cheng/libtiff
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
3,317 Commits 1 Branch 0 Tags 11 MiB
6e69a96bf6
Commit Graph

3317 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Vadim Zeitlin
6e69a96bf6 Merge branch 'buildin-linux' of https://github.com/MaartenBent/libtiff into wx 
Allow using tif_config.h not generated by configure under Linux too.

Note that the previous commit is best viewed with --color-moved option.

See https://github.com/wxWidgets/libtiff/pull/3
 2020-08-15 12:27:34 +02:00
Maarten Bent
40e3e51ec6 Swap preprocessor check and use ifdef instead of ifndef 2020-08-14 21:46:10 +02:00
Maarten Bent
39ba1ec447 Enable using built-in libtiff on Linux 2020-08-14 21:38:58 +02:00
Maarten Bent
9f657ff8a7 Rerun autogen.sh 2020-01-16 21:52:35 +01:00
Maarten Bent
a55183aada Create tag for v4.1.0 
-----BEGIN PGP SIGNATURE-----
 
 iHQEABEIAB0WIQTr39shsCDuj9FRqI3jAQR94RmJdQUCXb81vgAKCRDjAQR94RmJ
 dbHRAPjy7sZSwOMOGJXpE+/1q0OCWB7iWWQqy7TPb9+8HdtlAQCJXl0nJ423/DJ4
 JKmIRQXuXZ4SP33SCuh34O0VR/HX1g==
 =3q0Z
 -----END PGP SIGNATURE-----

Merge tag 'v4.1.0' into wx

Create tag for v4.1.0

# gpg verification failed.
 2020-01-16 21:43:13 +01:00
Bob Friesenhahn
e0d707dc15 libtiff 4.1.0 released 2019-11-03 14:15:37 -06:00
Bob Friesenhahn
9700cdfa77 ChangeLog updated with latest git commits. 2019-11-03 14:00:24 -06:00
Bob Friesenhahn
0cbdf1f903 Added a step for updating the legacy ChangeLog file. 2019-11-03 13:48:37 -06:00
Bob Friesenhahn
73975cbcb2 Ignore emacs temporary files (ending with tilde character). 2019-11-03 13:47:08 -06:00
Bob Friesenhahn
014441b770 Added release summary page for the 4.1.0 release. 2019-11-03 13:31:26 -06:00
Bob Friesenhahn
f18e1a2db5 Fix Cmake HAVE_GETOPT for systems which declare getopt in stdio.h. 
Fix utility baked-in getopt prototype which appears when HAVE_GETOPT is not defined.
 2019-11-03 11:21:26 -06:00
Bob Friesenhahn
aeb87392ad Fax2tiff.sh needs to remove its output file in advance. Syntax changes so that bash is not required. 2019-11-03 09:55:14 -06:00
Even Rouault
0219b01b54
tif_jpeg.c: extra cast to silence Coverity warning. GDAL CID 1406475 2019-10-26 22:45:36 +02:00
Even Rouault
8bf7b73703
tif_jpeg.c: fix warning added by previous commit (on 32bit builds) 2019-10-23 16:54:38 +02:00
Even Rouault
dc3eab1cdf Merge branch 'coverity-fixes' into 'master' 
Coverity fixes

See merge request libtiff/libtiff!94
 2019-10-23 13:20:38 +00:00
Timothy Lyanguzov
2105b48383 Use 64-bit calculations correctly 2019-10-23 11:43:43 +13:00
Timothy Lyanguzov
aa05cb1181 Fix size calculation to use 64-bit tmsize_t correctly 2019-10-23 11:20:34 +13:00
Timothy Lyanguzov
ec6f7c572d Make bytesperclumpline calculations using tmsize_t type 2019-10-23 10:40:50 +13:00
Vadim Zeitlin
2a4d3a974f Avoid warnings about casts between HANDLE and int in Win64 builds 
Add helper thandle_{from,to}_int() functions performing the casts
between (64-bit, under Win64) thandle_t and (32-bit, always) int in a
way that doesn't trigger compiler warnings.

Also explain why suppressing these warnings is the right thing to do.

