xymp
/
exiv2
3
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
7,853 Commits
2 Branches
0 Tags
119 MiB
v0.27.3
main
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '4901c5dba6'
${ noResults }
Commit Graph

103 Commits (4901c5dba6be9f2afa6bb48a0b4efcedc22fb5a6)

Author SHA1 Message Date
Kevin Backhouse 9ff72e5ca5
Make offset=0 the default parameter. 4 years ago
Kevin Backhouse c9d0cf3643
Make fields of DataBuf private. 4 years ago
Kevin Backhouse ffde235336
Add comment to explain the bounds-check. 4 years ago
Kevin Backhouse 67e2ef5ccd
Check size before allocation to avoid out-of-memory errors. 4 years ago
Kevin Backhouse ff00771425 Better bounds checking in Jp2Image::printStructure 
(cherry picked from commit 0fcdde80997913dde284ea98f06f9305d06cb160)
 4 years ago
Kevin Backhouse d30c95d07e fix incorrect loop condition (#1752) 4 years ago
Rosen Penev 743da1a564 clang-tidy: use C++ casting 
Found with google-readability-casting

Signed-off-by: Rosen Penev <rosenp@gmail.com>
 4 years ago
Rosen Penev b8712188bb clang-tidy: use auto 
Found with modernize-use-auto

Signed-off-by: Rosen Penev <rosenp@gmail.com>
 4 years ago
Rosen Penev c73dfa0106 clang-tidy: use uppercase numeric literals 
Found with readability-uppercase-literal-suffix

Signed-off-by: Rosen Penev <rosenp@gmail.com>
 4 years ago
Rosen Penev 8337462032 clang-tidy: use empty() instead of comparing size 
Found with readability-container-size-empty

Signed-off-by: Rosen Penev <rosenp@gmail.com>
 4 years ago
Kevin Backhouse 170b18db74
Merge pull request #1621 from Exiv2/mergify/bp/main/pr-1591 
Fix infinite loop caused by subBox with zero size. (backport #1591)
 4 years ago
Kevin Backhouse 566ea272a1 Prevent large allocation. 
(cherry picked from commit f154f0ae540deeb9251467187d01c2a5846d27b5)
 4 years ago
Kevin Backhouse aac34630d4 Fix infinite loop caused by subBox with zero size. 
(cherry picked from commit 2736126e7b92c5654f56620c097f9a4580c0f73b)
 4 years ago
Rosen Penev 1dc1186760 clang-tidy: simplify boolean expressions 
Found with readability-simplify-boolean-expr

Signed-off-by: Rosen Penev <rosenp@gmail.com>
 4 years ago
Kevin Backhouse 57cad2619b Add bounds check in Jp2Image::doWriteMetadata(). 
(cherry picked from commit e6a0982f7cd9282052b6e3485a458d60629ffa0b)
 4 years ago
Kevin Backhouse b3de96f4b4 Add more bounds checks in Jp2Image::encodeJp2Header 4 years ago
Kevin Backhouse 23c1cda99d Fix signed/unsigned compiler warnings. 4 years ago
Kevin Backhouse f930883919 Better bounds checking in Jp2Image::encodeJp2Header() 4 years ago
Luis Díaz Más de4d43d4d1 Fix warnings EXIV2_TEAM_EXTRA_WARNINGS 
Most of the warnings fixed were:
- Hiding of local variables
- Hiding of globals
- Useless casts
- Conversions between float/double
 4 years ago
Robin Mills d73dd0874d Fix icc_test which is failing on Linux: 
luis@ryzenLinux:/media/linuxDev/programming/exiv2/buildReleaseSanitizers$ cp large.icc Reagan2.icc
luis@ryzenLinux:/media/linuxDev/programming/exiv2/buildReleaseSanitizers$ bin/exiv2 -iC /tmp/Reagan2.jp2
/media/linuxDev/programming/exiv2/src/jp2image.cpp:661:28: runtime error: reference binding to misaligned address 0x61f000002a9e for type 'const struct Jp2BoxHeader', which requires 4 byte alignment
0x61f000002a9e: note: pointer points here
 07 07 01 00 00 00  0c 53 63 6f 6c 72 02 00  00 00 00 0c 48 4c 69 6e  6f 02 10 00 00 6d 6e 74  72 52
 4 years ago
Luis Díaz Más 0bbaa6eff3 cpp: Replace auto_ptr by unique_ptr 4 years ago
Pydera 13e5a3e023 Fix out of buffer access in #1529 4 years ago
Robin Mills 22ea582c6b fix_1522_jp2image_exif_asan 4 years ago
Robin Mills d632988bbd Massive code prolog cleanup. 4 years ago
Robin Mills 22ed9b157b Fixed typo declaration of pad when writing ICC profile. 5 years ago
Robin Mills 181dd47385 Fix correctly this time and tested with the user files. Test suite updated to use Reagan2.jp2 5 years ago
Robin Mills b91de7acd0 fix_1236_0.27 5 years ago
clanmills 1b917c3f7d Fix #1011 fix_1011_jp2_readmetadata_loop 6 years ago
Luis Díaz Más 113136e134 Replace DEBUG with EXIV2_DEBUG_MESSAGES 
Fixes #926
 6 years ago
Luis Díaz Más 51f3910413 [jp2image] Limit data representation to 30 bytes 
- fixes #744
 6 years ago
D4N adfc01f2e0 Update tests/bugfixes/github/test_issue_742.py 
Co-Authored-By: piponazo <piponazo@gmail.com>
(cherry picked from commit 39d8904696338d5bd4a9c7e9a96a798a791d0973)
 6 years ago
Luis Diaz Mas 25ddbaa6c0 Make subBox.length check in jp2image.cpp more robust 
(cherry picked from commit a154b992ccad71a7d95a94cdedb933fa66a51b61)
 6 years ago
Luis Díaz Más 8c81e1146c clang-format Jp2Image::printStructure() 
(cherry picked from commit b6e4ca0a8cfff1ad0f6040901382863cccee33cb)

