summaryrefslogtreecommitdiff
path: root/third_party/libopenjpeg20/j2k.c
AgeCommit message (Collapse)Author
2018-08-01Fix assertion in opj_j2k_merge_ppt().Lei Zhang
This patches in: https://github.com/uclouvain/openjpeg/commit/832dfd18 https://github.com/uclouvain/openjpeg/commit/0c913b0a Also clean up a duplicate patch number and update README.pdfium. BUG=chromium:614691 Change-Id: I282abfe227e2f667418e5d9058e96e253b220de7 Reviewed-on: https://pdfium-review.googlesource.com/39352 Reviewed-by: Nicolás Peña Moreno <npm@chromium.org> Commit-Queue: Lei Zhang <thestig@chromium.org>
2018-01-10[OpenJPEG] Fix integer overflowNicolas Pena
Bug: 796812 Change-Id: I857f037028ea0e74544bdc7c8cd26b4b44e64ec4 Reviewed-on: https://pdfium-review.googlesource.com/22610 Reviewed-by: dsinclair <dsinclair@chromium.org> Commit-Queue: Nicolás Peña Moreno <npm@chromium.org>
2017-10-23Upgrade LibopenJPEG to 2.3chromium/3249Nicolas Pena
Bug: Change-Id: I4c968a4e5f41037d80e5dc64a1297cd2cbda31b1 Reviewed-on: https://pdfium-review.googlesource.com/16350 Reviewed-by: dsinclair <dsinclair@chromium.org> Commit-Queue: Nicolás Peña Moreno <npm@chromium.org>
2017-09-05Upgrade OpenJPEG to 2.2.0Nicolas Pena
This CL upgrades OpenJPEG by copying the files from 2.2.0 and then applying patches. Patch files that are no longer relevant are deleted. The relevant ones are applied manually due to changes in formatting in OpenJPEG. Patch 34 is added to account for opj_malloc changes in PDFium. Bug: chromium:718731 Change-Id: I3d316893eab5e235c9f71222a6818b8ae0c98383 Reviewed-on: https://pdfium-review.googlesource.com/12770 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org>
2017-05-09LibOpenJPEG: restrict l_img_comp->prec to avoid undefined shiftNicolas Pena
The 38 value seems arbitrary, and the prec is used in OPJ_INT32 with 1 << (prec - 1). So limit it to be at most 31, and avoid undefined shifts. Bug: chromium:698498 Change-Id: I840f2e65231ac7847ed26bcaea36471a53be49e8 Reviewed-on: https://pdfium-review.googlesource.com/5173 Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: Nicolás Peña <npm@chromium.org>
2017-03-01LibOpenJPEG upstream: check size in opj_j2k_read_sizNicolas Pena
This happens to fix the bug in question but I suspect they still do not have enough checks to prevent undefined shifts. Patch: https://github.com/uclouvain/openjpeg/pull/762/commits/5afb4d0546dd1b0a162b4e895cfdcfa4b32f1180 BUG=694042 Change-Id: I9466eb2b095f07233517ff5f1bcb0c2437be78ac Reviewed-on: https://pdfium-review.googlesource.com/2888 Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org>
2017-01-25Use opj_uint_ceildiv where it is better than its int versionNicolas Pena
Replaced (OPJ_UINT32)opj_int_ceildiv((OPJ_INT32)a, (OPJ_INT32) b) with opj_uint_ceildiv(a, b), which makes much more sense. BUG=683156 Change-Id: Ie9d6736f4ec0f16d14f203850a14f0dabd73ee38 Reviewed-on: https://pdfium-review.googlesource.com/2352 Reviewed-by: dsinclair <dsinclair@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: Nicolás Peña <npm@chromium.org>
2017-01-24Check m_data!=null when adding mctNicolas Pena