Closes https://gitlab.com/libtiff/libtiff/issues/2
 2019-10-09 17:03:09 +02:00
Even Rouault
43b0c984f0
tif_read: align code of TIFFReadRawStrip() and TIFFReadRawTile() that differed for non good reason. Non-functional change normally. (fixes GitLab #162) 2019-10-03 21:14:44 +02:00
Even Rouault
fb5fbc320b
HTML: update for GitLab issues 2019-10-01 21:27:46 +02:00
Even Rouault
19f6b70d63
html/v3.5.6-beta.html: redact URL of defunct web site 2019-09-29 18:20:11 +02:00
Even Rouault
4d8cc50973
Website: update links to mailing list 2019-09-29 18:14:38 +02:00
Even Rouault
e86d43caee
TIFFReadAndRealloc(): avoid too large memory allocation attempts. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=17244 2019-09-18 01:21:17 +02:00
Even Rouault
3519ab6c7f
ByteCountLooksBad and EstimateStripByteCounts: avoid unsigned integer overflows. Fixes https://oss-fuzz.com/testcase-detail/5686156066291712 and https://oss-fuzz.com/testcase-detail/6332499206078464 2019-09-03 20:15:41 +02:00
Even Rouault
6de57f7e0f
tif_ojpeg.c: avoid relying on isTiled macro being wrapped in () 2019-09-02 16:22:10 +02:00
Even Rouault
7475a28508
tif_ojpeg.c: avoid use of uninitialized memory on edge/broken file. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16844 2019-09-02 16:21:02 +02:00
Even Rouault
4b2a343001
tiff_read_rgba_fuzzer.cc: add a -DSTANDALONE mode for easier reproduction of oss-fuzz reports 2019-09-02 15:33:46 +02:00
Even Rouault
760ecced1e
tif_dirread.c: allocChoppedUpStripArrays(). avoid unsigned integer overflow. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16846 2019-09-01 15:57:17 +02:00
Even Rouault
c22f319eb4
tif_ojpeg.c: avoid unsigned integer overflow. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16793 2019-08-27 10:58:21 +02:00
Even Rouault
9034afb440
TIFFReadDirEntryData(): rewrite to avoid unsigned integer overflow (not a bug). Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16792 2019-08-27 00:02:29 +02:00
Even Rouault
244dfb46af
TIFFFetchDirectory(): fix invalid cast from uint64 to tmsize_t. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16784 2019-08-26 18:57:29 +02:00
Even Rouault
1a4efdd151
JPEG: avoid use of unintialized memory on corrupted files 
Follow-up of cf3ce6fab8
Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16602
Credit to OSS Fuzz
 2019-08-25 14:54:26 +02:00
Even Rouault
804f40f3bf
_TIFFPartialReadStripArray(): avoid unsigned integer overflow. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16685 2019-08-24 00:37:17 +02:00
Even Rouault
7db298e3a8
OJPEGWriteHeaderInfo(): avoid unsigned integer overflow on strile dimensions close to UINT32_MAX. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16683 2019-08-23 23:03:15 +02:00
Even Rouault
67f7561e70
TIFFFillStrip(): avoid harmless unsigned integer overflow. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16653 2019-08-23 14:54:26 +02:00
Even Rouault
ea271d7434
EstimateStripByteCounts(): avoid unsigned integer overflow. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16643& 2019-08-23 13:03:44 +02:00
Even Rouault
5f6349d3f8
tif_ojpeg: avoid unsigned integer overflow (probably not a bug). Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16635 2019-08-23 12:38:46 +02:00
Even Rouault
c9edebfdb0
tif_thunder: avoid unsigned integer overflow (not a bug). Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16632 2019-08-23 12:28:25 +02:00
Even Rouault
f277541bd8
_TIFFMultiply32() / _TIFFMultiply64(): avoid relying on unsigned integer overflow (not a bug) 2019-08-22 13:02:07 +02:00
Even Rouault
c8f268ef1b
EstimateStripByteCounts(): avoid unsigned integer overflow 2019-08-22 10:19:44 +02:00
Even Rouault
761d50e34d
EstimateStripByteCounts(): avoid unsigned integer overflow 2019-08-21 17:59:15 +02:00
Even Rouault
324aa65c0d
EstimateStripByteCounts(): avoid harmless unsigned integer overflow 2019-08-20 18:09:46 +02:00
Even Rouault
dd50fedc2f
_TIFFPartialReadStripArray(): avoid triggering unsigned integer overflow with -fsanitize=unsigned-integer-overflow (not a bug, this is well defined by itself) 2019-08-20 15:29:06 +02:00
Even Rouault
b04da30e11
tiff2ps: fix use of wrong data type that caused issues (/Height being written as 0) on 64-bit big endian platforms 2019-08-18 10:52:45 +02:00
Even Rouault
1a11c9df6e
setByteArray(): fix previous commit 2019-08-16 19:59:18 +02:00
Even Rouault
1302ffb350
setByteArray(): avoid potential signed integer overflow. Pointed by Hendra Gunadi. No actual problem known (which does not mean there wouldn't be any. Particularly on 32bit builds) 2019-08-16 19:47:42 +02:00
Even Rouault
4bb584a35f
RGBA interface: fix integer overflow potentially causing write heap buffer overflow, especially on 32 bit builds. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16443. Credit to OSS Fuzz 2019-08-15 15:05:28 +02:00
Even Rouault
2218055ca6 Merge branch 'fix_integer_overflow' into 'master' 
Fix integer overflow in _TIFFCheckMalloc() and other implementation-defined behaviour (CVE-2019-14973)

See merge request libtiff/libtiff!90
 2019-08-14 09:47:58 +00:00
Even Rouault
1b5e3b6a23
Fix integer overflow in _TIFFCheckMalloc() and other implementation-defined behaviour (CVE-2019-14973) 
_TIFFCheckMalloc()/_TIFFCheckRealloc() used a unsafe way to detect overflow
in the multiplication of nmemb and elem_size (which are of type tmsize_t, thus
signed), which was especially easily triggered on 32-bit builds (with recent
enough compilers that assume that signed multiplication cannot overflow, since
this is undefined behaviour by the C standard). The original issue which lead to
this fix was trigged from tif_fax3.c

There were also unsafe (implementation defied), and broken in practice on 64bit
builds, ways of checking that a uint64 fits of a (signed) tmsize_t by doing
(uint64)(tmsize_t)uint64_var != uint64_var comparisons. Those have no known
at that time exploits, but are better to fix in a more bullet-proof way.
Or similarly use of (int64)uint64_var <= 0.
 2019-08-13 10:40:08 +02:00