| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
| |
The code value after a reset wasn't being validated, which means we would
accept invalid codes. This could cause an infinite loop in the decoder.
Fixes CVE-2020-29385
Fixes https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/issues/164
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Libjasper is not really maintained any more, and has been dropped by
various Linux distributions over the years.
GdkPixbuf has not enabled the JPEG2000 loader by default in many years,
relying on downstream distributors to do so if they also shipped
libjasper. This means that it's unlikely anybody has relied on GdkPixbuf
to load a JPEG2000 image for the past 3 to 5 years, if at all.
The only other option for loading JPEG2000 images is to use OpenJPEG,
and for that there is an out of tree GdkPixbuf module available:
https://notabug.org/necklace/jp2-pixbuf-loader
Fixes: #152, #137
|
| |
|
|
|
|
| |
A laaaarge XPM file.
|
|
|
|
| |
https://bugzilla.gnome.org/show_bug.cgi?id=793470
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The following was occurring:
1. A clear code is detected in the LZW stream
2. The first code is detected as a clear.
3. The following code is returned as a color index, this breaks if it is a
clear.
There were two codepaths in use, one for handling the first clear in the LZW
sequence and another for handling clears within the sequence. The former
handled sequential clears correctly, the latter did not.
The solution is to the correct codepath and remove the other one. This
simplification should not affect other decoding (as confirmed by the test
suite).
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The following was occurring:
1. Code words would be read from the LZW data blocks.
2. If there was exactly enough space for one more codeword in the block, more
blocks were read. This is the off by one error. It should have read the
last code before doing this.
3. If the next block was the terminating block the code would be marked as
complete.
4. Another block would be attempted to be read, because the decoder was still
in the same state as step 2.
5. An error was generated because the decoder was trying to read blocks after it
had determined the stream had ended.
This fixes the GIF decoder failing to decode images without an
end-of-information code.
|
|
|
|
|
|
|
|
|
| |
Add tests that exert many different types of GIF files. Some of the tests are
disabled as the current gdk-pixbuf GIF implementation doesn't handle them
correctly. Future commits will fix these issues and enable the tests.
The test suite is generated in the PyGIF project
(https://github.com/robert-ancell/pygif)
|
| |
|
|
|
|
| |
https://bugzilla.gnome.org/show_bug.cgi?id=779016
|
|
|
|
| |
https://bugzilla.gnome.org/show_bug.cgi?id=778584
|
|
|
|
|
|
| |
Provided by Ariel Zelivansky <ariel.zelivans@gmail.com>
https://bugzilla.gnome.org/show_bug.cgi?id=779012
|
|
|
|
| |
https://bugzilla.gnome.org/show_bug.cgi?id=785973
|
|
|
|
| |
https://bugzilla.gnome.org/show_bug.cgi?id=787050
|
|
|
|
|
|
| |
File created using afl.
https://bugzilla.gnome.org/show_bug.cgi?id=777315
|
|
|
|
|
|
| |
The loader should return an error in that case.
https://bugzilla.gnome.org/show_bug.cgi?id=778204
|
|
|
|
|
|
|
| |
Originally from the JPEG conformance tests:
http://people.sc.fsu.edu/~jburkardt/data/jpg/jpg.html
https://bugzilla.gnome.org/show_bug.cgi?id=785171
|
|
|
|
| |
https://bugzilla.gnome.org/show_bug.cgi?id=785447
|
|
|
|
| |
https://bugzilla.gnome.org/show_bug.cgi?id=776040
|
|
|
|
|
| |
afl created a file which ASan complains about:
io-bmp.c:475:63: runtime error: signed integer overflow: 524672 * 4096 cannot be represented in type 'int'
|
| |
|
|
|
|
|
|
| |
Overflow checks were added in commit 14904cb842.
https://bugzilla.gnome.org/show_bug.cgi?id=784903
|
| |
|
|
|
|
|
|
|
|
|
|
| |
As we always create a GdkPixbuf with alpha, even if the original file
doesn't have an alpha channel, or a mask, make sure to set the alpha
pixel value in all cases, if only to have it overridden if there is a
mask present.
This makes it possible to use the reference test without having
differing alpha values.
|
|
|
|
|
|
| |
It currently errors out with "TGA image was truncated or incomplete".
https://bugzilla.gnome.org/show_bug.cgi?id=575217
|
|
|
|
| |
https://bugzilla.gnome.org/show_bug.cgi?id=685543
|
|
|
|
|
|
|
|
| |
This compares a broken file, which might have random data inside the
part of the image that was missing from the file, with our version
which will have a flat colour instead.
https://bugzilla.gnome.org/show_bug.cgi?id=696331
|
|
|
|
|
|
|
|
|
| |
In case jp2 is supported, add a test to pixbuf-threads for it,
since seems is the place where most of the format tests are performed.
The image used as a test is the one provided by upstream libjasper.
https://bugzilla.gnome.org/show_bug.cgi?id=760474
|
|
|
|
| |
https://bugzilla.gnome.org/show_bug.cgi?id=766890
|
|
|
|
| |
https://bugzilla.gnome.org/show_bug.cgi?id=775648
|
|
|
|
| |
https://bugzilla.gnome.org/show_bug.cgi?id=775242
|
|
|
|
| |
https://bugzilla.gnome.org/show_bug.cgi?id=775232
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Instead of risking crashes or OOM, return an error if
we detect integer overflow.
The commit also includes a test image that triggers
this overflow when used with pixbuf-read.
https://bugzilla.gnome.org/show_bug.cgi?id=768738
|
|
|
|
|
|
|
|
|
|
| |
When the ico header turn out to be bad, always set an
error when we fail. Otherwise, applications will get
confused.
This commit also adds an example image with a bad ico header.
https://bugzilla.gnome.org/show_bug.cgi?id=768484
|
|
|
|
|
|
|
|
|
|
| |
Return an error if n_colors * samples overflows.
This commit also adds a reproducer that will cause
pixbuf-randomly-modified to crash in the absence of
the patch.
https://bugzilla.gnome.org/show_bug.cgi?id=768688
|
|
|
|
| |
These images are buggy, but we load them. So add them as reftests.
|
|
|
|
| |
They exploit a bunch of bugs I encountered while redoing the TGA loader.
|
|
|
|
| |
I have no idea if they *should* load, but they do.
|
|
|
|
|
| |
Gimp and gdk-pixbuf load this image, so don't pretend in the testsuite
that we can;t load it.
|
| |
|
|
|
|
|
| |
The typo was inconsequential, because the variable was auto-expanded to
its current value anyway.
|
|
|
|
|
| |
Make sure they have a sane file extension so it's easy for tools to
identify them from their filename.
|
|
|
|
| |
The wbmp and ras loaders were dropped, no need to keep the filrs.
|
|
|
|
| |
Compare image with a reference PNG.
|
| |
|
|
|
|
|
|
| |
Make test-images/ a directory only containing subdirectories for ease of
maintenance.
Move all images from that directory to test-images/randomly-modified.
|
|
|
|
|
|
| |
Add a bunch of TGA files and a test that loads the image byte by byte
and copies only the parts given via the area-updated signal of the
loader and then checks the resulting image is correct.
|
|
|
|
| |
From data_S0626.tgz in https://bugzilla.gnome.org/show_bug.cgi?id=517195
|
|
|
|
| |
https://bugzilla.gnome.org/show_bug.cgi?id=519514
|