cheng/libtiff
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
3,291 Commits 1 Branch 0 Tags 11 MiB
014441b770
Commit Graph

3291 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Bob Friesenhahn
014441b770 Added release summary page for the 4.1.0 release. 2019-11-03 13:31:26 -06:00
Bob Friesenhahn
f18e1a2db5 Fix Cmake HAVE_GETOPT for systems which declare getopt in stdio.h. 
Fix utility baked-in getopt prototype which appears when HAVE_GETOPT is not defined.
 2019-11-03 11:21:26 -06:00
Bob Friesenhahn
aeb87392ad Fax2tiff.sh needs to remove its output file in advance. Syntax changes so that bash is not required. 2019-11-03 09:55:14 -06:00
Even Rouault
0219b01b54
tif_jpeg.c: extra cast to silence Coverity warning. GDAL CID 1406475 2019-10-26 22:45:36 +02:00
Even Rouault
8bf7b73703
tif_jpeg.c: fix warning added by previous commit (on 32bit builds) 2019-10-23 16:54:38 +02:00
Even Rouault
dc3eab1cdf Merge branch 'coverity-fixes' into 'master' 
Coverity fixes

See merge request libtiff/libtiff!94
 2019-10-23 13:20:38 +00:00
Timothy Lyanguzov
2105b48383 Use 64-bit calculations correctly 2019-10-23 11:43:43 +13:00
Timothy Lyanguzov
aa05cb1181 Fix size calculation to use 64-bit tmsize_t correctly 2019-10-23 11:20:34 +13:00
Timothy Lyanguzov
ec6f7c572d Make bytesperclumpline calculations using tmsize_t type 2019-10-23 10:40:50 +13:00
Even Rouault
43b0c984f0
tif_read: align code of TIFFReadRawStrip() and TIFFReadRawTile() that differed for non good reason. Non-functional change normally. (fixes GitLab #162) 2019-10-03 21:14:44 +02:00
Even Rouault
fb5fbc320b
HTML: update for GitLab issues 2019-10-01 21:27:46 +02:00
Even Rouault
19f6b70d63
html/v3.5.6-beta.html: redact URL of defunct web site 2019-09-29 18:20:11 +02:00
Even Rouault
4d8cc50973
Website: update links to mailing list 2019-09-29 18:14:38 +02:00
Even Rouault
e86d43caee
TIFFReadAndRealloc(): avoid too large memory allocation attempts. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=17244 2019-09-18 01:21:17 +02:00
Even Rouault
3519ab6c7f
ByteCountLooksBad and EstimateStripByteCounts: avoid unsigned integer overflows. Fixes https://oss-fuzz.com/testcase-detail/5686156066291712 and https://oss-fuzz.com/testcase-detail/6332499206078464 2019-09-03 20:15:41 +02:00
Even Rouault
6de57f7e0f
tif_ojpeg.c: avoid relying on isTiled macro being wrapped in () 2019-09-02 16:22:10 +02:00
Even Rouault
7475a28508
tif_ojpeg.c: avoid use of uninitialized memory on edge/broken file. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16844 2019-09-02 16:21:02 +02:00
Even Rouault
4b2a343001
tiff_read_rgba_fuzzer.cc: add a -DSTANDALONE mode for easier reproduction of oss-fuzz reports 2019-09-02 15:33:46 +02:00
Even Rouault
760ecced1e
tif_dirread.c: allocChoppedUpStripArrays(). avoid unsigned integer overflow. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16846 2019-09-01 15:57:17 +02:00
Even Rouault
c22f319eb4
tif_ojpeg.c: avoid unsigned integer overflow. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16793 2019-08-27 10:58:21 +02:00
Even Rouault
9034afb440
TIFFReadDirEntryData(): rewrite to avoid unsigned integer overflow (not a bug). Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16792 2019-08-27 00:02:29 +02:00
Even Rouault
244dfb46af
TIFFFetchDirectory(): fix invalid cast from uint64 to tmsize_t. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16784 2019-08-26 18:57:29 +02:00
Even Rouault
1a4efdd151
JPEG: avoid use of unintialized memory on corrupted files 
Follow-up of cf3ce6fab8
Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16602
Credit to OSS Fuzz
 2019-08-25 14:54:26 +02:00
Even Rouault
804f40f3bf
_TIFFPartialReadStripArray(): avoid unsigned integer overflow. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16685 2019-08-24 00:37:17 +02:00
Even Rouault
7db298e3a8
OJPEGWriteHeaderInfo(): avoid unsigned integer overflow on strile dimensions close to UINT32_MAX. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16683 2019-08-23 23:03:15 +02:00
Even Rouault
67f7561e70
TIFFFillStrip(): avoid harmless unsigned integer overflow. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16653 2019-08-23 14:54:26 +02:00
Even Rouault
ea271d7434
EstimateStripByteCounts(): avoid unsigned integer overflow. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16643& 2019-08-23 13:03:44 +02:00
Even Rouault
5f6349d3f8
tif_ojpeg: avoid unsigned integer overflow (probably not a bug). Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16635 2019-08-23 12:38:46 +02:00
Even Rouault
c9edebfdb0
tif_thunder: avoid unsigned integer overflow (not a bug). Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16632 2019-08-23 12:28:25 +02:00
Even Rouault
f277541bd8
_TIFFMultiply32() / _TIFFMultiply64(): avoid relying on unsigned integer overflow (not a bug) 2019-08-22 13:02:07 +02:00
Even Rouault
c8f268ef1b
EstimateStripByteCounts(): avoid unsigned integer overflow 2019-08-22 10:19:44 +02:00
Even Rouault
761d50e34d
EstimateStripByteCounts(): avoid unsigned integer overflow 2019-08-21 17:59:15 +02:00
Even Rouault
324aa65c0d
EstimateStripByteCounts(): avoid harmless unsigned integer overflow 2019-08-20 18:09:46 +02:00
Even Rouault
dd50fedc2f
_TIFFPartialReadStripArray(): avoid triggering unsigned integer overflow with -fsanitize=unsigned-integer-overflow (not a bug, this is well defined by itself) 2019-08-20 15:29:06 +02:00
Even Rouault
b04da30e11
tiff2ps: fix use of wrong data type that caused issues (/Height being written as 0) on 64-bit big endian platforms 2019-08-18 10:52:45 +02:00
Even Rouault
1a11c9df6e
setByteArray(): fix previous commit 2019-08-16 19:59:18 +02:00
Even Rouault
1302ffb350
setByteArray(): avoid potential signed integer overflow. Pointed by Hendra Gunadi. No actual problem known (which does not mean there wouldn't be any. Particularly on 32bit builds) 2019-08-16 19:47:42 +02:00
Even Rouault
4bb584a35f
RGBA interface: fix integer overflow potentially causing write heap buffer overflow, especially on 32 bit builds. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16443. Credit to OSS Fuzz 2019-08-15 15:05:28 +02:00
Even Rouault
2218055ca6 Merge branch 'fix_integer_overflow' into 'master' 
Fix integer overflow in _TIFFCheckMalloc() and other implementation-defined behaviour (CVE-2019-14973)

