diff options
Diffstat (limited to 'tiff/ChangeLog')
| -rw-r--r-- | tiff/ChangeLog | 1599 |
1 files changed, 1589 insertions, 10 deletions
diff --git a/tiff/ChangeLog b/tiff/ChangeLog index ea8622b8a..01e2182cf 100644 --- a/tiff/ChangeLog +++ b/tiff/ChangeLog @@ -1,3 +1,1582 @@ +2019-11-03 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> + + libtiff 4.1.0 released. + + Added a step for updating the legacy ChangeLog file. + + Ignore emacs temporary files (ending with tilde character). + + Added release summary page for the 4.1.0 release. + + Fix Cmake HAVE_GETOPT for systems which declare getopt in stdio.h. Fix utility baked-in getopt prototype which appears when HAVE_GETOPT is not defined. + + Fax2tiff.sh needs to remove its output file in advance. Syntax changes so that bash is not required. + +2019-10-26 Even Rouault <even.rouault@spatialys.com> + + tif_jpeg.c: extra cast to silence Coverity warning. GDAL CID 1406475. + +2019-10-23 Even Rouault <even.rouault@spatialys.com> + + tif_jpeg.c: fix warning added by previous commit (on 32bit builds) + +2019-10-23 Even Rouault <even.rouault@spatialys.com> + + Merge branch 'coverity-fixes' into 'master' + Coverity fixes + + See merge request libtiff/libtiff!94 + +2019-10-22 Timothy Lyanguzov <timothy.lyanguzov@sap.com> + + Use 64-bit calculations correctly. + + Fix size calculation to use 64-bit tmsize_t correctly. + + Make bytesperclumpline calculations using tmsize_t type. + +2019-10-03 Even Rouault <even.rouault@spatialys.com> + + tif_read: align code of TIFFReadRawStrip() and TIFFReadRawTile() that differed for non good reason. Non-functional change normally. (fixes GitLab #162) + +2019-10-01 Even Rouault <even.rouault@spatialys.com> + + HTML: update for GitLab issues. + +2019-09-29 Even Rouault <even.rouault@spatialys.com> + + html/v3.5.6-beta.html: redact URL of defunct web site. + + Website: update links to mailing list. + +2019-09-17 Even Rouault <even.rouault@spatialys.com> + + TIFFReadAndRealloc(): avoid too large memory allocation attempts. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=17244 + +2019-09-03 Even Rouault <even.rouault@spatialys.com> + + ByteCountLooksBad and EstimateStripByteCounts: avoid unsigned integer overflows. Fixes https://oss-fuzz.com/testcase-detail/5686156066291712 and https://oss-fuzz.com/testcase-detail/6332499206078464 + +2019-09-02 Even Rouault <even.rouault@spatialys.com> + + tif_ojpeg.c: avoid relying on isTiled macro being wrapped in () + + tif_ojpeg.c: avoid use of uninitialized memory on edge/broken file. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16844 + + tiff_read_rgba_fuzzer.cc: add a -DSTANDALONE mode for easier reproduction of oss-fuzz reports + +2019-09-01 Even Rouault <even.rouault@spatialys.com> + + tif_dirread.c: allocChoppedUpStripArrays(). avoid unsigned integer overflow. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16846 + +2019-08-27 Even Rouault <even.rouault@spatialys.com> + + tif_ojpeg.c: avoid unsigned integer overflow. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16793 + +2019-08-26 Even Rouault <even.rouault@spatialys.com> + + TIFFReadDirEntryData(): rewrite to avoid unsigned integer overflow (not a bug). Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16792 + + TIFFFetchDirectory(): fix invalid cast from uint64 to tmsize_t. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16784 + +2019-08-25 Even Rouault <even.rouault@spatialys.com> + + JPEG: avoid use of unintialized memory on corrupted files. + Follow-up of cf3ce6fab894414a336546f62adc57f02590a22c + Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16602 + Credit to OSS Fuzz + +2019-08-23 Even Rouault <even.rouault@spatialys.com> + + _TIFFPartialReadStripArray(): avoid unsigned integer overflow. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16685 + + OJPEGWriteHeaderInfo(): avoid unsigned integer overflow on strile dimensions close to UINT32_MAX. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16683 + + TIFFFillStrip(): avoid harmless unsigned integer overflow. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16653 + + EstimateStripByteCounts(): avoid unsigned integer overflow. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16643& + + tif_ojpeg: avoid unsigned integer overflow (probably not a bug). Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16635 + + tif_thunder: avoid unsigned integer overflow (not a bug). Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16632 + +2019-08-22 Even Rouault <even.rouault@spatialys.com> + + _TIFFMultiply32() / _TIFFMultiply64(): avoid relying on unsigned integer overflow (not a bug) + + EstimateStripByteCounts(): avoid unsigned integer overflow. + +2019-08-21 Even Rouault <even.rouault@spatialys.com> + + EstimateStripByteCounts(): avoid unsigned integer overflow. + +2019-08-20 Even Rouault <even.rouault@spatialys.com> + + EstimateStripByteCounts(): avoid harmless unsigned integer overflow. + + _TIFFPartialReadStripArray(): avoid triggering unsigned integer overflow with -fsanitize=unsigned-integer-overflow (not a bug, this is well defined by itself) + +2019-08-18 Even Rouault <even.rouault@spatialys.com> + + tiff2ps: fix use of wrong data type that caused issues (/Height being written as 0) on 64-bit big endian platforms + +2019-08-16 Even Rouault <even.rouault@spatialys.com> + + setByteArray(): fix previous commit. + + setByteArray(): avoid potential signed integer overflow. Pointed by Hendra Gunadi. No actual problem known (which does not mean there wouldn't be any. Particularly on 32bit builds) + +2019-08-15 Even Rouault <even.rouault@spatialys.com> + + RGBA interface: fix integer overflow potentially causing write heap buffer overflow, especially on 32 bit builds. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16443. Credit to OSS Fuzz + +2019-08-14 Even Rouault <even.rouault@spatialys.com> + + Merge branch 'fix_integer_overflow' into 'master' + Fix integer overflow in _TIFFCheckMalloc() and other implementation-defined behaviour (CVE-2019-14973) + + See merge request libtiff/libtiff!90 + +2019-08-13 Even Rouault <even.rouault@spatialys.com> + + Fix integer overflow in _TIFFCheckMalloc() and other implementation-defined behaviour (CVE-2019-14973) + _TIFFCheckMalloc()/_TIFFCheckRealloc() used a unsafe way to detect overflow + in the multiplication of nmemb and elem_size (which are of type tmsize_t, thus + signed), which was especially easily triggered on 32-bit builds (with recent + enough compilers that assume that signed multiplication cannot overflow, since + this is undefined behaviour by the C standard). The original issue which lead to + this fix was trigged from tif_fax3.c + + There were also unsafe (implementation defied), and broken in practice on 64bit + builds, ways of checking that a uint64 fits of a (signed) tmsize_t by doing + (uint64)(tmsize_t)uint64_var != uint64_var comparisons. Those have no known + at that time exploits, but are better to fix in a more bullet-proof way. + Or similarly use of (int64)uint64_var <= 0. + +2019-08-12 Even Rouault <even.rouault@spatialys.com> + + TIFFClientOpen(): fix memory leak if one of the required callbacks is not provided. Fixed Coverity GDAL CID 1404110 + + OJPEGReadBufferFill(): avoid very long processing time on corrupted files. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16400. master only + +2019-08-10 Even Rouault <even.rouault@spatialys.com> + + oss-fuzz/tiff_read_rgba_fuzzer.cc: fix wrong env variable value in previous commit + + oss-fuzz/tiff_read_rgba_fuzzer.cc: avoid issue with libjpeg-turbo and MSAN + + OJPEG: fix integer division by zero on corrupted subsampling factors. