2024-09-15 09:08:10 by Adam Ciarcinski | Files touched by this commit (2) | |
Log message:
libjpeg-turbo: updated to 3.0.4
3.0.4
Significant changes relative to 3.0.3:
1. Fixed an issue whereby the CPU usage of the default marker processor in the
decompressor grew exponentially with the number of markers. This caused an
unreasonable slow-down in `jpeg_read_header()` if an application called
`jpeg_save_markers()` to save markers of a particular type and then attempted
to decompress a JPEG image containing an excessive number of markers of that
type.
2. Hardened the default marker processor in the decompressor to guard against
an issue (exposed by 3.0 beta2[6]) whereby attempting to decompress a
specially-crafted malformed JPEG image (specifically an image with a complete
12-bit-per-sample Start Of Frame segment followed by an incomplete
8-bit-per-sample Start Of Frame segment) using buffered-image mode and input
prefetching caused a segfault if the `fill_input_buffer()` method in the
calling application's custom source manager incorrectly returned `FALSE` in
response to a prematurely-terminated JPEG data stream.
3. Fixed an issue in cjpeg whereby, when generating a 12-bit-per-sample or
16-bit-per-sample lossless JPEG image, specifying a point transform value
greater than 7 resulted in an error ("Invalid progressive/lossless \
parameters")
unless the `-precision` option was specified before the `-lossless` option.
4. Fixed a regression introduced by 3.0.3[3] that made it impossible for
calling applications to generate 12-bit-per-sample arithmetic-coded lossy JPEG
images using the TurboJPEG API.
5. Fixed an error ("Destination buffer is not large enough") that \
occurred when
attempting to generate a full-color lossless JPEG image using the TurboJPEG
Java API's `byte[] TJCompressor.compress()` method if the value of
`TJ.PARAM_SUBSAMP` was not `TJ.SAMP_444`.
6. Fixed a segfault in djpeg that occurred if a negative width was specified
with the `-crop` option. Since the cropping region width was read into an
unsigned 32-bit integer, a negative width was interpreted as a very large
value. With certain negative width and positive left boundary values, the
bounds checks in djpeg and `jpeg_crop_scanline()` overflowed and did not detect
the out-of-bounds width, which caused a buffer overrun in the upsampling or
color conversion routine. Both bounds checks now use 64-bit integers to guard
against overflow, and djpeg now checks for negative numbers when it parses the
crop specification from the command line.
7. Fixed an issue whereby the TurboJPEG lossless transformation function and
methods checked the specified cropping region against the source image
dimensions and level of chrominance subsampling rather than the destination
image dimensions and level of chrominance subsampling, which caused some
cropping regions to be unduly rejected when performing 90-degree rotation,
270-degree rotation, transposition, transverse transposition, or grayscale
conversion.
8. Fixed an issue whereby the TurboJPEG lossless transformation function and
methods did not honor `TJXOPT_COPYNONE`/`TJTransform.OPT_COPYNONE` unless it
was specified for all lossless transforms.
|
2024-08-25 08:19:21 by Thomas Klausner | Files touched by this commit (575) |
Log message:
*: replace CMAKE_ARGS with CMAKE_CONFIGURE_ARGS
|
2024-05-09 11:55:51 by Adam Ciarcinski | Files touched by this commit (2) | |
Log message:
libjpeg-turbo: updated to 3.0.3
3.0.3
Significant changes relative to 3.0.2:
1. Fixed an issue in the build system, introduced in 3.0.2, that caused all
libjpeg-turbo components to depend on the Visual C++ run-time DLL when built
with Visual C++ and CMake 3.15 or later, regardless of value of the
`WITH_CRT_DLL` CMake variable.
2. The x86-64 SIMD extensions now include support for Intel Control-flow
Enforcement Technology (CET), which is enabled automatically if CET is enabled
in the C compiler.
3. Fixed a regression introduced by 3.0 beta2[6] that made it impossible for
calling applications to supply custom Huffman tables when generating
12-bit-per-component lossy JPEG images using the libjpeg API.
4. Fixed a segfault that occurred when attempting to use the jpegtran `-drop`
option with a specially-crafted malformed input image or drop image
(specifically an image in which all of the scans contain fewer components than
the number of components specified in the Start Of Frame segment.)
|
2024-01-24 22:59:48 by Adam Ciarcinski | Files touched by this commit (2) | |
Log message:
libjpeg-turbo: updated to 3.0.2
3.0.2
=====
Significant changes relative to 3.0.1:
1. Fixed a signed integer overflow in the `tj3CompressFromYUV8()`,
`tj3DecodeYUV8()`, `tj3DecompressToYUV8()`, and `tj3EncodeYUV8()` functions,
detected by the Clang and GCC undefined behavior sanitizers, that could be
triggered by setting the `align` parameter to an unreasonably large value.
