Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

memcpy-param-overlap bug in src/tiffvisitor_int.cpp #2027

Closed
yuawn opened this issue Dec 13, 2021 · 3 comments · Fixed by #2028 or #2030
Closed

memcpy-param-overlap bug in src/tiffvisitor_int.cpp #2027

yuawn opened this issue Dec 13, 2021 · 3 comments · Fixed by #2028 or #2030
Labels

Comments

@yuawn
Copy link

yuawn commented Dec 13, 2021

Hi @clanmills @kevinbackhouse,

There is a memcpy-param-overlap bug in src/tiffvisitor_int.cpp:748:17, and the bug is reproducible on the latest release v0.27.5 and main 65fad9d.

Thank you

Describe the bug
memcpy-param-overlap in src/tiffvisitor_int.cpp:748:17 (Exiv2::Internal::TiffEncoder::updateDirEntry(unsigned char*, Exiv2::ByteOrder, Exiv2::Internal::TiffComponent*))

PoC
poc.gz

Environment:
Ubuntu 20.04.3 LTS (x86_64)
clang version 13.0.1 (https://github.com/llvm/llvm-project.git 19b8368225dc9ec5a0da547eae48c10dae13522d)

To Reproduce

cd exiv2
mkdir build-fuzz; cd build-fuzz

cmake -DEXIV2_ENABLE_PNG=ON -DEXIV2_ENABLE_WEBREADY=ON -DEXIV2_ENABLE_CURL=ON -DEXIV2_ENABLE_BMFF=ON -DEXIV2_TEAM_WARNINGS_AS_ERRORS=ON -DCMAKE_CXX_COMPILER=$(which clang++) -DEXIV2_BUILD_FUZZ_TESTS=ON -DEXIV2_TEAM_USE_SANITIZERS=ON ..
make -j $(nproc)

./bin/fuzz-read-print-write ./poc

AddressSanitizer Report:

=================================================================
==341184==ERROR: AddressSanitizer: memcpy-param-overlap: memory ranges [0x611000000762,0x611000000766) and [0x611000000765, 0x611000000769) overlap
    #0 0x5646bf in __asan_memcpy llvm-project/compiler-rt/lib/asan/asan_interceptors_memintrinsics.cpp:22:3
    #1 0x7ffff7624054 in memcpy /usr/include/x86_64-linux-gnu/bits/string_fortified.h:34:10
    #2 0x7ffff7624054 in Exiv2::Internal::TiffEncoder::updateDirEntry(unsigned char*, Exiv2::ByteOrder, Exiv2::Internal::TiffComponent*) src/tiffvisitor_int.cpp:748:17
    #3 0x7ffff76236ab in Exiv2::Internal::TiffEncoder::visitDirectoryNext(Exiv2::Internal::TiffDirectory*) src/tiffvisitor_int.cpp:728:18
    #4 0x7ffff75c3e38 in Exiv2::Internal::TiffDirectory::doAccept(Exiv2::Internal::TiffVisitor&) src/tiffcomposite_int.cpp:887:58
    #5 0x7ffff7601de9 in Exiv2::Internal::TiffParserWorker::encode(Exiv2::BasicIo&, unsigned char const*, unsigned int, Exiv2::ExifData const&, Exiv2::IptcData const&, Exiv2::XmpData const&, unsigned int, void (Exiv2::Internal::TiffEncoder::* (*)(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, unsigned int, Exiv2::Internal::IfdId))(Exiv2::Internal::TiffEntryBase*, Exiv2::Exifdatum const*), Exiv2::Internal::TiffHeaderBase*, Exiv2::Internal::OffsetWriter*) src/tiffimage_int.cpp:1947:25
    #6 0x7ffff71c747b in Exiv2::ExifParser::encode(std::vector<unsigned char, std::allocator<unsigned char> >&, unsigned char const*, unsigned int, Exiv2::ByteOrder, Exiv2::ExifData const&) src/exif.cpp:751:26
    #7 0x7ffff7267447 in Exiv2::JpegBase::doWriteMetadata(Exiv2::BasicIo&) src/jpgimage.cpp:1052:38
    #8 0x7ffff7263b45 in Exiv2::JpegBase::writeMetadata() src/jpgimage.cpp:860:9
    #9 0x5a20a4 in LLVMFuzzerTestOneInput fuzz/fuzz-read-print-write.cpp:44:12
    #10 0x4660cc in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:611:17
    #11 0x451a33 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:323:21
    #12 0x45815b in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:856:19
    #13 0x422296 in main llvm-project/compiler-rt/lib/fuzzer/FuzzerMain.cpp:20:30
    #14 0x7ffff66a10b2 in __libc_start_main /build/glibc-YbNSs7/glibc-2.31/csu/../csu/libc-start.c:308:16
    #15 0x42233d in _start (build/bin/fuzz-read-print-write+0x42233d)