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15824. Credit to OSS Fuzz + + Merge branch 'ossfuzz_i386' + + contrib/oss-fuzz/build.sh: fix for i386 build of jbigkit, and use $LIB_FUZZING_ENGINE + +2019-08-10 Even Rouault <even.rouault@spatialys.com> + + Merge branch 'patch-1' into 'master' + fix two tiny typos + + See merge request libtiff/libtiff!89 + +2019-08-10 Reto Kromer <rk@reto.ch> + + fix two tiny typos. + +2019-08-09 Even Rouault <even.rouault@spatialys.com> + + Merge branch 'patch-1' into 'master' + fix a typo in man page + + See merge request libtiff/libtiff!88 + +2019-08-09 Reto Kromer <rk@reto.ch> + + fix typo. + +2019-08-04 Even Rouault <even.rouault@spatialys.com> + + Merge branch 'TIFFTAGID_Zero_reading_IGNORE' into 'master' + Suppressed Reading of Tiff tags with ID = 0 (like GPSVERSIONID) corrected. + + See merge request libtiff/libtiff!77 + +2019-08-04 Su Laus <sulau@freenet.de> + + Reading of Tiff tags with ID = 0 (like GPSVERSIONID) corrected. + IGNORE placeholder in tif_dirread.c is now replaced by a field dir_ignore in the TIFFDirEntry structure + + Currently, in tif_dirread.c a special IGNORE value for the tif tags is defined + in order to flag status preventing already processed tags from further processing. + This irrational behaviour prevents reading of custom tags with id code 0 - like tag GPSVERSIONID from EXIF 2.31 definition. + + An additional field 'tdir_ignore' is now added to the TIFFDirEntry structure and code is changed + to allow tags with id code 0 to be read correctly. + + This change was already proposed as pending improvement in tif_dirread.c around line 32. + + Reference is also made to: + - Discussion in https://gitlab.com/libtiff/libtiff/merge_requests/39 + - http://bugzilla.maptools.org/show_bug.cgi?id=2540 + + Comments and indention adapted. + + Preparation to rebase onto master + +2019-07-16 Even Rouault <even.rouault@spatialys.com> + + Merge branch 'cmake_amd64' into 'master' + CMakeLists.txt: properly set value of HOST_FILLORDER to LSB2MSB for Windows CMake builds + + See merge request libtiff/libtiff!87 + +2019-07-15 Even Rouault <even.rouault@spatialys.com> + + CMakeLists.txt: properly set value of HOST_FILLORDER to LSB2MSB for Windows CMake builds + As can be seen in https://ci.appveyor.com/project/rleigh-codelibre/libtiff-didfs/builds/25846668/job/ory5w098j8wcij9x + log, the HOST_FILLORDER is not properly set: + + [00:02:58] -- CMAKE_HOST_SYSTEM_PROCESSOR set to AMD64 + [00:02:58] -- HOST_FILLORDER set to FILLORDER_MSB2LSB + + Ther reason is that we match the "amd64.*" lowercase string whereas + CMAKE_HOST_SYSTEM_PROCESSOR is set to AMD64 uppercase. + +2019-07-09 Even Rouault <even.rouault@spatialys.com> + + TIFFWriteCheck(): call TIFFForceStrileArrayWriting() when needed (should have gone with eaeca6274ae71cdfaeb9f673b6fb0f3cfc0e6ce5) (master only) + +2019-07-09 Even Rouault <even.rouault@spatialys.com> + + Merge branch 'fix_chromium_925269' into 'master' + OJPEG: avoid use of unintialized memory on corrupted files + + See merge request libtiff/libtiff!86 + +2019-07-05 Even Rouault <even.rouault@spatialys.com> + + OJPEG: avoid use of unintialized memory on corrupted files. + Fixes https://bugs.chromium.org/p/chromium/issues/detail?id=925269 + Patch from Lei Zhang with little adaptations. + +2019-06-29 Even Rouault <even.rouault@spatialys.com> + + Merge branch 'fix-division-by-zero' into 'master' + Return infinite distance when denominator is zero. + + See merge request libtiff/libtiff!85 + +2019-06-29 Dirk Lemstra <dirk@lemstra.org> + + Return infinite distance when denominator is zero. + +2019-06-29 Even Rouault <even.rouault@spatialys.com> + + Merge branch 'typetests' into 'master' + Add test to check that libtiff types have the correct size + + See merge request libtiff/libtiff!57 + +2019-05-31 Thomas Bernard <miniupnp@free.fr> + + make TIFF_SSIZE_T the same bitwidth as TIFF_SIZE_T. + it was previously the same bitwidth as unsigned char * + Pointers can be larger than size_t. + +2019-05-31 Thomas Bernard <miniupnp@free.fr> + + Add test to check that libtiff types have the correct size. + in configure/CMakeList.txt : + + - TIFF_INT8_T/TIFF_UINT8_T is signed/unsigned char + sizeof(char)==1 in C standard + - TIFF_INT16_T/TIFF_UINT16_T is signed/unsigned short + sizeof(short)>=2 in C standard + - TIFF_INT32_T/TIFF_UINT32_T is defined so its sizeof() is 4 + + - TIFF_INT64_T/TIFF_UINT64_T is defined so its sizeof() is 8 + + - TIFF_SIZE_T is defined so it has same sizeof() than size_t + + - TIFF_SSIZE_T is defined so it has same sizeof() than unsigned char * + +2019-05-29 Even Rouault <even.rouault@spatialys.com> + + Merge branch 'defer_strile_writing' into 'master' + Add TIFFDeferStrileArrayWriting() and TIFFForceStrileArrayWriting() + + See merge request libtiff/libtiff!82 + +2019-05-29 Even Rouault <even.rouault@spatialys.com> + + Merge branch 'TIFFReadFromUserBuffer' into 'master' + Add TIFFReadFromUserBuffer() + + See merge request libtiff/libtiff!81 + +2019-05-26 Even Rouault <even.rouault@spatialys.com> + + Fix vulnerability in 'D' (DeferStrileLoad) mode (master only) (fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=14908) + +2019-05-25 Even Rouault <even.rouault@spatialys.com> + + Replace 'stripped' by 'striped' in error messages. + +2019-05-25 Even Rouault <even.rouault@spatialys.com> + + Add TIFFDeferStrileArrayWriting() and TIFFForceStrileArrayWriting() + Those advanced writing functions must be used in a particular sequence + to make their intended effect. Their aim is to control when/where + the [Strip/Tile][Offsets/ByteCounts] arrays are written into the file. + + The purpose of this is to generate 'cloud-optimized geotiff' files where + the first KB of the file only contain the IFD entries without the potentially + large strile arrays. Those are written afterwards. + + The typical sequence of calls is: + TIFFOpen() + [ TIFFCreateDirectory(tif) ] + Set fields with calls to TIFFSetField(tif, ...) + TIFFDeferStrileArrayWriting(tif) + TIFFWriteCheck(tif, ...) + TIFFWriteDirectory(tif) + ... potentially create other directories and come back to the above directory + TIFFForceStrileArrayWriting(tif): emit the arrays at the end of file + + See test/defer_strile_writing.c for a practical example. + +2019-05-24 Even Rouault <even.rouault@spatialys.com> + + Fix vulnerability introduced by defer strile loading (master only) + Found on GDAL with https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=14894 + Disabling the TIFF_DEFERSTRILELOAD bit in ChopupStripArray() was a + bad idea since when using TIFFReadDirectory() to reload the directory again + would lead to a different value of td_rowsperstrip, which could confuse + readers if they relied on the value found initially. + + Fix typo in error message (master only) + +2019-05-22 Even Rouault <even.rouault@spatialys.com> + + Add TIFFReadFromUserBuffer() + This function replaces the use of TIFFReadEncodedStrip()/TIFFReadEncodedTile() + when the user can provide the buffer for the input data, for example when + he wants to avoid libtiff to read the strile offset/count values from the + [Strip|Tile][Offsets/ByteCounts] array. + + libtiff.def: add missing new symbols. + + test/defer_strile_loading.c: fix warning with Visual C++ + + _TIFFRewriteField(): fix for bigtiff case (master only) + 116cf67f4c59196605abdb244657c3070c4310af made StripByteCount/TileByteCount to + always be rewritten as TIFF_LONG8. + +2019-05-21 Even Rouault <even.rouault@spatialys.com> + + Merge branch 'ondemand_strile_offbytecount_loading' into 'master' + Make defer strile offset/bytecount loading available at runtime + + See merge request libtiff/libtiff!79 + +2019-05-21 Even Rouault <even.rouault@spatialys.com> + + Merge