This issue did not pose a security threat, but removing the warning made it
easier to detect actual security issues, should they arise in the future.
2. Introduced a new parameter (`TJPARAM_MAXMEMORY` in the TurboJPEG C API and
`TJ.PARAM_MAXMEMORY` in the TurboJPEG Java API) and a corresponding TJBench
option (`-maxmemory`) for specifying the maximum amount of memory (in
megabytes) that will be allocated for intermediate buffers, which are used with
progressive JPEG compression and decompression, optimized baseline entropy
coding, lossless JPEG compression, and lossless transformation. The new
parameter and option serve the same purpose as the `max_memory_to_use` field in
the `jpeg_memory_mgr` struct in the libjpeg API, the `JPEGMEM` environment
variable, and the cjpeg/djpeg/jpegtran `-maxmemory` option.
3. Introduced a new parameter (`TJPARAM_MAXPIXELS` in the TurboJPEG C API and
`TJ.PARAM_MAXPIXELS` in the TurboJPEG Java API) and a corresponding TJBench
option (`-maxpixels`) for specifying the maximum number of pixels that the
decompression, lossless transformation, and packed-pixel image loading
functions/methods will process.
4. Fixed an error ("Unsupported color conversion request") that \
occurred when
attempting to decompress a 3-component lossless JPEG image without an Adobe
APP14 marker. The decompressor now assumes that a 3-component lossless JPEG
image without an Adobe APP14 marker uses the RGB colorspace if its component
IDs are 1, 2, and 3.
|
2023-10-18 19:21:00 by Adam Ciarcinski | Files touched by this commit (2) | |
Log message:
libjpeg-turbo: updated to 3.0.1
3.0.1
The x86-64 SIMD functions now use a standard stack frame, prologue, and epilogue \
so that debuggers and profilers can reliably capture backtraces from within the \
functions.
Fixed two minor issues in the interblock smoothing algorithm that caused \
mathematical (but not necessarily perceptible) edge block errors when \
decompressing progressive JPEG images exactly two MCU blocks in width or that \
use vertical chrominance subsampling.
Fixed a regression introduced by 3.0 beta2[6] that, in rare cases, caused the C \
Huffman encoder (which is not used by default on x86 and Arm CPUs) to generate \
incorrect results if the Neon SIMD extensions were explicitly disabled at build \
time (by setting the WITH_SIMD CMake variable to 0) in an AArch64 build of \
libjpeg-turbo.
|
2023-07-05 17:37:35 by Adam Ciarcinski | Files touched by this commit (3) | |
Log message:
libjpeg-turbo: updated to 3.0.0
3.0.0
Significant changes relative to 3.0 beta2:
The TurboJPEG API now supports 4:4:1 (transposed 4:1:1) chrominance subsampling, \
which allows losslessly transposed or rotated 4:1:1 JPEG images to be losslessly \
cropped, partially decompressed, or decompressed to planar YUV images.
Fixed various segfaults and buffer overruns (CVE-2023-2804) that occurred when \
attempting to decompress various specially-crafted malformed \
12-bit-per-component and 16-bit-per-component lossless JPEG images using color \
quantization or merged chroma upsampling/color conversion. The underlying cause \
of these issues was that the color quantization and merged chroma \
upsampling/color conversion algorithms were not designed with lossless \
decompression in mind. Since libjpeg-turbo explicitly does not support color \
conversion when compressing or decompressing lossless JPEG images, merged chroma \
upsampling/color conversion never should have been enabled for such images. \
Color quantization is a legacy feature that serves little or no purpose with \
lossless JPEG images, so it is also now disabled when decompressing such images. \
(As a result, djpeg can no longer decompress a lossless JPEG image into a GIF \
image.)
Fixed an oversight in 1.4 beta1[8] that caused various segfaults and buffer \
overruns when attempting to decompress various specially-crafted malformed \
12-bit-per-component JPEG images using djpeg with both color quantization and \
RGB565 color conversion enabled.
