocated values. + In the other case there's nothing to do, additional tf entries won't harm + and properly written code will just ignore them since spp - es < 1. + + For instance this situation might happen when reading an OJPEG compressed + image with missing SamplesPerPixel tag. In this case the SamplesPerPixel + field might be updated after setting the transfer table. + + see http://bugzilla.maptools.org/show_bug.cgi?id=2500 + + This commit addresses CVE-2018-19210. + +2018-12-08 Bob Friesenhahn + + Do not attempt to re-sync zip stream after reported data error from inflate(). + +2018-12-07 Even Rouault + + Merge branch 'resource-leaks' into 'master' + Fix two resource leaks + + See merge request libtiff/libtiff!43 + +2018-12-07 Even Rouault + + Merge branch 'build-jbig' into 'master' + add jbig support to the fuzzer + + See merge request libtiff/libtiff!42 + +2018-12-01 Bob Friesenhahn + + tiffcrop.c: Avoid new clang warning about tools/tiffcrop.c "size argument in 'strncat' call appears to be size of the source". + +2018-11-28 Even Rouault + + Merge branch 'webp_memleak' into 'master' + fixed mem leak in webp compression + + See merge request libtiff/libtiff!48 + +2018-11-28 Norman Barker + + fixed mem leak in webp compression. + +2018-11-20 Even Rouault + + Merge branch 'lossless_webp' into 'master' + fixed lossless webp compression config + + See merge request libtiff/libtiff!46 + +2018-11-20 Norman Barker + + fixed lossless webp compression config. + +2018-11-18 Bob Friesenhahn + + snprintf porting fix for Visual Studio 2003. + +2018-11-18 Roger Leigh + + ci: Add pages job. + +2018-11-10 Bob Friesenhahn + + Change references from defunct ftp site to https site. + 2018-11-10 Bob Friesenhahn * configure.ac: libtiff 4.0.10 released.