branch 'bigtiff_write_bytecount_on_long_when_possible' into 'master' + Create TileByteCounts/StripByteCounts tag with SHORT (ClassicTIFF/BigTIFF) or LONG (BigTIFF) type when possible + + See merge request libtiff/libtiff!78 + +2019-05-21 Even Rouault <even.rouault@spatialys.com> + + Merge branch 'html_link' into 'master' + libtiff.html, bigtiffpr.html: absolute => relative link + + See merge request libtiff/libtiff!80 + +2019-05-14 Thomas Bernard <miniupnp@free.fr> + + libtiff.html, bigtiffpr.html: absolute => relative link. + +2019-05-10 Even Rouault <even.rouault@spatialys.com> + + Make defer strile offset/bytecount loading available at runtime. + ... and add per-strile offset/bytecount loading capabilities. + + Part of this commit makes the behaviour that was previously met when + libtiff was compiled with -DDEFER_STRILE_LOAD available for default builds + when specifying the new 'D' (Deferred) TIFFOpen() flag. In that mode, the [Tile/Strip][ByteCounts/Offsets] + arrays are only loaded when first accessed. This can speed-up the opening + of files stored on the network when just metadata retrieval is needed. + This mode has been used for years by the GDAL library when compiled with + its embeded libtiff copy. + + To avoid potential out-of-tree code (typically codecs) that would use + the td_stripbytecount and td_stripoffset array inconditionnaly assuming they + have been loaded, those have been suffixed with _p (for protected). The + use of the new functions mentionned below is then recommended. + + Another addition of this commit is the capability of loading only the + values of the offset/bytecount of the strile of interest instead of the + whole array. This is enabled with the new 'O' (Ondemand) flag of TIFFOpen() + (which implies 'D'). That behaviour has also been used by GDAL, which hacked + into the td_stripoffset/td_stripbytecount arrays directly. The new code + added in the _TIFFFetchStrileValue() and _TIFFPartialReadStripArray() internal + functions is mostly a port of what was in GDAL GTiff driver previously. + + Related to that, the public TIFFGetStrileOffset[WithErr]() and TIFFGetStrileByteCount[WithErr]() + functions have been added to API. They are of particular interest when + using sparse files (with offset == bytecount == 0) and you want to detect + if a strile is present or not without decompressing the data, or updating + an existing sparse file. + They will also be used to enable a future enhancement where client code can entirely + skip bytecount loading in some situtations + + A new test/defer_strile_loading.c test has been added to test the above + capabilities. + +2019-05-10 Even Rouault <even.rouault@spatialys.com> + + Creation: use SHORT type when possible for StripByteCounts/TileByteCounts + This follows the same logic as previous commit. + +2019-05-09 Even Rouault <even.rouault@spatialys.com> + + BigTIFF creation: write TileByteCounts/StripByteCounts tag with LONG when possible + In most situations of BigTIFF file, the tile/strip sizes are of reasonable size, + that is they fit on a 4-byte LONG. So in that case, use LONG instead of LONG8 + to save some space. For uncompressed file, it is easy to detect such situations + by checking at the TIFFTileSize64()/TIFFStripSize64() return. For compressed file, + we must take into account the fact that compression may sometimes result in + larger compressed data. So we allow this optimization only for a few select + compression times, and take a huge security margin (10x factor). We also only + apply this optimization on multi-strip files, so as to allow easy on-the-fly + growing of single-strip files whose strip size could grow above the 4GB threshold. + + This change is compatible with the BigTIFF specification. According to + https://www.awaresystems.be/imaging/tiff/bigtiff.html: + "The StripOffsets, StripByteCounts, TileOffsets, and TileByteCounts tags are + allowed to have the datatype TIFF_LONG8 in BigTIFF. Old datatypes TIFF_LONG, + and TIFF_SHORT where allowed in the TIFF 6.0 specification, are still valid in BigTIFF, too. " + On a practical point of view, this is also compatible on reading/writing of + older libtiff 4.X versions. + + The only glitch I found, which is rather minor, is when using such a BigTIFF + file with TileByteCounts/StripByteCounts written with TIFF_LONG, and updating + it with an older libtiff 4.X version with a change in the + [Tile/Strip][ByteCounts/Offsets] array. In that case the _TIFFRewriteField() + function will rewrite the directory and array with TIFF_LONG8, instead of updating + the existing array (this is an issue fixed by this commit). The file will + still be valid however, hence the minor severity of this. + +2019-05-08 Even Rouault <even.rouault@spatialys.com> + + Merge branch 'bug2799' into 'master' + fix fax2tiff + + See merge request libtiff/libtiff!55 + +2019-05-08 Even Rouault <even.rouault@spatialys.com> + + Merge branch 'bug_2829' into 'master' + WIN32: use tif_win32.c when building with CMake + + See merge request libtiff/libtiff!75 + +2019-05-06 Even Rouault <even.rouault@spatialys.com> + + Merge branch 'FILESOURCE_SCENETYPE_reading' into 'master' + Reading error for FileSource and SceneType tags corrected. + + See merge request libtiff/libtiff!76 + +2019-05-06 Su Laus <sulau@freenet.de> + + Reading error for FileSource and SceneType tags corrected. + EXIF tags FILESOURCE and SCENETYPE are defined as TIFF_UNDEFINED and field_readcount==1! + There is a bug in TIFFReadDirEntryByte() preventing to read correctly type TIFF_UNDEFINED fields with field_readcount==1 + Upgrade of TIFFReadDirEntryByte() with added TIFF_UNDEFINED switch-entry allows libtiff to read those tags correctly. + +2019-04-25 Thomas Bernard <miniupnp@free.fr> + + WIN32: use tif_win32.c when building with CMake. + see http://bugzilla.maptools.org/show_bug.cgi?id=2829 + + the top CMakeLists.txt defines + win32_io and USE_WIN32_FILEIO + + WIN32_IO is defined nowhere in CMake (only in automake things) + +2019-04-25 Even Rouault <even.rouault@spatialys.com> + + Merge branch 'gitlab_pages' into 'master' + Advertise https://libtiff.gitlab.io/libtiff/ as mirror + + See merge request libtiff/libtiff!70 + +2019-04-25 Even Rouault <even.rouault@spatialys.com> + + Merge branch 'bug_2844' into 'master' + tiff2ps.c: PSDataColorContig(): avoid heap buffer overrun + + See merge request libtiff/libtiff!69 + +2019-04-25 Even Rouault <even.rouault@spatialys.com> + + Merge branch 'issue_2785' into 'master' + tiff2pdf.c: don't call t2p_tile_collapse_left() for Ycbcr + + See merge request libtiff/libtiff!64 + +2019-04-11 Even Rouault <even.rouault@spatialys.com> + + Merge branch 'fix_gdal_1439' into 'master' + TIFFWriteEncodedStrip/TIFFWriteEncodedTile: fix rewriting of LZW-compressed data + + See merge request libtiff/libtiff!74 + +2019-04-11 Even Rouault <even.rouault@spatialys.com> + + TIFFWriteEncodedStrip/TIFFWriteEncodedTile: fix rewriting of LZW-compressed data + Fixes https://github.com/OSGeo/gdal/issues/1439 + + When rewriting a LZW tile/strip whose existing size is very close to a multiple of + 1024 bytes (and larger than 8192 bytes) with compressed data that is larger, + the new data was not placed at the end of the file, causing corruption. + +2019-04-08 Even Rouault <even.rouault@spatialys.com> + + Merge branch 'bug2848' into 'master' + tif_luv.c: LogLuvSetupEncode() error must return 0 + + See merge request libtiff/libtiff!72 + +2019-04-03 Thomas Bernard <miniupnp@free.fr> + + build/gitlab-ci: fix typo. + + show test-suite.log in gitlab-ci. + useful when build fails + + Add output check for tiff2ps. + note : the reference files have been generated in master branch + +2019-03-23 