Fixed an issue whereby jpeg_crop_scanline() sometimes miscalculated the \
downsampled width for components with 4x2 or 2x4 subsampling factors if \
decompression scaling was enabled. This caused the components to be upsampled \
incompletely, which caused the color converter to read from uninitialized \
memory. With 12-bit data precision, this caused a buffer overrun or underrun and \
subsequent segfault if the sample value read from uninitialized memory was \
outside of the valid sample range.
Fixed a long-standing issue whereby the tj3Transform() function, when used with \
the TJXOP_TRANSPOSE, TJXOP_TRANSVERSE, TJXOP_ROT90, or TJXOP_ROT270 transform \
operation and without automatic JPEG destination buffer (re)allocation or \
lossless cropping, computed the worst-case transformed JPEG image size based on \
the source image dimensions rather than the transformed image dimensions. If a \
calling program allocated the JPEG destination buffer based on the transformed \
image dimensions, as the API documentation instructs, and attempted to transform \
a specially-crafted 4:2:2, 4:4:0, 4:1:1, or 4:4:1 JPEG source image containing a \
large amount of metadata, the issue caused tj3Transform() to overflow the JPEG \
destination buffer rather than fail gracefully. The issue could be worked around \
by setting TJXOPT_COPYNONE. Note that, irrespective of this issue, \
tj3Transform() cannot reliably transform JPEG source images that contain a large \
amount of metadata unless automatic JPEG destinati
on buffer (re)allocation is used or TJXOPT_COPYNONE is set.
Fixed a regression introduced by 3.0 beta2[6] that prevented the djpeg -map \
option from working when decompressing 12-bit-per-component lossy JPEG images.
Fixed an issue that caused the C Huffman encoder (which is not used by default \
on x86 and Arm CPUs) to read from uninitialized memory when attempting to \
transform a specially-crafted malformed arithmetic-coded JPEG source image into \
a baseline Huffman-coded JPEG destination image.
|
2023-06-06 14:42:56 by Taylor R Campbell | Files touched by this commit (1319) |
Log message:
Mass-change BUILD_DEPENDS to TOOL_DEPENDS outside mk/.
Almost all uses, if not all of them, are wrong, according to the
semantics of BUILD_DEPENDS (packages built for target available for
use _by_ tools at build-time) and TOOL_DEPEPNDS (packages built for
host available for use _as_ tools at build-time).
No change to BUILD_DEPENDS as used correctly inside buildlink3.
As proposed on tech-pkg:
https://mail-index.netbsd.org/tech-pkg/2023/06/03/msg027632.html
|
2023-01-24 19:36:36 by Thomas Klausner | Files touched by this commit (103) |
Log message:
*: convert to cmake/build.mk
|
2022-08-14 22:57:40 by Adam Ciarcinski | Files touched by this commit (3) | |
Log message:
libjpeg-turbo: updated to 2.1.4
2.1.4
Significant changes relative to 2.1.3
Fixed a regression introduced in 2.1.3 that caused build failures with Visual \
Studio 2010.
The tjDecompressHeader3() function in the TurboJPEG C API and the \
TJDecompressor.setSourceImage() method in the TurboJPEG Java API now accept \
"abbreviated table specification" (AKA "tables-only") \
datastreams, which can be used to prime the decompressor with quantization and \
Huffman tables that can be used when decompressing subsequent "abbreviated \
image" datastreams.
libjpeg-turbo now performs run-time detection of AltiVec instructions on OS \
X/PowerPC systems if AltiVec instructions are not enabled at compile time. This \
allows both AltiVec-equipped (PowerPC G4 and G5) and non-AltiVec-equipped \
(PowerPC G3) CPUs to be supported using the same build of libjpeg-turbo.
Fixed an error ("Bogus virtual array access") that occurred when \
attempting to decompress a progressive JPEG image with a height less than or \
equal to one iMCU (8 * the vertical sampling factor) using buffered-image mode \
with interblock smoothing enabled. This was a regression introduced by 2.1 \
beta1[6(b)].
Fixed two issues that prevented partial image decompression from working \
properly with buffered-image mode:
Attempting to call jpeg_crop_scanline() after jpeg_start_decompress() but before \
jpeg_start_output() resulted in an error ("Improper call to JPEG library in \
state 207".)
Attempting to use jpeg_skip_scanlines() resulted in an error ("Bogus \
virtual array access") under certain circumstances.
|
2022-04-20 23:47:24 by Tobias Nygren | Files touched by this commit (1) |
Log message:
libjpeg-turbo: contains portions of IJG's code, so list that license
|