Cherry-pick PRs from master branch which fix issues reported by fuzz tests #875
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: Peter Hillman <[email protected]>
…prevent undefined behavior Signed-off-by: Peter Hillman <[email protected]>
… bit to prevent shift overflow Signed-off-by: Peter Hillman <[email protected]>
…ted in DWA uncompress Signed-off-by: Peter Hillman <[email protected]>
… writing invalid enums Signed-off-by: Peter Hillman <[email protected]>
…les when size=MAX_INT Signed-off-by: Peter Hillman <[email protected]>
…T_MAX byte limit Signed-off-by: Peter Hillman <[email protected]>
…nly images via RgbaInputFile Signed-off-by: Peter Hillman <[email protected]>
Signed-off-by: Peter Hillman <[email protected]>
Signed-off-by: Peter Hillman <[email protected]>
… decompression Signed-off-by: Peter Hillman <[email protected]>
…ftwareFoundation#831) * Use Int64 in dataWindowForTile to prevent integer overflow Signed-off-by: Peter Hillman <[email protected]> * use signed 64 bit instead for dataWindow calculation Signed-off-by: Peter Hillman <[email protected]> Co-authored-by: Cary Phillips <[email protected]> Signed-off-by: Peter Hillman <[email protected]>
…oundation#836) Signed-off-by: Peter Hillman <[email protected]>
…ftwareFoundation#840) Signed-off-by: Peter Hillman <[email protected]>
…ySoftwareFoundation#843) Signed-off-by: Peter Hillman <[email protected]>
* check for valid Huf code lengths * test non-fast huf decoder in testHuf Signed-off-by: Peter Hillman <[email protected]>
…ftwareFoundation#860) Signed-off-by: Peter Hillman <[email protected]> Co-authored-by: Cary Phillips <[email protected]> Signed-off-by: Peter Hillman <[email protected]>
…ndation#861) Signed-off-by: Peter Hillman <[email protected]>
… warning (AcademySoftwareFoundation#819) Signed-off-by: Peter Hillman <[email protected]> Co-authored-by: Cary Phillips <[email protected]> Signed-off-by: Peter Hillman <[email protected]>
…ation#841) Signed-off-by: Peter Hillman <[email protected]>
…fers (AcademySoftwareFoundation#844) Signed-off-by: Peter Hillman <[email protected]>
…twareFoundation#845) Signed-off-by: Peter Hillman <[email protected]>
Signed-off-by: Peter Hillman <[email protected]>
meshula
approved these changes
Dec 7, 2020
cary-ilm
approved these changes
Dec 30, 2020
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
#817: double-check unpackedBuffer created in DWA uncompress (OSS-fuzz 24854)
#818 compute Huf codelengths using 64 bit to prevent shift overrflow (OSS-fuzz 24831)
#820: suppress sanitizer warnings when writing invalid enums (OSS-fuzz 24969)
#825: Avoid overflow in calculateNumTiles when size=MAX_INT (OSS-fuzz 25297)
#826: restrict maximum tile size to INT_MAX byte limit (OSS-fuzz 25297)
#832: ignore unused bits in B44 mode detection (OSS-fuzz 24787)
#827: lighter weight reading of Luma-only images via RgbaInputFile (OSS-fuzz 25326)
#829: fix buffer overflow check in PIZ decompression (OSS-fuzz 25399, OSS-fuzz 25415)
#830: refactor channel filling in InputFile API with tiled source (OSS-fuzz 25370 , OSS-fuzz 25501)
#831: Use Int64 in dataWindowForTile to prevent integer overflow (OSS-fuzz 25505)
#836: prevent overflow in hufUncompress if nBits is large (OSS-fuzz 25562)
#840: add sanity check for reading multipart files with no parts (OSS-fuzz 25740 , OSS-fuzz 25743)
#841: more elegant exception handling in exrmaketiled (ZhiWei Sun from Topsec Alpha Lab)
#843: reduce B44 _tmpBufferSize (was allocating two bytes per byte) (OSS-fuzz 25913)
#844: check EXRAllocAligned succeeded to allocate ScanlineInputFile lineBuffers (ZhiWei Sun from Topsec Alpha Lab)
#845: test channels are DCT compressed before DWA decompression (ZhiWei Sun from Topsec Alpha Lab)
#849: check for valid Huf code lengths (OSS-fuzz 26229)
#860: check 1 part files with 'nonimage' bit have type attribute (OSS-fuzz 26658)
#861: Fix overflow computing deeptile sample table size (OSS-fuzz 26956)
#863: re-order shift/compare in FastHuf to prevent undefined shift overflow (OSS-fuzz 27409)
Also partial fixes from #842 which do not change the ABI: (OSS-fuzz 25892 , OSS-fuzz 25894)