cheng/libtiff
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
3,316 Commits 1 Branch 0 Tags 11 MiB
40e3e51ec6
Commit Graph

3316 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Maarten Bent
40e3e51ec6 Swap preprocessor check and use ifdef instead of ifndef 2020-08-14 21:46:10 +02:00
Maarten Bent
39ba1ec447 Enable using built-in libtiff on Linux 2020-08-14 21:38:58 +02:00
Maarten Bent
9f657ff8a7 Rerun autogen.sh 2020-01-16 21:52:35 +01:00
Maarten Bent
a55183aada Create tag for v4.1.0 
-----BEGIN PGP SIGNATURE-----
 
 iHQEABEIAB0WIQTr39shsCDuj9FRqI3jAQR94RmJdQUCXb81vgAKCRDjAQR94RmJ
 dbHRAPjy7sZSwOMOGJXpE+/1q0OCWB7iWWQqy7TPb9+8HdtlAQCJXl0nJ423/DJ4
 JKmIRQXuXZ4SP33SCuh34O0VR/HX1g==
 =3q0Z
 -----END PGP SIGNATURE-----

Merge tag 'v4.1.0' into wx

Create tag for v4.1.0

# gpg verification failed.
 2020-01-16 21:43:13 +01:00
Bob Friesenhahn
e0d707dc15 libtiff 4.1.0 released 2019-11-03 14:15:37 -06:00
Bob Friesenhahn
9700cdfa77 ChangeLog updated with latest git commits. 2019-11-03 14:00:24 -06:00
Bob Friesenhahn
0cbdf1f903 Added a step for updating the legacy ChangeLog file. 2019-11-03 13:48:37 -06:00
Bob Friesenhahn
73975cbcb2 Ignore emacs temporary files (ending with tilde character). 2019-11-03 13:47:08 -06:00
Bob Friesenhahn
014441b770 Added release summary page for the 4.1.0 release. 2019-11-03 13:31:26 -06:00
Bob Friesenhahn
f18e1a2db5 Fix Cmake HAVE_GETOPT for systems which declare getopt in stdio.h. 
Fix utility baked-in getopt prototype which appears when HAVE_GETOPT is not defined.
 2019-11-03 11:21:26 -06:00
Bob Friesenhahn
aeb87392ad Fax2tiff.sh needs to remove its output file in advance. Syntax changes so that bash is not required. 2019-11-03 09:55:14 -06:00
Even Rouault
0219b01b54
tif_jpeg.c: extra cast to silence Coverity warning. GDAL CID 1406475 2019-10-26 22:45:36 +02:00
Even Rouault
8bf7b73703
tif_jpeg.c: fix warning added by previous commit (on 32bit builds) 2019-10-23 16:54:38 +02:00
Even Rouault
dc3eab1cdf Merge branch 'coverity-fixes' into 'master' 
Coverity fixes

See merge request libtiff/libtiff!94
 2019-10-23 13:20:38 +00:00
Timothy Lyanguzov
2105b48383 Use 64-bit calculations correctly 2019-10-23 11:43:43 +13:00
Timothy Lyanguzov
aa05cb1181 Fix size calculation to use 64-bit tmsize_t correctly 2019-10-23 11:20:34 +13:00
Timothy Lyanguzov
ec6f7c572d Make bytesperclumpline calculations using tmsize_t type 2019-10-23 10:40:50 +13:00
Vadim Zeitlin
2a4d3a974f Avoid warnings about casts between HANDLE and int in Win64 builds 
Add helper thandle_{from,to}_int() functions performing the casts
between (64-bit, under Win64) thandle_t and (32-bit, always) int in a
way that doesn't trigger compiler warnings.

Also explain why suppressing these warnings is the right thing to do.