Even Rouault <even.rouault@spatialys.com> + + tif_read.c: potentially fix false positive from Coverity Scan. CID 1400288 + + tif_read.c: potentially fix false positive from Coverity Scan. CID 1400271 + + tif_zip.c: remove dead code. CID 1400360. + + tif_webp.c: remove false positive warning about dereference before null check. CID 1400255 + + tif_pixarlog.c: remove dead code. CID 1400342. + + tif_pixarlog.c: avoid false positive Coverity Scan warnings about overflow. CID 1400300 and 1400367 + + tif_lzw.c: silence CoverityScan false positive. CID 1400355. + + tif_luv.c: silence CoverityScan false positive. CID 1400231, 1400251, 1400254, 1400272, 1400318, 1400356 + + TryChopUpUncompressedBigTiff(): avoid potential division by zero. master only. GDAL Coverity CID 1400263 + +2019-03-22 Thomas Bernard <miniupnp@free.fr> + + tif_luv.c: LogLuvSetupEncode() error must return 0. + see http://bugzilla.maptools.org/show_bug.cgi?id=2848 + + if wrongly returning 1, the processing of incorrect file continues, + which causes problems. + +2019-03-22 Thomas Bernard <miniupnp@free.fr> + + add a test for fax2tiff tool. + +2019-02-28 Thomas Bernard <miniupnp@free.fr> + + tiff2pdf.c: don't call t2p_tile_collapse_left() when buffer size is wrong + see http://bugzilla.maptools.org/show_bug.cgi?id=2785 + + Advertise https://libtiff.gitlab.io/libtiff/ as mirror. + I'm put it above the maptools.org mirror because + Even Rouault believe at some point it will be completely removed + +2019-02-28 Even Rouault <even.rouault@spatialys.com> + + Merge branch 'bug_2826' into 'master' + tiff2pdf.c: check colormap pointers when loading CMYK with colormap + + See merge request libtiff/libtiff!65 + +2019-02-28 Thomas Bernard <miniupnp@free.fr> + + tiff2pdf.c: check colormap pointers. + Avoid access to non initialized pointers + http://bugzilla.maptools.org/show_bug.cgi?id=2826 + +2019-02-27 Even Rouault <even.rouault@spatialys.com> + + Merge branch 'fix_warnings' into 'master' + tiff2ps.c: fix warning caused by integer promotion + + See merge request libtiff/libtiff!68 + +2019-02-23 Thomas Bernard <miniupnp@free.fr> + + PSDataColorContig(): avoid heap buffer overrun. + fixes http://bugzilla.maptools.org/show_bug.cgi?id=2844 + each iteration of the loop read nc bytes + +2019-02-22 Thomas Bernard <miniupnp@free.fr> + + tiff2ps.c: fix warning caused by integer promotion. + uint8 value is promoted to int in (value << 24) so -fsanitize + yield runtime errors : + tiff2ps.c:2969:33: runtime error: left shift of 246 by 24 places cannot be represented in type 'int' + +2019-02-22 Even Rouault <even.rouault@spatialys.com> + + Merge branch 'large_strile_improvements' into 'master' + Large strile support improvements + + See merge request libtiff/libtiff!63 + +2019-02-21 Even Rouault <even.rouault@spatialys.com> + + Merge branch 'gitlab-pages' into 'master' + ci: Add pages job + + See merge request libtiff/libtiff!45 + +2019-02-19 Even Rouault <even.rouault@spatialys.com> + + Merge branch 'issue_2833' into 'master' + tiffcp.c: check that (Tile Width)*(Samples/Pixel) do no overflow + + See merge request libtiff/libtiff!60 + +2019-02-19 Even Rouault <even.rouault@spatialys.com> + + Merge branch 'issue_2831' into 'master' + tiffcrop.c: fix invertImage() for bps 2 and 4 + + See merge request libtiff/libtiff!61 + +2019-02-19 Even Rouault <even.rouault@spatialys.com> + + Merge branch 'issue_2842' into 'master' + move _TIFFClampDoubleToFloat() to tif_aux.c + + See merge request libtiff/libtiff!62 + +2019-02-19 Even Rouault <even.rouault@spatialys.com> + + tif_zip.c: allow reading and writing strips/tiles with more than 4 GB of compressed or uncompressed data + + tif_dirread.c: when strip chopping is enabled, extend this mechanism to multi-strip uncompressed files with strips larger than 2GB to expose them as strips of ~500 MB + +2019-02-19 Even Rouault <even.rouault@spatialys.com> + + Merge branch 'size_t_typo' into 'master' + CMakeLists.txt: fix TIFF_SIZE_T + + See merge request libtiff/libtiff!59 + +2019-02-12 Thomas Bernard <miniupnp@free.fr> + + move _TIFFClampDoubleToFloat() to tif_aux.c. + the same function was declared in tif_dir.c and tif_dirwrite.c + + see http://bugzilla.maptools.org/show_bug.cgi?id=2842 + +2019-02-11 Thomas Bernard <miniupnp@free.fr> + + tiffcrop.c: fix invertImage() for bps 2 and 4. + too much bytes were processed, causing a heap buffer overrun + http://bugzilla.maptools.org/show_bug.cgi?id=2831 + the loop counter must be + for (col = 0; col < width; col += 8 / bps) + + Also the values were not properly calculated. It should be + 255-x, 15-x, 3-x for bps 8, 4, 2. + + But anyway it is easyer to invert all bits as 255-x = ~x, etc. + (substracting from a binary number composed of all 1 is like inverting + the bits) + +2019-02-11 Thomas Bernard <miniupnp@free.fr> + + tiffcp.c: use INT_MAX. + + check that (Tile Width)*(Samples/Pixel) do no overflow. + fixes bug 2833 + +2019-02-03 Thomas Bernard <miniupnp@free.fr> + + CMakeLists.txt: fix TIFF_SIZE_T. + +2019-02-02 Even Rouault <even.rouault@spatialys.com> + + Merge branch 'master' into 'master' + Fix for simple memory leak that was assigned CVE-2019-6128. + + See merge request libtiff/libtiff!50 + +2019-02-02 Even Rouault <even.rouault@spatialys.com> + + Merge branch 'bug2835' into 'master' + tiff2ps: fix heap-buffer-overflow + + See merge request libtiff/libtiff!53 + +2019-02-02 Even Rouault <even.rouault@spatialys.com> + + Fix warning (use of uninitialized value) added per d0a842c5dbad2609aed43c701a12ed12461d3405 (fixes https://gitlab.com/libtiff/libtiff/merge_requests/54#note_137742985) + +2019-02-02 Yuri Aksenov <yuri.aksenov@gmail.com> + + fix fax2tiff. + see http://bugzilla.maptools.org/show_bug.cgi?id=2799 + fixes d9bc8472e72549f29c0062c1cbd3d56f279f3be2 + +2019-02-02 Even Rouault <even.rouault@spatialys.com> + + Merge branch 'tiffcrop' into 'master' + tiffcrop: shut up clang warnings + + See merge request libtiff/libtiff!52 + +2019-02-01 Even Rouault <even.rouault@spatialys.com> + + Merge branch 'bug2833' into 'master' + TIFFWriteDirectoryTagTransferfunction() : fix NULL dereferencing + + See merge request libtiff/libtiff!54 + +2019-02-01 Even Rouault <even.rouault@spatialys.com> + + Merge branch 'gitignore' into 'master' + add test/ files to .gitignore + + See merge request libtiff/libtiff!56 + +2019-02-01 Even Rouault <even.rouault@spatialys.com> + + Merge branch 'master' into 'master' + tif_dir: unset transferfunction field if necessary (CVE-2018-19210) + + See merge request libtiff/libtiff!47 + +2019-01-29 Thomas Bernard <miniupnp@free.fr> + + add test/ files to .gitignore. + +2019-01-29 Thomas Bernard <miniupnp@free.fr> + + TIFFWriteDirectoryTagTransferfunction() : fix NULL dereferencing. + http://bugzilla.maptools.org/show_bug.cgi?id=2833 + + we must check the pointer is not NULL before memcmp() the memory + +2019-01-29 Thomas Bernard <miniupnp@free.fr> + + tiff2ps: fix heap-buffer-overflow. + http://bugzilla.maptools.org/show_bug.cgi?id=2834 + + usually the test (i < byte_count) is OK because the byte_count is divisible by samplesperpixel. + But if that is not the case, (i + ncomps) < byte_count should be used, or + maybe (i + samplesperpixel) <= byte_count + +2019-01-28 Thomas Bernard <miniupnp@free.fr> + + tiffcrop: shut up clang warnings. + make the out filename building a bit more simple + and remove the use of strcat() + +2019-01-23 Scott Gayou <github.scott@gmail.com> + + Fix for simple memory leak that was assigned CVE-2019-6128. + pal2rgb failed to free memory on a few errors. This was reported + here: http://bugzilla.maptools.org/show_bug.cgi?id=2836. + +2019-01-05 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> + + Fix tiff2ps error regarding "Inconsistent value of es" by allowing es to be zero. Problem was reported to the tiff mailing list by Julian H. Stacey on January 5, 2019. + +2018-12-13 Hugo Lefeuvre <hle@debian.org> + + tif_dir: unset transferfunction field if necessary. + The number of entries in the transfer table is determined as following: + + (td->td_samplesperpixel - td->td_extrasamples) > 1 ? 