0x611000000762 is located 226 bytes inside of 248-byte region [0x611000000680,0x611000000778)
allocated by thread T0 here:
    #0 0x565bd7 in malloc llvm-project/compiler-rt/lib/asan/asan_malloc_linux.cpp:129:3
    #1 0x43ed1e in operator new(unsigned long) (build/bin/fuzz-read-print-write+0x43ed1e)
    #2 0x7ffff7265db3 in Exiv2::JpegBase::doWriteMetadata(Exiv2::BasicIo&) src/jpgimage.cpp:939:29
    #3 0x7ffff7263b45 in Exiv2::JpegBase::writeMetadata() src/jpgimage.cpp:860:9
    #4 0x5a20a4 in LLVMFuzzerTestOneInput fuzz/fuzz-read-print-write.cpp:44:12
    #5 0x4660cc in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:611:17
    #6 0x451a33 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:323:21
    #7 0x45815b in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:856:19
    #8 0x422296 in main llvm-project/compiler-rt/lib/fuzzer/FuzzerMain.cpp:20:30
    #9 0x7ffff66a10b2 in __libc_start_main /build/glibc-YbNSs7/glibc-2.31/csu/../csu/libc-start.c:308:16

0x611000000765 is located 229 bytes inside of 248-byte region [0x611000000680,0x611000000778)
allocated by thread T0 here:
    #0 0x565bd7 in malloc llvm-project/compiler-rt/lib/asan/asan_malloc_linux.cpp:129:3
    #1 0x43ed1e in operator new(unsigned long) (build/bin/fuzz-read-print-write+0x43ed1e)
    #2 0x7ffff7265db3 in Exiv2::JpegBase::doWriteMetadata(Exiv2::BasicIo&) src/jpgimage.cpp:939:29
    #3 0x7ffff7263b45 in Exiv2::JpegBase::writeMetadata() src/jpgimage.cpp:860:9
    #4 0x5a20a4 in LLVMFuzzerTestOneInput fuzz/fuzz-read-print-write.cpp:44:12
    #5 0x4660cc in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:611:17
    #6 0x451a33 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:323:21
    #7 0x45815b in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:856:19
    #8 0x422296 in main llvm-project/compiler-rt/lib/fuzzer/FuzzerMain.cpp:20:30
    #9 0x7ffff66a10b2 in __libc_start_main /build/glibc-YbNSs7/glibc-2.31/csu/../csu/libc-start.c:308:16

SUMMARY: AddressSanitizer: memcpy-param-overlap llvm-project/compiler-rt/lib/asan/asan_interceptors_memintrinsics.cpp:22:3 in __asan_memcpy
==341184==ABORTING
@yuawn yuawn added the bug label Dec 13, 2021
@kevinbackhouse
Copy link
Collaborator

Thanks @yuawn!

@kevinbackhouse
Copy link
Collaborator

Background info: we initially investigated this as a potential security vulnerability, but have now concluded that it's a regular bug with no security impact. So I asked @yuawn to create this public issue.

@kevinbackhouse
Copy link
Collaborator

kevinbackhouse commented Dec 13, 2021

The bug is here:

if (pTiffEntry->size() > 0) {
memcpy(buf + 8, pTiffEntry->pData(), pTiffEntry->size());
memset(const_cast<byte*>(pTiffEntry->pData()), 0x0, pTiffEntry->size());
}

buf and pTiffEntry->pData() are both pointers into the same (larger) buffer. As the poc shows, it is possible for the two buffers to overlap. Therefore, we should use memmove rather than memcpy here.