# Conflicts:
#	src/jp2image.cpp
 6 years ago
Luis Díaz Más 051b5d9df1 Fix #742 by detecting incorrect subBox size 
(cherry picked from commit 1bdd3eab5ebdde324dbfecc3fb6d6495b32d2e4d)
 6 years ago
Luis Díaz Más 436b0f87b5 Add missing header when -DDEBUG is present 6 years ago
Robin Mills a33041a8b7 Fix: https://github.com/Exiv2/exiv2/issues/562 for stringFormat() crashes. 7 years ago
Dan Čermák 962962a8e9 Port Iptc::printStructure & getUshort to slices API 
This fixes #211, #210, #209
 7 years ago
Dan Čermák fec6535ae8 [binaryToString] Reimplement using Slices 
- reimplement binaryToString:
  - it now accepts a Slice and nothing else
  - it does not return a std::string but instead a proxy object that implements
    operator<< (this should be more efficient, as we do not need to touch the
    heap in most cases)
- addapt unit tests
- replace all occurences with the new API
 7 years ago
Roberto C. Sánchez c03f73268f Prevent SIGABRT on excessive subBox length in jp2image.cpp 
This fixes CVE-2018-9145
 7 years ago
Luis Díaz Más 603692a1d8 Copyright to Exiv2 authors 7 years ago
Luis Díaz Más ffbcaa2e6d Fix MSVC warning C4267: conversion from 'size_t' to 'long' 7 years ago
Dan Čermák efe2ccdcb6 Replaced all hardcoded error codes with ker... constants 7 years ago
Dan Čermák fcb4257051 Add check for DataBuf.size_ in Jp2Image::readMetadata() 
When parsing a subBox that is a ColorHeader, a length is extracted
from the input file and fed directly into DataBuf() (which calls
malloc). A crafted input file can provide arbitrarily (up to
max(uint32_t)-8) large values and result in excessive memory
allocation.

This commit adds a check for the new size of DataBuf so that it is not
larger than the remaining size of the file.

This fixes #202 aka CVE-2018-4868
 7 years ago
Luis Diaz Mas d09c4bb7cd Fix arithmetic operation overflow 8 years ago
tbeu 5b5987a596 Remove obsolete EXIV2_RCSID 8 years ago
tbeu 5df8b01b77 Remove obsolete svn revision 8 years ago
Robin Mills e96e0daa8a Jp2Image::printStructure: Corrected used DataBuf for output 8 years ago
Robin Mills befe8c64e3 Jp2Image::printStructure: only print output when bPrint is set 8 years ago
Robin Mills 13db7fdec2 Formatting changes 8 years ago
Dan Čermák ff18fec24b Fix for CVE-2017-14860 
A heap buffer overflow could occur in memcpy when icc.size_ is larger
than data.size_ - pad, as then memcpy would read out of bounds of data.

This commit adds a sanity check to iccLength (= icc.size_): if it is
larger than data.size_ - pad (i.e. an overflow would be caused) an
exception is thrown.

This fixes #71.
 8 years ago