cheng/libtiff
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
2,780 Commits 1 Branch 0 Tags 11 MiB
87f02eaced
Commit Graph

2780 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Bob Friesenhahn
e18809068d * tools/raw2tiff.c (main): Fix Coverity 1024887 "Unchecked return 
value from library".
(guessSize): Fix Coverity 1024888 "Unchecked return value from
library".
(guessSize): Fix Coverity 1214162 "Ignoring number of bytes read".
(guessSize): Fix Coverity 1024889 "Unchecked return value from
library".
 2015-05-30 16:13:29 +00:00
Bob Friesenhahn
cf204cbace * tools/tiff2pdf.c (t2p_readwrite_pdf_image): Fix Coverity 298621 
"Resource leak".
(t2p_readwrite_pdf_image): Fix Coverity 1024181 "Structurally dead
code".
(t2p_write_pdf): Fix Coverity 1227690 "Unused value".
 2015-05-30 15:33:54 +00:00
Bob Friesenhahn
aea225d02e * contrib/iptcutil/iptcutil.c (formatIPTC): Fix Coverity 1024468 
"Infinite loop".
(formatIPTC): Fix Coverity 1024727 "Truncated stdio return value".
(formatIPTC): Fix Coverity 1214240 "Untrusted loop bound".
 2015-05-29 13:43:47 +00:00
Bob Friesenhahn
f197c2dd60 * contrib/addtiffo/tif_ovrcache.c (TIFFCreateOvrCache): Fix 
Coverity 298615 "Resource leak".
(TIFFGetOvrBlock): Fix Coverity 1024649 "Unintended sign
extension".
 2015-05-29 03:08:19 +00:00
Bob Friesenhahn
b22be0db67 * tools/bmp2tiff.c (main): Fix Coverity 1024225 "Untrusted value 
as argument".
(main): Fix Coverity 1024678 "Unchecked return value from
library".
(main): Fix Coverity 1024679 "Unchecked return value from
library".
(main): Fix Coverity 1214160 "Ignoring number of bytes read".
 2015-05-29 02:37:56 +00:00
Bob Friesenhahn
5e6fbd86d2 * contrib/addtiffo/tif_ovrcache.c (TIFFCreateOvrCache): Fix 
Coverity 298615 "Resource leak".
 2015-05-28 13:26:03 +00:00
Bob Friesenhahn
8942af3dfe * tools/tiffcp.c: Fix Coverity 1024306, 1024307, 1024308, 1024309 
"Resource leak".
 2015-05-28 13:17:35 +00:00
Bob Friesenhahn
defff15535 * tools/tiffsplit.c (cpTiles): Fix Coverity 1024304 "Resource 
leak".
(cpStrips): Fix Coverity 1024305 "Resource leak".
 2015-05-28 13:10:26 +00:00
Bob Friesenhahn
547c3ecfcf (main): Quiet Coverity 1024223 "Untrusted value as argument". 2015-05-28 04:07:30 +00:00
Bob Friesenhahn
f795d89909 (main): Fix Coverity 1301206: "Integer handling issues (BAD_SHIFT)". 2015-05-28 03:52:00 +00:00
Bob Friesenhahn
6a41c7a28f * tools/ras2tiff.c: Fix Sun Raster header definition to be safe 
for 64-bit systems.  Add some header validations.  Should fix many
Coverity issues.
 2015-05-28 03:30:41 +00:00
Bob Friesenhahn
a80995a42b (get_histogram): Quiet Coverity 1024386 "Out-of-bounds read". 
This was a benign mis-diagnosis but added code to enforce against
buffer overflow.
 2015-05-28 03:08:18 +00:00
Bob Friesenhahn
73dcb5ee75 * tools/tiffmedian.c (GetInputLine): Fix Coverity 1024795 "Nesting 
level does not match indentation".
 2015-05-28 02:25:11 +00:00
Bob Friesenhahn
c05bbbe6e8 (loadImage): Fix Coverity 1299740 "Out-of-bounds write". 2015-05-28 02:19:16 +00:00
Bob Friesenhahn
022cd04c80 (loadImage): Fix Coverity 1299741 "Dereference before null check". 2015-05-28 02:16:08 +00:00
Bob Friesenhahn
4d8fac3be8 (writeCroppedImage): Fix Coverity 1024797 "Nesting level does not 
match indentation".