I don't believe this bug is a security concern. The code is just moving data within a larger buffer, so the access isn't out-of-bounds. The data might get copied incorrectly, but it's already attacker-controlled data so that doesn't make any difference from a security perspective.

kevinbackhouse added a commit to kevinbackhouse/exiv2 that referenced this issue Dec 13, 2021
mergify bot pushed a commit that referenced this issue Dec 14, 2021
(cherry picked from commit 4aa701f)
clrpackages pushed a commit to clearlinux-pkgs/exiv2 that referenced this issue Jan 23, 2023
…27.6

Christoph Hasse (1):
      fix naming of canon EF 35-80mm.closes #2247

Kevin Backhouse (7):
      Treat Exif.Sony1.PreviewImage as undefined tag.
      PoC image file for Exiv2/exiv2#2027
      Use memmove, rather than memcpy, because memory regions might overlap.
      Update tiffvisitor_int.cpp
      Fix bug in loop. It wasn't iterating over the elements of dateStrings as intended.
      Regression test for Exiv2/exiv2#2268
      Replace assert with enforce. (Fix for Exiv2/exiv2#2268)

Luis Diaz (4):
      ci: sync workflows with latest changes on main branch
      Fix out of bounds read in isValidBoxFileType()
      Add poc for fuzzing coverage
      ci: update conan version in ci jobs and dependencies version

Luis Díaz Más (7):
      Fix conan ci luis (#2018)
      0.27 Running tests with ctest (#2024)
      0.27 Nightly pre-builds for 0.27 (#2025)
      Fix JP2 write/read metadata
      Detect integer-overflow and throw in that case
      Add POC file for issue 2190
      Fix integer overflow #2179

Miloš Komarčević (21):
      Streamline MinGW package installation for CI
      Update README.md for pacman command simplification
      Remove legacy MinGW CI builds
      Initial MSYS2 workflow for GHA
      Handle unused warnings
      Add more DNG 1.6 tags
      Switch Cygwin CI to GHA (#2032)
      Update conan for Windows CI
      Add Sony ARW compression to dict (#2046)
      Strip XMP raw packet before decoding (#2139)
      Update CI actions (0.27-maintenance) (#2142)
      Initial support for OM System MakerNote
      Add OM System MakerNote test
      Account for header bytes for Exif and XMP boxes (backport #2234)
      Add some F mount lenses
      PNG: always strip the existing iCCP chunk
      Add Nikon LensData v0802 (backport #2287)
      Add Nikon3.WhiteBalanceBias2 (backport #2311)
      ci: Upgrade conan to version 1.51.0
      Add more MIME type mappings for TIFF-based raws
      Exif start can be at any byte in payload, not word aligned

Nehal J Wani (3):
      Bump conan version
      Replace array with std::vector in decodeBase64()
      Exiv2 v0.27.6

Peter (3):
      Fix rename text in manpage (#2328)
      Fix bmff exception; Bump Conan version (#2375)
      Update docs concerning BMFF-based files (#2404)

Robin Mills (16):
      fix_1558_cmake_build_type
      retrigger checks
      retrigger checks
      retrigger checks
      add --verbose option for Cygwin/CI.  No idea why it's failing.  Been stable since I wrote it a year ago.
      Revert "add --verbose option for Cygwin/CI.  No idea why it's failing.  Been stable since I wrote it a year ago."
      The Cygwin/CI is broken. (#2003)
      Added a sentence to `5.4 Cygwin/64` about `apt-cyg`.
      Initial changes to documentation to support CTest.  I intend to integrate changes from main/README.md in this PR.
      Fixes following review.
      Bringing format/layout of 0.27-maintenance/README.md very close to main/README.md.
      Minor layout improvements.
      I've polished this and minimized the differences with main/README.md.  It's not possible to add lensTest into 0.27-maintenance without modifying Exiv2::getExiv2ConfigPath().
      Fixes following review.
      Fixes following review.
      fix_2044_add_tiff_tags
antermin pushed a commit to antermin/exiv2 that referenced this issue Mar 16, 2023
(cherry picked from commit 4aa701f)
clrpackages pushed a commit to clearlinux-pkgs/exiv2 that referenced this issue Jun 9, 2023
…28.0

Alan01 (2):
      Create da.po
      Update da.po

Alex Esseling (36):
      work on canon tags
      second rund
      update tags ID
      update canonrf tags, new lenses
      update to tags
      Adding Ambience Selection to tag list
      Adding tag Canon AFMicroAdj
      Canon MultiExposure tag added
      Adding Canon Lighting Optimization Tag
      Adding of Canon Vignetting Correction Tag 2
      canon filter options
      Adding LensSerialNumber Tag
      Adding Canon AF Config Tag
      Adding Canon RawBurst Tag
      Canon AF Info 2 Tag
      wrong brackets fixed
      fix wrong brackets
      fix of tests case test_issue_981.py
      fix of test_issue_1151.py
      fix test_issue_1122.py
      ExposureCompensation added
      Exif.Canon.CanonFlashInfo
      Exif.CanonCs.SpotMeteringMode
      Exif.CanonCs.PhotoEffect
      Exif.CanonSi.NDFilter
      Exif.CanonSi.SelfTimer2
      Exif.Canon.CanonFlashInfo
      Exif.CanonSi.FlashOutput
      Exif.CanonSi.NDFilter
      fix test cases
      adding exposurecompensation
      OpticalZoomCode added
      fix typo Optical Zoom Code
      adding OpticalZoomCode
      AEB Bracket Value added
      controlmode added