m_decorrelation_array and m_offset_array can be assigned to l_mct_data, which can be set in opj_j2k_read_mct. In this method, there can be an early true return before allocating m_data but after freeing it. BUG=678342 Change-Id: Id9ea3cc57a9a278deb1540e5db8a94db86018fd6 Reviewed-on: https://pdfium-review.googlesource.com/2350 Commit-Queue: Nicolás Peña <npm@chromium.org> Commit-Queue: dsinclair <dsinclair@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org>
2017-01-19Return error in opj_j2k_read_header_procedure if l_marker_size < 2Nicolas Pena
If we do not do this check, it will overflow to a huge unsigned int, so we will allocate a lot of memory etc. BUG=682182 Change-Id: I24b6654860c43e5d4deea753868b9d842f859cff Reviewed-on: https://pdfium-review.googlesource.com/2272 Reviewed-by: dsinclair <dsinclair@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org> Commit-Queue: Nicolás Peña <npm@chromium.org>
2017-01-11Really fix m_nb_mct_records calculation in opj_j2k_read_mctNicolas Pena
My previous attempt did not follow precisely the way m_nb_mcc_records is increased in opj_j2k_read_mcc. Previous: https://pdfium-review.googlesource.com/c/2165/ BUG=678461, 680102 Change-Id: I3e14c440e3a49b714f8cd82d44992fe647200336 Reviewed-on: https://pdfium-review.googlesource.com/2171 Commit-Queue: Nicolás Peña <npm@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org>
2017-01-10Fix m_nb_mct_records calculation in opj_j2k_read_mctNicolas Pena
Now we update m_nb_mct_records only when there was a new mct record, and l_mct_data computations all went through. In previous version, the ++l_tcp->m_nb_mcc_records was in the end, without the if. Notice that this is similar to the analoguous in opj_j2k_read_mcc. CL that changed the calculation: https://github.com/uclouvain/openjpeg/commit/7a8cdc4bb071494fccf4714413191a52eb924b60 BUG=678461 Change-Id: I9a9e7eb03d1da085f8eb15a221a6bc0a91736662 Reviewed-on: https://pdfium-review.googlesource.com/2165 Commit-Queue: Nicolás Peña <npm@chromium.org> Reviewed-by: dsinclair <dsinclair@chromium.org>
2016-07-25Fix an integer overflow in opj_tcd_get_decoded_tile_size().chromium/2810chromium/2809ochang
Based on suggested patch by reporter. BUG=629919 Review-Url: https://codereview.chromium.org/2182683002
2016-06-20openjpeg: Prevent a buffer overflow in opj_j2k_read_SQcd_SQcc.stackexploit
BUG=chromium:619405 R=ochang@chromium.org Review-Url: https://codereview.chromium.org/2071773002
2016-05-20openjpeg: Prevent a buffer overflow in opj_j2k_read_SPCod_SPCoc.chromium/2747chromium/2746chromium/2745chromium/2744ochang
BUG=chromium:613160 Review-Url: https://codereview.chromium.org/2001663002
2016-02-23openjpeg: Prevent bad cast in opj_j2k_update_image_dataOliver Chang
R=tsepez@chromium.org BUG=587227 Review URL: https://codereview.chromium.org/1726843002 .
2015-12-11Merge to XFA: openjpeg: fix incrementing of "l_tcp->m_nb_mcc_records" in ↵Oliver Chang
opj_j2k_read_mcc TBR=tsepez@chromium.org BUG=554129 Original Review URL: https://codereview.chromium.org/1488303004 . (cherry picked from commit e2eb04f0352d621bc8837217078c23d67044bf38) Review URL: https://codereview.chromium.org/1524553002 .
2015-10-13upgrade openjpeg to commit# cf352afJun Fang
BUG=457480,497355 R=tsepez@chromium.org Review URL: https://codereview.chromium.org/1338973005 .
2015-06-18Merge to XFA: Move libopenjpeg to third_party/Tom Sepez
Original Review URL: https://codereview.chromium.org/1185373010. TBR=thestig@chromium.org Review URL: https://codereview.chromium.org/1193773002.