3 : 1 + + This means that whenever td->td_samplesperpixel or td->td_extrasamples are + modified we also need to make sure that the number of required entries in + the transfer table didn't change. + + If it changed and the number of entries is higher than before we should + invalidate the transfer table field and free previously allocated values. + In the other case there's nothing to do, additional tf entries won't harm + and properly written code will just ignore them since spp - es < 1. + + For instance this situation might happen when reading an OJPEG compressed + image with missing SamplesPerPixel tag. In this case the SamplesPerPixel + field might be updated after setting the transfer table. + + see http://bugzilla.maptools.org/show_bug.cgi?id=2500 + + This commit addresses CVE-2018-19210. + +2018-12-08 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> + + Do not attempt to re-sync zip stream after reported data error from inflate(). + +2018-12-07 Even Rouault <even.rouault@spatialys.com> + + Merge branch 'resource-leaks' into 'master' + Fix two resource leaks + + See merge request libtiff/libtiff!43 + +2018-12-07 Even Rouault <even.rouault@spatialys.com> + + Merge branch 'build-jbig' into 'master' + add jbig support to the fuzzer + + See merge request libtiff/libtiff!42 + +2018-12-01 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> + + tiffcrop.c: Avoid new clang warning about tools/tiffcrop.c "size argument in 'strncat' call appears to be size of the source". + +2018-11-28 Even Rouault <even.rouault@spatialys.com> + + Merge branch 'webp_memleak' into 'master' + fixed mem leak in webp compression + + See merge request libtiff/libtiff!48 + +2018-11-28 Norman Barker <norman.barker@mapbox.com> + + fixed mem leak in webp compression. + +2018-11-20 Even Rouault <even.rouault@spatialys.com> + + Merge branch 'lossless_webp' into 'master' + fixed lossless webp compression config + + See merge request libtiff/libtiff!46 + +2018-11-20 Norman Barker <norman.barker@mapbox.com> + + fixed lossless webp compression config. + +2018-11-18 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> + + snprintf porting fix for Visual Studio 2003. + +2018-11-18 Roger Leigh <rleigh@codelibre.net> + + ci: Add pages job. + +2018-11-10 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> + + Change references from defunct ftp site to https site. + +2018-11-10 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> + + * configure.ac: libtiff 4.0.10 released. + + Change COMPRESSION_ZSTD to 50000 and COMPRESSION_WEBP to 50001. + +2018-11-04 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> + + Added preliminary release notes for release 4.0.10. + +2018-11-03 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> + + tiff2pdf: Eliminate compiler warning about snprintf output truncation when formatting pdf_datetime. + +2018-11-03 Olivier Paquet <olivier.paquet@gmail.com> + + Merge branch 'no_tif_platform_console' into 'master' + Remove builtin support for GUI warning and error message boxes + + See merge request libtiff/libtiff!24 + +2018-11-03 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> + + tiffcrop.c: Eliminate compiler warning about snprintf output truncation when formatting filenum. + + TWebPVGetField(): Add apparently missing break statement impacting TIFFTAG_WEBP_LOSSLESS. + + Eliminate compiler warnings about duplicate definitions of streq/strneq macros. + + Ignore generated files. + + Remove and ignore files which are a product of autogen.sh. + +2018-11-02 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> + + Fix TIFFErrorExt() formatting of size_t type for 32-bit compiles. + +2018-10-30 Even Rouault <even.rouault@spatialys.com> + + tiff2bw: avoid null pointer dereference in case of out of memory situation. Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2819 / CVE-2018-18661 + + tiffio.h: fix comment. + +2018-10-26 Even Rouault <even.rouault@spatialys.com> + + Merge branch 'header2' into 'master' + Fix 725279bd: Standalone tif_predict.h: tiff.h should be tiffiop.h + + See merge request libtiff/libtiff!41 + +2018-10-26 Kurt Schwehr <schwehr@google.com> + + Fix 725279bd: Standalone tif_predict.h: tiff.h should be tiffiop.h. + +2018-10-25 Even Rouault <even.rouault@spatialys.com> + + Merge branch 'headers' into 'master' + Add includes to headers to allow them to stand alone. + + See merge request libtiff/libtiff!40 + +2018-10-24 Kurt Schwehr <schwehr@google.com> + + Add includes to headers to allow them to stand alone. + This allows compilers that can do header stand alone header parsing + to process libtiff. + +2018-10-18 Even Rouault <even.rouault@spatialys.com> + + LZMAPreEncode: emit verbose error if lzma_stream_encoder() fails (typically because not enough memory available) + +2018-10-17 Even Rouault <even.rouault@spatialys.com> + + tif_webp.c: fix previous commit that broke scanline decoding. + + tif_webp.c: fix potential read outside libwebp buffer on corrupted images + +2018-10-14 Even Rouault <even.rouault@spatialys.com> + + Merge branch 'jbig_decode_overflow' into 'master' + JBIG: fix potential out-of-bounds write in JBIGDecode() + + See merge request libtiff/libtiff!38 + +2018-10-14 Even Rouault <even.rouault@spatialys.com> + + JBIG: fix potential out-of-bounds write in JBIGDecode() + JBIGDecode doesn't check if the user provided buffer is large enough + to store the JBIG decoded image, which can potentially cause out-of-bounds + write in the buffer. + This issue was reported and analyzed by Thomas Dullien. + + Also fixes a (harmless) potential use of uninitialized memory when + tif->tif_rawsize > tif->tif_rawcc + + And in case libtiff is compiled with CHUNKY_STRIP_READ_SUPPORT, make sure + that whole strip data is provided to JBIGDecode() + +2018-10-05 Even Rouault <even.rouault@spatialys.com> + + tif_webp.c: fix scanline reading/writing. + + WEBP codec: initialize nSamples in TWebPSetupDecode() and TWebPSetupEncode() + +2018-10-05 Even Rouault <even.rouault@spatialys.com> + + Merge branch 'tif_webp' into 'master' + webp support + + See merge request libtiff/libtiff!32 + +2018-10-05 Norman Barker <norman.barker@mapbox.com> + + webp in tiff. + +2018-09-17 Even Rouault <even.rouault@spatialys.com> + + Merge branch 'master' into 'master' + fix three potential vulnerabilities. + + See merge request libtiff/libtiff!33 + +2018-09-08 Young_X <YangX92@hotmail.com> + + fix out-of-bound read on some tiled images. + + avoid potential int32 overflows in multiply_ms() + + only read/write TIFFTAG_GROUP3OPTIONS or TIFFTAG_GROUP4OPTIONS if compression is COMPRESSION_CCITTFAX3 or COMPRESSION_CCITTFAX4 + +2018-08-15 Even Rouault <even.rouault@spatialys.com> + + TIFFSetupStrips(): avoid potential uint32 overflow on 32-bit systems with large number of strips. Probably relates to http://bugzilla.maptools.org/show_bug.cgi?id=2788 / CVE-2018-10779 + +2018-08-07 Even Rouault <even.rouault@spatialys.com> + + ZSTD: fix flush issue that can cause endless loop in ZSTDEncode() + Fixes https://github.com/OSGeo/gdal/issues/833 + +2018-08-07 Even Rouault <even.rouault@spatialys.com> + + Merge branch 'fix_bug_2800' into 'master' + Fix libtiff 4.0.8 regression when reading LZW-compressed strips with scanline API + + See merge request libtiff/libtiff!31 + +2018-08-07 Even Rouault <even.rouault@spatialys.com> + + Fix libtiff 4.0.8 regression when reading LZW-compressed strips with scanline API + Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2800 + +2018-07-05 Even Rouault <even.rouault@spatialys.com> + + Add tag and pseudo-tag definitions for ESRI LERC codec (out of tree codec whose source is at https://github.com/OSGeo/gdal/blob/master/gdal/frmts/gtiff/tif_lerc.c) + +2018-07-02 Even Rouault <even.rouault@spatialys.com> + + Fix TIFFTAG_ZSTD_LEVEL pseudo tag value to be > 65536, and the next one in the series + +2018-05-25 Stefan Weil <sw@weilnetz.de> + + Remove builtin support for GUI warning and error message boxes. + Now warnings always go to the console by default unless applications + define their own warning and error handlers. + + GUI applications (and Windows CE) are required to define such handlers. + +2018-05-12 Even Rouault <even.rouault@spatialys.com> + + LZWDecodeCompat(): fix potential index-out-of-bounds write. Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2780 / CVE-2018-8905 + The fix consists in using the similar code LZWDecode() to validate we + don't write outside of the output buffer. + + TIFFFetchNormalTag(): avoid (probably false positive) clang-tidy clang-analyzer-core.NullDereference warnings + + TIFFWriteDirectorySec: avoid assertion. Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2795. CVE-2018-10963 + +2018-05-04 Even Rouault <even.rouault@spatialys.com> + + tif_color.c: fix code comment. + +2018-04-17 Even Rouault <even.rouault@mines-paris.org> + + Merge branch 'fuzzer-fix' into 'master' + remove a pointless multiplication and a variable that's not necessary + + See merge request libtiff/libtiff!29 + +2018-04-17 Paul Kehrer <paul.l.kehrer@gmail.com> + + remove a pointless multiplication and a variable that's not necessary. + +2018-04-17 Even Rouault <even.rouault@mines-paris.org> + + Merge branch 'ossfuzz' into 'master' + move oss-fuzz build script and fuzzer into libtiff tree + + See merge request libtiff/libtiff!28 + +2018-04-17 Paul Kehrer <paul.l.kehrer@gmail.com> + + move oss-fuzz build script and fuzzer into libtiff tree. + +2018-04-14 Even Rouault <even.rouault@spatialys.com> + + _TIFFGetMaxColorChannels: update for LOGLUV, ITULAB and ICCLAB that have 3 color channels + +2018-04-12 Even Rouault <even.rouault@spatialys.com> + + Fix MSVC warning. + +2018-04-12 Even Rouault <even.rouault@mines-paris.org> + + Merge branch 'master' into 'master' + Fix NULL pointer dereference in TIFFPrintDirectory (bugzilla 2778/CVE-2018-7456) + + See merge request libtiff/libtiff!27 + +2018-04-11 Hugo Lefeuvre <hle@debian.org> + + Fix NULL pointer dereference in TIFFPrintDirectory. + The TIFFPrintDirectory function relies on the following assumptions, + supposed to be guaranteed by the specification: + + (a) A Transfer Function field is only present if the TIFF file has + photometric type < 3. + + (b) If SamplesPerPixel > Color Channels, then the ExtraSamples field + has count SamplesPerPixel - (Color Channels) and contains + information about supplementary channels. + + While respect of (a) and (b) are essential for the well functioning of + TIFFPrintDirectory, no checks are realized neither by the callee nor + by TIFFPrintDirectory itself. Hence, following scenarios might happen + and trigger the NULL pointer dereference: + + (1) TIFF File of photometric type 4 or more has illegal Transfer + Function field. + + (2) TIFF File has photometric type 3 or less and defines a + SamplesPerPixel field such that SamplesPerPixel > Color Channels + without defining all extra samples in the ExtraSamples fields. + + In this patch, we address both issues with respect of the following + principles: + + (A) In the case of (1), the defined transfer table should be printed + safely even if it isn't 'legal'. This allows us to avoid expensive + checks in TIFFPrintDirectory. Also, it is quite possible that + an alternative photometric type would be developed (not part of the + standard) and would allow definition of Transfer Table. We want + libtiff to be able to handle this scenario out of the box. + + (B) In the case of (2), the transfer table should be printed at its + right size, that is if TIFF file has photometric type Palette + then the transfer table should have one row and not three, even + if two extra samples are declared. + + In order to fulfill (A) we simply add a new 'i < 3' end condition to + the broken TIFFPrintDirectory loop. This makes sure that in any case + where (b) would be respected but not (a), everything stays fine. + + (B) is fulfilled by the loop condition + 'i < td->td_samplesperpixel - td->td_extrasamples'. This is enough as + long as (b) is respected. + + Naturally, we also make sure (b) is respected. This is done in the + TIFFReadDirectory function by making sure any non-color channel is + counted in ExtraSamples. + + This commit addresses CVE-2018-7456. + +2018-03-27 Even Rouault <even.rouault@mines-paris.org> + + Merge branch 'tiffset-long8' into 'master' + tiffset: Add support for LONG8, SLONG8 and IFD8 field types + + See merge request libtiff/libtiff!25 + +2018-03-26 Roger Leigh <rleigh@codelibre.net> + + port: Clean up NetBSD sources and headers to build standalone. + +2018-03-23 Roger Leigh <rleigh@dundee.ac.uk> + + port: Add strtol, strtoll and strtoull. + Also update strtoul. All use the same implementation from NetBSD libc. + + tiffset: Add support for LONG8, SLONG8 and IFD8 field types. + +2018-03-17 Even Rouault <even.rouault@spatialys.com> + + ChopUpSingleUncompressedStrip: avoid memory exhaustion (CVE-2017-11613) + Rework fix done in 3719385a3fac5cfb20b487619a5f08abbf967cf8 to work in more + cases like https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=6979. + Credit to OSS Fuzz + + Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2724 + +2018-03-13 Even Rouault <even.rouault@spatialys.com> + + libtiff/tif_luv.c: rewrite loops in a more readable way (to avoid false positive reports like http://bugzilla.maptools.org/show_bug.cgi?id=2779) + +2018-03-13 Even Rouault <even.rouault@mines-paris.org> + + Merge branch 'avoid_memory_exhaustion_in_ChopUpSingleUncompressedStrip' into 'master' + ChopUpSingleUncompressedStrip: avoid memory exhaustion (CVE-2017-11613) + + See merge request libtiff/libtiff!26 + +2018-03-11 Even Rouault <even.rouault@spatialys.com> + + ChopUpSingleUncompressedStrip: avoid memory exhaustion (CVE-2017-11613) + In ChopUpSingleUncompressedStrip(), if the computed number of strips is big + enough and we are in read only mode, validate that the file size is consistent + with that number of strips to avoid useless attempts at allocating a lot of + memory for the td_stripbytecount and td_stripoffset arrays. + + Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2724 + +2018-03-10 Even Rouault <even.rouault@spatialys.com> + + Typo fix in comment. + +2018-03-03 Even Rouault <even.rouault@spatialys.com> + + Avoid warning with gcc 8 (partially revert 647b0e8c11ee11896f319b92cf110775f538d75c) + +2018-02-25 Even Rouault <even.rouault@mines-paris.org> + + Merge branch 'typos' into 'master' + Fix some typos + + See merge request libtiff/libtiff!23 + +2018-02-24 Stefan Weil <sw@weilnetz.de> + + Fix some typos. + Most of them were found by codespell. + +2018-02-14 Even Rouault <even.rouault@spatialys.com> + + Typo fix in comment. + + Merge branch 'zstd' + + Add warning about COMPRESSION_ZSTD not being officialy registered. + +2018-02-14 Even Rouault <even.rouault@mines-paris.org> + + Merge branch 'bug2772' into 'master' + Fix for bug 2772 + + See merge request libtiff/libtiff!20 + +2018-02-12 Nathan Baker <nathanb@lenovo-chrome.com> + + Fix for bug 2772. + It