Alexander Steffen (7):
      Add test for all known Canon lenses
      Execute test commands always with shell
      Remove undetectable lenses
      Clean up Canon lens list
      Fix rounding error in fnumber calculation
      Fix misdetection of Tamron SP AF 300mm as Canon EF 75-300mm
      Improve detection of Canon lenses with TC

Andrea Giudiceandrea (1):
      Add Exif.Image.PageName tag (#1765)

Antonio Rojas (1):
      Fix build with gtest 1.11

Attila Oláh (1):
      Fix compilation with -Wunused-variable

Ben McCann (1):
      Enable video support by default

Christoph Hasse (70):
      fix archlinux ci build
      docs: fix example command in man pages. closes #1685 (#1686)
      refactor!: remove free() function from DataBuf to avoid potential problems, see #1542
      feat: Setup github actions workflow to build tagged release and nightly pre-release (#1676)
      refactor: move canon lens tests into new test directory
      refactor!: use lensfun style nameing for lenses
      refactor: use function to calculate raw exif value given aperture
      feat: rework lens test to account for ambiguous lenses
      fix: readd some previously removed lenses now that we plan to trea ambiguous lenses
      fix: prevent creation of nightly release with  draf==true
      feat: improve lens recognition of canon makernote
      fix: fix bash test following the new canon lens identification
      fix: update tests following new canon lens identification
      fix: prefer symbolic boolean operators so windows is happy
      fix: make casts explicit to please msvc
      fix: workaround centos-8 bug-18212
      fix: allow for FX.Y syntax in aperture regex
      fix: change duplicated Canon RF 100-500 2x into missing 1.4 teleconverter version
      fix: avoid processing MOV (quicktime) files when BMFF is enabled
      fix: add Sigma 30mm f/1.4 DC DN | C to canon lens detection
      feat: add test for #1782
      refactor: remove FindRegex.cmake
      refactor: remove regex related cmake stuff
      refactor: replace old linux regex.h with regex from STL.
      refactor: use POSIX regex syntax as that is what was used before
      refactor: update readme to reflect regex changes
      refactor: avoid unused variable warning of regex_error
      refactor: remove leftover empty if statement
      remove exv_grep_keys_t type alias
      fix: SIGSEGV on parsing of config file. (introduced in main by clang-tidy fix)
      add test of config file based lens name determination
      first search cwd for config file then check home dir
      adapt test to make use of config file search in cwd
      adapt man pages to reflect new config file path behaviour
      Fixes for Max and Win
      make the ifdef in getExiv2ConfigPath a bit more minimal
      update man page to reflect what is done in code
      add Canon EF 100-400 2x, and make size of aperture lens matching delta dependent on teleconverter factor
      test: add new test for lens
      Update codecov badge in readme to show results of main branch
      refactor: small cleanup of test infra to avoid duplicate runs
      dont do codecov for samples and tests
      update codecov coverage github action and remove use of deprecated bash uploader
      check integrity of codecov executable
      check integrity of codecov executable
      fix: incorrectly triggered enforce check during preview extraction in LoaderTiff::getData(), closes #1829
      workaround for softprops/action-gh-release#139
      fix(testing): codecov reports (#2094)
      move test reference files into their own subdirectory
      feat(testing): add a new extensive regression test that runs exiv2 over every test file we have
      move test_regression_allfiles.py into its own subdirectory and add the test to cmakelists.txt
      Decoding of Canon HDRInfo tag
      fix(canon): cleanup canonAf2 and canonAf3 related code
      add .git-blame-ignore-revs file and add clang-format commit to it (#2170)
      also run format action on pull request
      fix naming of canon EF 35-80mm.closes #2247
      add files from #2247 to regression test suite
      fix(ci) disable webready and curl for release builds [ci skip]
      fix(ci) adapt to breaking changes of upgrading github-script [ci skip]
      fix(video) bmffimage can not currently handle mp42 files so skip those
      feat(video) revive quicktime.{h,cpp} and adapt to codebase changes.
      fix(video) filetype detection: handle video via quicktimevideo.cpp and other ftyp files in bmffimage
      test(video) add small video file to execute some code in quicktimevideo.cpp
      fix(video) clang-format quicktimevideo
      fix(video) dont throw in isQTimeType
      fix(quicktimevideo) silence windows warnings
      fix(quicktimevideo) cleanup and hardening as suggested in review by @kevinbackhouse
      fix(quicktimevideo) avoid out of bounds read, closes #2340
      test(quicktimevideo) add poc for #2340
      fix(doc) mention video support in exiv2.md