See merge request libtiff/libtiff!90
 2019-08-14 09:47:58 +00:00
Even Rouault
1b5e3b6a23
Fix integer overflow in _TIFFCheckMalloc() and other implementation-defined behaviour (CVE-2019-14973) 
_TIFFCheckMalloc()/_TIFFCheckRealloc() used a unsafe way to detect overflow
in the multiplication of nmemb and elem_size (which are of type tmsize_t, thus
signed), which was especially easily triggered on 32-bit builds (with recent
enough compilers that assume that signed multiplication cannot overflow, since
this is undefined behaviour by the C standard). The original issue which lead to
this fix was trigged from tif_fax3.c

There were also unsafe (implementation defied), and broken in practice on 64bit
builds, ways of checking that a uint64 fits of a (signed) tmsize_t by doing
(uint64)(tmsize_t)uint64_var != uint64_var comparisons. Those have no known
at that time exploits, but are better to fix in a more bullet-proof way.
Or similarly use of (int64)uint64_var <= 0.
 2019-08-13 10:40:08 +02:00
Even Rouault
12768a24b1
TIFFClientOpen(): fix memory leak if one of the required callbacks is not provided. Fixed Coverity GDAL CID 1404110 2019-08-12 22:51:09 +02:00
Even Rouault
ea69462ea2
OJPEGReadBufferFill(): avoid very long processing time on corrupted files. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16400. master only 2019-08-12 17:55:56 +02:00
Even Rouault
187e596861
oss-fuzz/tiff_read_rgba_fuzzer.cc: fix wrong env variable value in previous commit 2019-08-11 00:36:31 +02:00
Even Rouault
2c7e74245a
oss-fuzz/tiff_read_rgba_fuzzer.cc: avoid issue with libjpeg-turbo and MSAN 2019-08-11 00:24:41 +02:00
Even Rouault
43908ce15e
OJPEG: fix integer division by zero on corrupted subsampling factors. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15824. Credit to OSS Fuzz 2019-08-10 19:36:09 +02:00
Even Rouault
75c1cf5e91
Merge branch 'ossfuzz_i386' 2019-08-10 18:45:16 +02:00
Even Rouault
76f1531f5f
contrib/oss-fuzz/build.sh: fix for i386 build of jbigkit, and use $LIB_FUZZING_ENGINE 2019-08-10 18:40:50 +02:00
Even Rouault
a7fa3410d9 Merge branch 'patch-1' into 'master' 
fix two tiny typos

See merge request libtiff/libtiff!89
 2019-08-10 16:00:00 +00:00
Reto Kromer
3fd6bb95dc fix two tiny typos 2019-08-10 15:54:23 +00:00
Even Rouault
66ff50ec79 Merge branch 'patch-1' into 'master' 
fix a typo in man page

See merge request libtiff/libtiff!88
 2019-08-09 17:26:44 +00:00