is possible to craft a TIFF document where the IFD list is circular, + leading to an infinite loop while traversing the chain. The libtiff + directory reader has a failsafe that will break out of this loop after + reading 65535 directory entries, but it will continue processing, + consuming time and resources to process what is essentially a bogus TIFF + document. + + This change fixes the above behavior by breaking out of processing when + a TIFF document has >= 65535 directories and terminating with an error. + +2018-02-09 Even Rouault <even.rouault@mines-paris.org> + + Merge branch 'libtiff-as-subdirectory-fixes' into 'master' + Prefer target_include_directories + + See merge request libtiff/libtiff!12 + +2018-02-06 Even Rouault <even.rouault@mines-paris.org> + + Merge branch 'cmake-cleanups' into 'master' + Cmake cleanups + + See merge request libtiff/libtiff!11 + +2018-02-06 Even Rouault <even.rouault@mines-paris.org> + + Merge branch 'check-right-cxx-variable' into 'master' + Check right cxx variable + + See merge request libtiff/libtiff!19 + +2018-02-06 Even Rouault <even.rouault@mines-paris.org> + + Merge branch 'dont-leak-stream-open' into 'master' + Fix a memory leak in TIFFStreamOpen + + See merge request libtiff/libtiff!17 + +2018-02-06 Ben Boeckel <ben.boeckel@kitware.com> + + cmake: check CXX_SUPPORT. + This variable is set in response to the `cxx` cache variable; use it + instead. + +2018-02-04 Olivier Paquet <olivier.paquet@gmail.com> + + Merge branch 'warnings' into 'master' + Fix all compiler warnings for default build + + See merge request libtiff/libtiff!16 + +2018-02-04 Nathan Baker <elitebadger@gmail.com> + + Fix all compiler warnings for default build. + +2018-01-30 Paul Kehrer <paul.l.kehrer@gmail.com> + + tabs are hard. + +2018-01-29 Paul Kehrer <paul.l.kehrer@gmail.com> + + use hard tabs like the rest of the project. + + Fix a memory leak in TIFFStreamOpen. + TIFFStreamOpen allocates a new tiff{o,i}s_data, but if TIFFClientOpen + fails then that struct is leaked. Delete it if the returned TIFF * is + null. + +2018-01-29 Kevin Funk <kfunk@kde.org> + + Bump minimum required CMake version to v2.8.11. + Because we use the BUILD_INTERFACE generator expression + +2018-01-27 Even Rouault <even.rouault@mines-paris.org> + + Merge branch 'patch-1' into 'master' + Update CMakeLists.txt for build fix on Windows + + See merge request libtiff/libtiff!14 + +2018-01-27 Even Rouault <even.rouault@mines-paris.org> + + Merge branch 'patch-2' into 'master' + Update tiffgt.c for build fix on Windows + + See merge request libtiff/libtiff!13 + +2018-01-25 Olivier Paquet <olivier.paquet@gmail.com> + + Merge branch 'bug2750' into 'master' + Add workaround to pal2rgb buffer overflow. + + See merge request libtiff/libtiff!15 + +2018-01-25 Nathan Baker <elitebadger@gmail.com> + + Add workaround to pal2rgb buffer overflow. + +2018-01-23 Andrea <andrea@andreaplanet.com> + + Update tiffgt.c for build fix on Windows. + + Update CMakeLists.txt for build fix on Windows. + +2018-01-15 Even Rouault <even.rouault@mines-paris.org> + + Merge branch 'has-attribute-check' into 'master' + tiffiop: use __has_attribute to detect the no_sanitize attribute + + See merge request libtiff/libtiff!10 + +2018-01-15 Ben Boeckel <ben.boeckel@kitware.com> + + cmake: avoid setting hard-coded variables in the cache. + + cmake: avoid an unnecessary intermediate variable. + + cmake: avoid an unnecessary intermediate variable. + + cmake: avoid tautological logic. + + cmake: use check_symbol_exists. + This accounts for symbols being provided by macros. + + cmake: remove unused configure checks. + +2018-01-12 Kevin Funk <kfunk@kde.org> + + Prefer target_include_directories. + When libtiff is included in a super project via a simple + `add_subdirectory(libtiff)`, this way the `tiff` library target has all + the necessary information to build against it. + + Note: The BUILD_INTERFACE generator expression feature requires at least + CMake v2.8.11 if I'm correct. + +2018-01-09 Ben Boeckel <ben.boeckel@kitware.com> + + tiffiop: use __has_attribute to detect the no_sanitize attribute. + +2017-12-31 Even Rouault <even.rouault@spatialys.com> + + man/TIFFquery.3tiff: remove reference to non-existing TIFFReadStrip() function in TIFFIsByteSwapped() documentation. Patch by Eric Piel. Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2763 + + libtiff/tif_dir.c: _TIFFVGetField(): fix heap out-of-bounds access when requesting TIFFTAG_NUMBEROFINKS on a EXIF directory. Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2765. Reported by Google Autofuzz project + + libtiff/tif_print.c: TIFFPrintDirectory(): fix null pointer dereference on corrupted file. Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2770 + +2017-12-21 Even Rouault <even.rouault@spatialys.com> + + Add libzstd to gitlab-ci. + +2017-12-21 Even Rouault <even.rouault@spatialys.com> + + Add ZSTD compression codec. + From https://github.com/facebook/zstd + "Zstandard, or zstd as short version, is a fast lossless compression + algorithm, targeting real-time compression scenarios at zlib-level + and better compression ratios. It's backed by a very fast entropy stage, + provided by Huff0 and FSE library." + + We require libzstd >= 1.0.0 so as to be able to use streaming compression + and decompression methods. + + The default compression level we have selected is 9 (range goes from 1 to 22), + which experimentally offers equivalent or better compression ratio than + the default deflate/ZIP level of 6, and much faster compression. + + For example on a 6600x4400 16bit image, tiffcp -c zip runs in 10.7 seconds, + while tiffcp -c zstd runs in 5.3 seconds. Decompression time for zip is + 840 ms, and for zstd 650 ms. File size is 42735936 for zip, and + 42586822 for zstd. Similar findings on other images. + + On a 25894x16701 16bit image, + + Compression time Decompression time File size + + ZSTD 35 s 3.2 s 399 700 498 + ZIP/Deflate 1m 20 s 4.9 s 419 622 336 + +2017-12-10 Even Rouault <even.rouault@mines-paris.org> + + Merge branch 'fix_cve-2017-9935' into 'master' + Fix CVE-2017-9935 + + See merge request libtiff/libtiff!7 + +2017-12-10 Brian May <brian@linuxpenguins.xyz> + + tiff2pdf: Fix apparent incorrect type for transfer table. + The standard says the transfer table contains unsigned 16 bit values, + I have no idea why we refer to them as floats. + +2017-12-10 Brian May <brian@linuxpenguins.xyz> + + tiff2pdf: Fix CVE-2017-9935. + Fix for http://bugzilla.maptools.org/show_bug.cgi?id=2704 + + This vulnerability - at least for the supplied test case - is because we + assume that a tiff will only have one transfer function that is the same + for all pages. This is not required by the TIFF standards. + + We than read the transfer function for every page. Depending on the + transfer function, we allocate either 2 or 4 bytes to the XREF buffer. + We allocate this memory after we read in the transfer function for the + page. + + For the first exploit - POC1, this file has 3 pages. For the first page + we allocate 2 extra extra XREF entries. Then for the next page 2 more + entries. Then for the last page the transfer function changes and we + allocate 4 more entries. + + When we read the file into memory, we assume we have 4 bytes extra for + each and every page (as per the last transfer function we read). Which + is not correct, we only have 2 bytes extra for the first 2 pages. As a + result, we end up writing past the end of the buffer. + + There are also some related issues that this also fixes. For example, + TIFFGetField can return uninitalized pointer values, and the logic to + detect a N=3 vs N=1 transfer function seemed rather strange. + + It