Colin Watson (2):
      Add custom update-pot target
      Annotate some strings with xgettext:no-c-format

D4N (1):
      Add linux_distribution_check github action

Daniel Vogelbacher (1):
      Use official Canon RF lens model names

David Houlder (2):
      Canon cr3 previews (#1958)
      Performance boost: don't read boxes we're not interested in

Dmitry Fedorov (4):
      fix for reading jpeg-xr images
      Update src/tiffimage_int.cpp
      Update src/tiffimage_int.cpp
      Added JPEG-XR test file (#1946)

Eli Schwartz (1):
      meson: compile convert.cpp separately, with just iconv

Evan Miller (2):
      Pass -fstack-protector-strong to linker
      Explicitly test for libproc.h (#1916)

Fabrice Fontaine (1):
      add BUILD_WITH_STACK_PROTECTOR option

Facundo (1):
      Output of -PV was not suitable for inputting to -m-, key was missing. (#1970)

Gribouilleuse (3):
      Addition of 4 lenses Pentax
      Addition of 4 lenses Pentax
      Uppercase Pentax to PENTAX at lines 819 to 822

Heiko Bauke (1):
      fix out of range access, minor performance improvement

Jakub Wilk (1):
      READMEs: Add whitespace around atx-style headers

Jeka Pats (1):
      Add libFuzzer integration + report bug

Jim Easterbrook (5):
      Hide "static constexpr auto" from SWIG
      Restore modified tags after TZ manipulation
      Add test files for PR 1999 / issue 1998
      Use \" instead of ' for exiv2 command string
      Add key name to "Value not set" error message (#2149)

John55h (1):
      Update canonmn_int.cpp

Josh Soref (1):
      Spelling (#2067)