 2015-05-28 02:11:00 +00:00
Bob Friesenhahn
e6aabe4992 (writeSingleSection): Fix Coverity 1024796 "Nesting level does not 
match indentation".
 2015-05-28 02:07:59 +00:00
Bob Friesenhahn
0ba4515b24 (readContigTilesIntoBuffer): Fix Coverity 1024586 "Logically dead 
code".
 2015-05-28 02:02:09 +00:00
Bob Friesenhahn
7a8431b414 (readContigStripsIntoBuffer): Fix Coverity 1024545 "Division or 
modulo by zero".
 2015-05-28 01:59:10 +00:00
Bob Friesenhahn
1752529e75 * tools/tiffcrop.c (ROTATE_ANY): Fix Coverity 1294542 "Logical 
vs. bitwise operator".
 2015-05-28 01:50:20 +00:00
Even Rouault
7bed6738f2 * tools/tiffdither.c: check memory allocations to avoid writing to 
NULL pointer. Also check multiplication overflow. Fixes #2501,
CVE-2014-8128. Derived from patch by Petr Gajdos.
 2015-03-02 16:16:38 +00:00
Even Rouault
cb66df4e65 * add html/v4.0.4beta.html under version control 
* HOWTO-RELEASE: write that cvs add html/vX.X.html must be used
 2015-01-26 15:14:45 +00:00
Even Rouault
a1caf14ce4 * libtiff 4.0.4beta released 2015-01-26 12:24:11 +00:00
Even Rouault
a17a6e5ecd * automake: updated to 1.15 
* libtool: updated to 2.4.5
 2015-01-26 10:29:40 +00:00
Even Rouault
45922132cf * tools/tiff2pdf.c: Fix two crashes (oCERT-2014-013) 2015-01-22 09:58:49 +00:00
Frank Warmerdam
09dfa00849 remove note about requiring approval to join tiff list 2015-01-05 19:49:37 +00:00
Olivier Paquet
79676ae61c * tools/tiff2pdf.c: Fixed unsigned integer addition overflow detection. 2015-01-05 19:03:11 +00:00
Even Rouault
7f884b953c * libtiff/tif_dirread.c: in TIFFCheckDirOffset(), avoid uint16 overflow 
when reading more than 65535 directories, and effectively error out when
reaching that limit.
 2015-01-03 18:03:40 +00:00
Even Rouault
376ee1fc20 * libtiff/tif_jpeg.c: in JPEGFixupTags(), recognize SOF2, SOF9 and SOF10 
markers to avoid emitting a warning (even if, according to the TechNote,
there are admitedly unusual/not recommended or even forbidden variants, but
they do work well with libjpeg for SOF2, and with libjpeg-turbo for SOF2,
SOF9 and SOF10).
Define in_color_space and input_components to the right values in
JPEGSetupEncode(), before calling jpeg_set_defaults(), as specified by
libjpeg API documentation, so as to be compatible with mozjpeg library.
Note: the default settings of mozjpeg will produce progressive scans, which
is forbidden by the TechNote.
 2014-12-30 16:37:22 +00:00
Even Rouault
f828693705 * libtiff/tif_getimage.c: move test on vertical value of YCbCr subsampling. 
to avoid buffer leak (fix previous fix, found by Coverity scan)
 2014-12-29 18:28:46 +00:00
Bob Friesenhahn
70239ee78e Remove mention of freshmeat since the site is frozen. 2014-12-29 15:39:02 +00:00
Bob Friesenhahn
429b3fdc90 * Update bundled libtool to 2.4.4 release. 2014-12-29 15:34:22 +00:00
Even Rouault
5b79c1f364 * libtiff/tif_next.c: add new tests to check that we don't read outside of 
the compressed input stream buffer.