is also strange that we declare the transfer functions to be of type + float, when the standard says they are unsigned 16 bit values. This is + fixed in another patch. + + This patch will check to ensure that the N value for every transfer + function is the same for every page. If this changes, we abort with an + error. In theory, we should perhaps check that the transfer function + itself is identical for every page, however we don't do that due to the + confusion of the type of the data in the transfer function. + +2017-12-10 Even Rouault <even.rouault@mines-paris.org> + + Merge branch 'undef-warn-fixes' into 'master' + Fix a couple of harmless but annoying -Wundef warnings + + See merge request libtiff/libtiff!8 + +2017-12-07 Vadim Zeitlin <vadim@zeitlins.org> + + Remove tests for undefined SIZEOF_VOIDP. + As configure never uses AC_CHECK_SIZEOF(void*), this symbol is never + defined and so it doesn't make sense to test it in the code, this just + results in -Wundef warnings if they're enabled. + + Avoid harmless -Wundef warnings for __clang_major__ + Check that we're using Clang before checking its version. + +2017-12-02 Even Rouault <even.rouault@mines-paris.org> + + Merge branch 'remove_autogenerated_files' into 'master' + Remove autogenerated files + + See merge request libtiff/libtiff!5 + +2017-12-02 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> + + Merge branch 'tif_config_h_includes' into 'master' + 'tif_config.h' or 'tiffiop.h' must be included before any system header. + + See merge request libtiff/libtiff!6 + +2017-12-02 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> + + 'tif_config.h' or 'tiffio.h' must be included before any system header. + +2017-12-01 Even Rouault <even.rouault@spatialys.com> + + .gitignore: add patterns for build from root. + + Remove remaining .cvsignore files. + + Remove autoconf/automake generated files, and add them to .gitignore. + +2017-12-01 Olivier Paquet <olivier.paquet@gmail.com> + + Merge branch 'makedistcheck' into 'master' + build/gitlab-ci and build/travis-ci: add a 'make dist' step in autoconf_build()… + + See merge request libtiff/libtiff!4 + +2017-12-01 Even Rouault <even.rouault@spatialys.com> + + build/gitlab-ci and build/travis-ci: add a 'make dist' step in autoconf_build() target, to check we are release-ready + +2017-12-01 Even Rouault <even.rouault@mines-paris.org> + + Merge branch 'git_updates' into 'master' + CVS to Git updates + + See merge request libtiff/libtiff!2 + +2017-12-01 Even Rouault <even.rouault@spatialys.com> + + HOWTO-RELEASE: update to use signed tags. + + README.md: use markdown syntax for hyperlinks. + +2017-11-30 Even Rouault <even.rouault@spatialys.com> + + Add .gitignore. + + Regenerate autoconf files. + + Makefile.am: update to reflect removal of README.vms and README -> README.md + + Remove all $Id and $Headers comments with CVS versions. + + HOWTO-RELEASE: update for git. + + Remove outdated .cvsignore. + + Remove outdated commit script. + + Remove README.vms. + + Rename README as README.md, and update content. + + html/index.html: reflect change from CVS to gitlab. + +2017-11-30 Olivier Paquet <olivier.paquet@gmail.com> + + Merge branch 'test-ci' into 'master' + Update CI configuration + + See merge request libtiff/libtiff!1 + +2017-11-23 Roger Leigh <rleigh@codelibre.net> + + appveyor: Correct path for git clone and skip artefact archival. + +2017-11-22 Roger Leigh <rleigh@codelibre.net> + + travis-ci: Remove unused matrix exclusion. + + Add gitlab-ci build support. + 2017-11-18 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> * configure.ac: libtiff 4.0.9 released. @@ -1849,7 +3428,7 @@ * libtiff/tif_jpeg.c: in JPEGFixupTags(), recognize SOF2, SOF9 and SOF10 markers to avoid emitting a warning (even if, according to the TechNote, - there are admitedly unusual/not recommended or even forbidden variants, but + there are admittedly unusual/not recommended or even forbidden variants, but they do work well with libjpeg for SOF2, and with libjpeg-turbo for SOF2, SOF9 and SOF10). Define in_color_space and input_components to the right values in @@ -2432,7 +4011,7 @@ 2012-05-19 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> * man/TIFFGetField.3tiff: Correct the 'count' field type in the - example for how to retreive the value of unsupported tags. + example for how to retrieve the value of unsupported tags. 2012-03-30 Frank Warmerdam <warmerdam@google.com> @@ -3039,7 +4618,7 @@ 2010-04-21 Frank Warmerdam <warmerdam@pobox.com> - * libtiff/tif_jpeg.c: avoid preparing jpeg tables everytime + * libtiff/tif_jpeg.c: avoid preparing jpeg tables every time JPEGSetupEncode() is called if the tables already seem to be established. This prevents spurious updates and rewriting of directories with jpegtables when doing updates to existing images. @@ -3371,7 +4950,7 @@ * test/common.sh - start verbose mode after common settings. - * libtiff/tif_dirinfo.c: Replace lfind() with local equivelent to + * libtiff/tif_dirinfo.c: Replace lfind() with local equivalent to avoid type mismatches on different platforms. http://bugzilla.maptools.org/show_bug.cgi?id=1889 @@ -3518,7 +5097,7 @@ * tools/tiffdump.c: When compiling for Microsoft Windows, apply consistent (__int64) casting when testing if _lseeki64 has - successfully seeked as requested. This is necessary for large + successfully sought as requested. This is necessary for large file support to work since off_t is only 32-bit. 2008-07-29 Frank Warmerdam <warmerdam@pobox.com> @@ -4316,7 +5895,7 @@ btiff/tif_win32.c: Replace custom Win32 memory api with generic * libtiff/tif_getimage.c: replaced usage of TIFFScanlineSize in gtStripContig with TIFFNewScanlineSize so as to fix buggy behaviour on subsampled images - this ought to get sorted when we feel brave - enough to replace TIFFScanlineSize alltogether + enough to replace TIFFScanlineSize altogether * libtiff/tif_ojpeg.c: fixed bug in OJPEGReadSkip @@ -4974,7 +6553,7 @@ btiff/tif_win32.c: Replace custom Win32 memory api with generic 2005-06-03 Andrey Kiselev <dron@ak4719.spb.edu> - * libtiff/tif_open.c: Replace runtime endianess check with the compile + * libtiff/tif_open.c: Replace runtime endianness check with the compile time one. * libtiff/tif_predict.c: Floating point predictor now works on @@ -6316,7 +7895,7 @@ btiff/tif_win32.c: Replace custom Win32 memory api with generic 2003-11-16 Andrey Kiselev <dron@ak4719.spb.edu> * libtiff/{tiff.h, tif_dirinfo.c}: Added support for IFD (13) - datatype, intruduced in "Adobe PageMaker TIFF Tech. Notes". + datatype, introduced in "Adobe PageMaker TIFF Tech. Notes". 2003-11-15 Frank Warmerdam <warmerdam@pobox.com> @@ -6627,7 +8206,7 @@ btiff/tif_win32.c: Replace custom Win32 memory api with generic * contrib/ojpeg/{Makefile.in, jdhuff.h, jinclude.h, ojpeg.c, README}, configure, Makefile.in: Improved libtiff compilation with OJPEG - support. Now no need for patching IJG JPEG library, hack requred by + support. Now no need for patching IJG JPEG library, hack required by libtiff will be compiled and used in-place. Implemented with suggestion and help from Bill Allombert, Debian's libjpeg maintainer. @@ -7485,7 +9064,7 @@ btiff/tif_win32.c: Replace custom Win32 memory api with generic sizes. It fixes two problems: Without scaling (-S) the fax is now centered on the page size specified - with -H and/or -W. Before, fax2ps was using an obscure and practially + with -H and/or -W. Before, fax2ps was using an obscure and practically useless algorithm to allocate the image relative to Letter sized paper which sometime sled to useless whitespace on the paper, while at the same time cutting of the faxes printable area at the opposite border. |