Kevin Backhouse (288):
      Update security process.
      Regression test for https://github.com/Exiv2/exiv2/security/advisories/GHSA-jgm9-5fw5-pw9p
      Better bounds checking in Jp2Image::encodeJp2Header()
      Fix signed/unsigned compiler warnings.
      Regression test for https://github.com/Exiv2/exiv2/security/advisories/GHSA-5p8g-9xf3-gfrr
      Improve bound checking in WebPImage::doWriteMetadata()
      Regression test for https://github.com/Exiv2/exiv2/issues/1570.
      Fix out-of-bounds read in bmffimage.cpp
      Stop the test from failing when EXIV2_ENABLE_BMFF=Off.
      Fix signed/unsigned compiler warning.
      Fix signed/unsigned compiler warning.
      Fix LGTM warning about format specifier
      Check that the string is properly terminated.
      Add windows_distribution_check GitHub Action.
      Add more bounds checks in Jp2Image::encodeJp2Header
      Regression test for https://github.com/Exiv2/exiv2/security/advisories/GHSA-8949-hhfh-j7rj
      Add clarification about reproducibility requirements.
      Regression test for https://github.com/Exiv2/exiv2/security/advisories/GHSA-7569-phvm-vwc2
      Add bounds check in Jp2Image::doWriteMetadata().
      Fix infinite loop caused by subBox with zero size.
      Prevent large allocation.
      Use readOrThrow to check error conditions of iIo.read().
      Fix quadratic complexity performance bug.
      Remove obsolete snprintf macros.
      fix: zero initialize local variables. (#1743)
      fix: stricter date parsing in value.cpp (#1720)
      Replace sprintf with snprintf.
      feat: Codeql analysis (#1747)
      Defensive coding to avoid 0x80000000/0xFFFFFFFF FPE.
      Regression test for https://github.com/Exiv2/exiv2/security/advisories/GHSA-pvjp-m4f6-q984
      Prevent divide-by-zero crash.
      Defensive coding to avoid 0x80000000/0xFFFFFFFF FPE.
      fix incorrect loop condition (#1752)
      Regression test for https://github.com/Exiv2/exiv2/security/advisories/GHSA-h9x9-4f77-336w
      Throw exception if lens info wasn't found.
      Check that findKey didn't return end().
      Regression test for https://github.com/Exiv2/exiv2/security/advisories/GHSA-583f-w9pm-99r2
      Better bounds checking in Jp2Image::printStructure
      Add custom CodeQL query for null iterator deref.
      Regression test for https://github.com/Exiv2/exiv2/issues/1763
      Don't deref end iterator.
      CodeQL query to detect unsafe uses of std::vector::operator[].
      Updates to make fuzzing work.
      Rename fuzz target
      Add printing and writing to fuzzer.
      Action that runs fuzzer for short amount of time on PRs.
      Add workflow_dispatch for manual trigger
      Fix indentation
      Try with sudo.
      Fix code scanning alert: "Multiplication result converted to larger type".
      Add -workers option to use all cores.
      Regression test for https://github.com/Exiv2/exiv2/security/advisories/GHSA-mv9g-fxh2-m49m
      Don't crash if s > size.
      Print message to stderr when EXIV2_DEBUG_MESSAGES is enabled.
      Better way to print the error message.
      Regression test for https://github.com/Exiv2/exiv2/security/advisories/GHSA-m479-7frc-gqqg
      dirLength == 0 can cause an infinite loop.
      Defensive programming in Image::printIFDStructure
      Ignore results in the xmpsdk directory.
      Regression test for https://github.com/Exiv2/exiv2/security/advisories/GHSA-v5g7-46xf-h728
      Check that `type` isn't an empty string.
      Safer std::vector indexing.
      Regression test for https://github.com/Exiv2/exiv2/security/advisories/GHSA-hqjh-hpv8-8r9p
      Extra checking to prevent the loop counter from wrapping around.
      Defensive coding changes to avoid integer overflow in loop conditions.
      Better fix for potential integer overflow in `bytes.size() - 3`.
      Type of escapeStart should be size_t.
      Fix warning: comparison of integer expressions of different signedness
      Add a test to improve coverage in xmpsidecar.cpp
      Regression test for https://github.com/Exiv2/exiv2/issues/1793
      Add `pbox_end` param to `BmffImage::boxHandler` to enforce box nesting.
      Support for 64-bit box lengths looked broken.
      address + box_length == box_end
      Enable fuzzing of bmffimage.cpp
      Extra protection against large allocations.
      Fix compiler warnings.
      Fix format specifier.
      Regression test for https://github.com/Exiv2/exiv2/security/advisories/GHSA-9jh3-fcc3-g6hv
      Make sure that read is complete to prevent infinite loop.
      Remove redundant check.
      Regression test for https://github.com/Exiv2/exiv2/security/advisories/GHSA-g44w-q3vm-gwjq
      &bytes[0] will crash if bytes has zero elements.
      Skip unittest because -pR is disabled in release builds so the test fails.
      Regression test for https://github.com/Exiv2/exiv2/security/advisories/GHSA-mvc4-g5pv-4qqq
      bufRead needs to be adjusted after seek()
      Improved handling of jpg segments to avoid out-of-bound reads.
      Fix compiler warning.
      Update src/jpgimage.cpp
      poc from GHSA-9jh3-fcc3-g6hv can now be parsed without error.
      Add comment to explain bounds-check.
      Add `markerHasLength` utility function.
      Fix build error when EXIV2_DEBUG_MESSAGES is enabled.
      Add fuzzing dictionary and test all printStructure() options
      Remove redundant call to exifData().
      Regression test for https://github.com/Exiv2/exiv2/issues/1815
      Add bounds-check to prevent out-of-bounds read in memcmp.
      Regression test for https://github.com/Exiv2/exiv2/issues/1817