Closes https://gitlab.com/libtiff/libtiff/issues/2
 2019-10-09 17:03:09 +02:00
Even Rouault
43b0c984f0
tif_read: align code of TIFFReadRawStrip() and TIFFReadRawTile() that differed for non good reason. Non-functional change normally. (fixes GitLab #162) 2019-10-03 21:14:44 +02:00
Even Rouault
fb5fbc320b
HTML: update for GitLab issues 2019-10-01 21:27:46 +02:00
Even Rouault
19f6b70d63
html/v3.5.6-beta.html: redact URL of defunct web site 2019-09-29 18:20:11 +02:00
Even Rouault
4d8cc50973
Website: update links to mailing list 2019-09-29 18:14:38 +02:00
Even Rouault
e86d43caee
TIFFReadAndRealloc(): avoid too large memory allocation attempts. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=17244 2019-09-18 01:21:17 +02:00
Even Rouault
3519ab6c7f
ByteCountLooksBad and EstimateStripByteCounts: avoid unsigned integer overflows. Fixes https://oss-fuzz.com/testcase-detail/5686156066291712 and https://oss-fuzz.com/testcase-detail/6332499206078464 2019-09-03 20:15:41 +02:00
Even Rouault
6de57f7e0f
tif_ojpeg.c: avoid relying on isTiled macro being wrapped in () 2019-09-02 16:22:10 +02:00
Even Rouault
7475a28508
tif_ojpeg.c: avoid use of uninitialized memory on edge/broken file. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16844 2019-09-02 16:21:02 +02:00
Even Rouault
4b2a343001
tiff_read_rgba_fuzzer.cc: add a -DSTANDALONE mode for easier reproduction of oss-fuzz reports 2019-09-02 15:33:46 +02:00
Even Rouault
760ecced1e
tif_dirread.c: allocChoppedUpStripArrays(). avoid unsigned integer overflow. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16846 2019-09-01 15:57:17 +02:00
Even Rouault
c22f319eb4
tif_ojpeg.c: avoid unsigned integer overflow. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16793 2019-08-27 10:58:21 +02:00
Even Rouault
9034afb440
TIFFReadDirEntryData(): rewrite to avoid unsigned integer overflow (not a bug). Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16792 2019-08-27 00:02:29 +02:00
Even Rouault
244dfb46af
TIFFFetchDirectory(): fix invalid cast from uint64 to tmsize_t. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16784 2019-08-26 18:57:29 +02:00
Even Rouault
1a4efdd151
JPEG: avoid use of unintialized memory on corrupted files 
Follow-up of cf3ce6fab8
Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16602
Credit to OSS Fuzz
 2019-08-25 14:54:26 +02:00
Even Rouault
804f40f3bf
_TIFFPartialReadStripArray(): avoid unsigned integer overflow. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16685 2019-08-24 00:37:17 +02:00
Even Rouault
7db298e3a8
OJPEGWriteHeaderInfo(): avoid unsigned integer overflow on strile dimensions close to UINT32_MAX. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16683 2019-08-23 23:03:15 +02:00
Even Rouault
67f7561e70
TIFFFillStrip(): avoid harmless unsigned integer overflow. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16653 2019-08-23 14:54:26 +02:00
Even Rouault
ea271d7434
EstimateStripByteCounts(): avoid unsigned integer overflow. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16643& 2019-08-23 13:03:44 +02:00
Even Rouault
5f6349d3f8
tif_ojpeg: avoid unsigned integer overflow (probably not a bug). Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16635 2019-08-23 12:38:46 +02:00
Even Rouault
c9edebfdb0
tif_thunder: avoid unsigned integer overflow (not a bug). Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16632 2019-08-23 12:28:25 +02:00
Even Rouault
f277541bd8
_TIFFMultiply32() / _TIFFMultiply64(): avoid relying on unsigned integer overflow (not a bug) 2019-08-22 13:02:07 +02:00
Even Rouault
c8f268ef1b
EstimateStripByteCounts(): avoid unsigned integer overflow 2019-08-22 10:19:44 +02:00
Even Rouault
761d50e34d
EstimateStripByteCounts(): avoid unsigned integer overflow 2019-08-21 17:59:15 +02:00
Even Rouault
324aa65c0d
EstimateStripByteCounts(): avoid harmless unsigned integer overflow 2019-08-20 18:09:46 +02:00
Even Rouault
dd50fedc2f
_TIFFPartialReadStripArray(): avoid triggering unsigned integer overflow with -fsanitize=unsigned-integer-overflow (not a bug, this is well defined by itself) 2019-08-20 15:29:06 +02:00
Even Rouault
b04da30e11
tiff2ps: fix use of wrong data type that caused issues (/Height being written as 0) on 64-bit big endian platforms 2019-08-18 10:52:45 +02:00
Even Rouault
1a11c9df6e
setByteArray(): fix previous commit 2019-08-16 19:59:18 +02:00
Even Rouault
1302ffb350
setByteArray(): avoid potential signed integer overflow. Pointed by Hendra Gunadi. No actual problem known (which does not mean there wouldn't be any. Particularly on 32bit builds) 2019-08-16 19:47:42 +02:00
Even Rouault
4bb584a35f
RGBA interface: fix integer overflow potentially causing write heap buffer overflow, especially on 32 bit builds. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16443. Credit to OSS Fuzz 2019-08-15 15:05:28 +02:00
Even Rouault
2218055ca6 Merge branch 'fix_integer_overflow' into 'master' 
Fix integer overflow in _TIFFCheckMalloc() and other implementation-defined behaviour (CVE-2019-14973)

See merge request libtiff/libtiff!90
 2019-08-14 09:47:58 +00:00
Even Rouault
1b5e3b6a23
Fix integer overflow in _TIFFCheckMalloc() and other implementation-defined behaviour (CVE-2019-14973) 
_TIFFCheckMalloc()/_TIFFCheckRealloc() used a unsafe way to detect overflow
in the multiplication of nmemb and elem_size (which are of type tmsize_t, thus
signed), which was especially easily triggered on 32-bit builds (with recent
enough compilers that assume that signed multiplication cannot overflow, since
this is undefined behaviour by the C standard). The original issue which lead to
this fix was trigged from tif_fax3.c

There were also unsafe (implementation defied), and broken in practice on 64bit
builds, ways of checking that a uint64 fits of a (signed) tmsize_t by doing
(uint64)(tmsize_t)uint64_var != uint64_var comparisons. Those have no known
at that time exploits, but are better to fix in a more bullet-proof way.
Or similarly use of (int64)uint64_var <= 0.
 2019-08-13 10:40:08 +02:00
Even Rouault
12768a24b1
TIFFClientOpen(): fix memory leak if one of the required callbacks is not provided. Fixed Coverity GDAL CID 1404110 2019-08-12 22:51:09 +02:00