* libtiff/tif_getimage.c: in OJPEG case, fix checks on strile width/height
 2014-12-29 12:09:11 +00:00
Even Rouault
5b06ac3f28 * libtiff/tif_dir.c: in TIFFDefaultDirectory(), reset any already existing 
extented tags installed by user code through the extender mechaninm before
calling the extender callback (GDAL #5054)
 2014-12-27 15:20:42 +00:00
Bob Friesenhahn
fdfa1a026f * tools/tiffcrop.c: Fix warnings about variables set but not used. 2014-12-26 16:32:31 +00:00
Bob Friesenhahn
a7ced11ff1 * contrib/iptcutil/iptcutil.c: Fix warnings about variables set 
but not used.
 2014-12-26 16:10:08 +00:00
Bob Friesenhahn
3b48ce4c7b * tools/tiffgt.c: Fix warnings about unused parameters. 2014-12-26 16:06:41 +00:00
Bob Friesenhahn
e501767856 * libtiff/tif_stream.cxx: Fix warnings about unused parameters. 2014-12-26 16:01:04 +00:00
Even Rouault
5ecaadc951 * libtiff/tif_getimage.c, libtiff/tif_ojpeg.c, libtiff/tif_zip.c: fix 
various typos found by Debian lintian tool (GDAL #5756)
 2014-12-25 18:29:11 +00:00
Even Rouault
65577375d4 * libtiff/tif_getimage.c: avoid divide by zero on invalid YCbCr subsampling. 
http://bugzilla.maptools.org/show_bug.cgi?id=2235
 2014-12-24 16:57:18 +00:00
Even Rouault
34d71374cc * tools/tiff2pdf.c: fix buffer overflow on some YCbCr JPEG compressed images. 
http://bugzilla.maptools.org/show_bug.cgi?id=2445
 2014-12-24 16:32:28 +00:00
Even Rouault
a42442d21f * tools/tiff2pdf.c: fix buffer overflow on YCbCr JPEG compressed image. 
Derived from patch by Petr Gajdos,
http://bugzilla.maptools.org/show_bug.cgi?id=2443
 2014-12-24 15:38:11 +00:00
Even Rouault
59e876aeeb * libtiff/tif_dirread.c: In EstimateStripByteCounts(), check return code 
of _TIFFFillStriles(). This solves crashing bug on corrupted
images generated by afl.
 2014-12-23 11:06:54 +00:00
Even Rouault
ed7dd273d5 * libtiff/tif_read.c: fix several invalid comparisons of a uint64 value with 
<= 0 by casting it to int64 first. This solves crashing bug on corrupted
images generated by afl.
 2014-12-23 10:15:35 +00:00
Bob Friesenhahn
53c7c58dd7 * tools/tiffdump.c: Guard against arithmetic overflow when 
calculating allocation buffer sizes.
 2014-12-22 02:52:38 +00:00
Even Rouault
5db18217c3 * tools/tiff2bw.c: when Photometric=RGB, the utility only works if 
SamplesPerPixel = 3. Enforce that
http://bugzilla.maptools.org/show_bug.cgi?id=2485 (CVE-2014-8127)
 2014-12-21 20:58:29 +00:00
Even Rouault
aaf52fa411 * tools/pal2rgb.c, tools/thumbnail.c: fix crash by disabling TIFFTAG_INKNAMES 
copying. The right fix would be to properly copy it, but not worth the burden
for those esoteric utilities.
http://bugzilla.maptools.org/show_bug.cgi?id=2484 (CVE-2014-8127)
 2014-12-21 20:04:31 +00:00
Even Rouault
47647443c1 * tools/thumbnail.c: fix out-of-buffer write 
http://bugzilla.maptools.org/show_bug.cgi?id=2489 (CVE-2014-8128)
 2014-12-21 19:53:59 +00:00
Even Rouault
1246f97138 * tools/thumbnail.c, tools/tiffcmp.c: only read/write TIFFTAG_GROUP3OPTIONS 
or TIFFTAG_GROUP4OPTIONS if compression is COMPRESSION_CCITTFAX3 or
COMPRESSION_CCITTFAX4
http://bugzilla.maptools.org/show_bug.cgi?id=2493 (CVE-2014-8128)
 2014-12-21 18:52:42 +00:00
Even Rouault
7d3b9da6cb * libtiff/tif_next.c: check that BitsPerSample = 2. Fixes 
http://bugzilla.maptools.org/show_bug.cgi?id=2487 (CVE-2014-8129)
 2014-12-21 18:07:48 +00:00