      Use DataBuf, rather than new[], for automatic delete when an exception is throw.
      Add static_cast to fix build error on Windows.
      Regression test for https://github.com/Exiv2/exiv2/issues/1812
      Check size before allocation to avoid out-of-memory errors.
      Add comment to explain the bounds-check.
      Regression test for https://github.com/Exiv2/exiv2/issues/1819
      Check that the string isn't empty
      Regression test for https://github.com/Exiv2/exiv2/issues/1827
      Check value is in range before casting from double to uint32_t, to avoid undefined behavior.
      Update src/tags_int.cpp
      Use std::round for rounding to nearest.
      Replace assertion with an error message.
      Regression test for https://github.com/Exiv2/exiv2/issues/1830
      Safer casting from double to long.
      Regression test for https://github.com/Exiv2/exiv2/issues/1838
      Check that the float is within the range of an int before casting.
      Regression test for https://github.com/Exiv2/exiv2/issues/1841
      Use DataBuf rather than raw malloc.
      Replace assertion with an error message.
      Regression test for https://github.com/Exiv2/exiv2/issues/1845
      Replace assertion with an error message.
      Test for https://github.com/Exiv2/exiv2/issues/1821
      Fix for https://github.com/Exiv2/exiv2/issues/1856
      Add sanitizer flags when fuzzing.
      Add LSAN suppressions.
      Decouple EXIV2_BUILD_FUZZ_TESTS from EXIV2_TEAM_USE_SANITIZERS.
      Call Metadatum::print() to increase fuzzing coverage.
      Add special build mode for OSS-Fuzz.
      Add OSS-Fuzz status badge and CIFuzz integration.
      Credit to OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=37363
      Add test to improve code coverage.
      Regression test for https://github.com/Exiv2/exiv2/issues/1881
      Credit to OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=37492
      Only build XMLValidator when XMP is enabled.
      Add second test file for better code coverage.
      Make fields of DataBuf private.
      Fix build failure on Windows.
      Fix build failure.
      Add unit test for methods like DataBuf::read_uint32 and DataBuf::write_uint32.
      Make offset=0 the default parameter.
      Regression test for https://github.com/Exiv2/exiv2/issues/1887
      Credit to OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=37889
      Standardize on conan 1.39.0
      Add doc to release build.
      Remove unused constructor that was causing a build failure in OSS-Fuzz.
      Regression test for https://github.com/Exiv2/exiv2/issues/1901
      Comment out bogus code.
      Add more checks to prevent integer overflow.
      Throw an exception on integer overflow.
      Fix test failure.
      Credit to OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=38887
      Regression test for https://github.com/Exiv2/exiv2/issues/1912
      Do the calculation in floating point to avoid integer overflow.
      Regression test for: https://github.com/Exiv2/exiv2/issues/1920
      Credit to OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=39060
      Add CodeQL query to detect variants of issue #1920.
      Add regression test to https://github.com/Exiv2/exiv2/pull/1918
      Update copyright and bug-address
      Add second test to improve code coverage.
      Add third test to improve code coverage.
      Clarify ownership model of CiffComponent::pData_
      Add workaround for conan outage: https://github.com/conan-io/conan/issues/9695
      We only need to extract one byte.
      Fix Conan on macOS
      Fix Conan on macOS
      Use same Conan version on macOS as on other platforms.
      Use =default.
      More =default changes.
      Regression test for https://github.com/Exiv2/exiv2/issues/1954
      Use std::move to transfer ownership of DataBufs.
      Delete the copy assignment operator to avoid accidental copying.
      Revert "Fix for https://github.com/Exiv2/exiv2/issues/1856"
      Fix indentation
      Credit to OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=39555
      Try a newer version of Conan.
      Add readOrThrow and seekOrThrow to BasicIo.
      Remove static functions readOrThrow and seekOrThrow.
      Remove Conan from MacOS build.
      Remove opensuse/tumbleweed, because the docker image is broken.
      Regression test for https://github.com/Exiv2/exiv2/issues/2006
      Credit to OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=41438
      Treat Exif.Sony1.PreviewImage as undefined tag.
      PoC image file for https://github.com/Exiv2/exiv2/issues/2027
      Use memmove, rather than memcpy, because memory regions might overlap.
      Clarify policy on when a bug is considered a security issue (#2038)
      Fix bug in loop. It wasn't iterating over the elements of dateStrings as intended.
      Delete TiffEntryBase::isMalloced_ field and use a std::shared_ptr instead.
      Remove DataBuf::release() which is no longer used.
      Add storage parameter to setData.
      Add comments.
      Replace Value::toLong with Value::toInt64. (#2062)
      Replace Metadatum::toLong() with Metadatum::toInt64().
      Convert type of pixelHeight/pixelWidth to platform-independent uint32_t.
      Fix compiler warnings.
      Move Metadatum::toUint32() implementation out of header file.
      Catch std::exception in iptcprint.
      Credit to OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=45291
      Add exclusion for issue_2160_poc.jpg
      Add poc for fuzzing coverage.
      More bounds checking in Adjust::adjustDateTime
      Replace long with int64_t in exiv2app.hpp
      Change return type of BasicIo::tell() to size_t.
      Fix some "signed shift" warnings.
      Fix some incorrect format specifiers.
      Fix some "signed shift" warnings
      Eliminate some false positive results.
      Regression test for https://github.com/Exiv2/exiv2/issues/2268
      Replace assert with enforce. (Fix for https://github.com/Exiv2/exiv2/issues/2268)
      Add issue_2268_poc.jp2 to the exclude list.
      Move enums from tags_int.hpp to tags.hpp
      Fix some "unsafe vector access" warnings.
      clang-format
      Simplify the iptcDataSegs logic
      Use emplace_back
      Convert IfdId and SectionId to enum classes.
      Don't use long in floatToRationalCast
      Use int32_t in TimeValue
      Use size_t for the offset.
      Change type of sizeDataArea_
      Use size_t
      Fix implicit type conversions.
      Refactor printIFDStructure depth increment
      Refactor printTiffStructure depth increment
      Convert type of depth parameter to size_t.
      Fix clang-tidy warning about double move.
      Change the return type of the 2Data functions to size_t.
      Fix implicit cast warning.
      Use std::map for faster lookup.
      Suggestions from @neheb and @piponazo.
      Correct error from #2301
      Use std::unordered_set for tiffImageTags
      Use a switch
      Suggestions from @neheb and @piponazo
      Use std::unordered_map for TiffTreeStruct lookup.
      Remove unneeded constructor
      Replace TiffTreeStruct with std::pair
      Use emplace().
      Regression test for https://github.com/Exiv2/exiv2/issues/2320
      Credit to OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=49894
      Regression test for https://github.com/Exiv2/exiv2/issues/2339
      Credit to OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50315
      Regression test for https://github.com/Exiv2/exiv2/issues/2345
      Credit to OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50901
      Avoid potential integer overflow.
      Fix clang-format error.
      Don't allow zero width/height in WebPImage::inject_VP8X
      Bump conan version to 1.52.0
      Use getULong to read unsigned numbers.
      Regression test for https://github.com/Exiv2/exiv2/issues/2366
      Credit to OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=51707
      nul-terminate string
      clang-format
      Regression test for https://github.com/Exiv2/exiv2/issues/2352
      Credit to OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=51241
      Credit to OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=51751
      clang-format
      Regression test for https://github.com/Exiv2/exiv2/issues/2383
      Credit to OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=52382
      Regression test for https://github.com/Exiv2/exiv2/issues/2385
      Credit to OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=52355
      Use Safe::add() in tiffvisitor_int.cpp
      Regression test for https://github.com/Exiv2/exiv2/issues/2393
      Credit to OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=52731
      Change return type of getFileLength() to int64_t.
      Use size_t for sizes and offsets.
      Fix issue 2380: bug in (unused) non-mmap code.
      Add #error so the build fails if mmap isn't supported.
      Use std::is_signed and std::enable_if.
      clang-format
      Regression test for https://github.com/Exiv2/exiv2/issues/2423
      Add break to loop to fix issue 2423, plus some other cleanups.
      Use Safe::add
      Regression test for https://github.com/Exiv2/exiv2/issues/2427
      Credit to OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=52767
      Remove libinih from codebase and add it as a dependency instead.
      Update .github/workflows/on_PR_windows_matrix.yml
      cmake fatal error if inih library is not found.
      Add inih dependency
      Add EXIV2_ENABLE_INIH flag to enable building without libinih.
      Silence unused parameter warning when EXV_ENABLE_INIH is undefined.
      Use double type to improve floating point accuracy.
      Use toInt64() for hours and minutes, because they should be integer valued.
      Fix test failures on 32-bit platforms.
      Fix long-running loop
      Fix integer overflow which enables enforce to be bypassed.
      Enable video support by default
      Check that the pointer isn't NULL.
      Use enforce, not assert, to avoid crash.
      Convert tail-recursion to loop to avoid stack exhaustion.
      Suggestion from @neheb
      Minor refactorings to stop UBSAN from complaining.

Luis Diaz (37):
      Rename GHA workflows for having more intuitive navigation
      cmake: Add missing source file
      Add unit tests for PngChunk::keyTXTChunk
      Add new BMP tests
      Fix MSVC warnings by casting integer values
      Fix release build (see #2085)
      ci: use conan cache in other windows builds
      ci: do not stop on failure
      ci: Enable Linux distributions pipeline on PRs
      Link against stdc++fs on Linux when it is needed
      Install new image_types.h header
      make startsWith constexpr and use string_view
      Recover IptDataSets::recordId in the API
      DateValue is now a bit more permissive with malformed dates
      Add unit tests for Error class
      Remove obsolete werror sample
      remove werror-test from README
      Use compiler deduction guides for error list
      Change Metadatum::copy return value from long to size_t
      Change Metadatum::size() return value from long to size_t
      More size_t for sizes
      More conversions to size_t while removing static_casts
      Add unit tests for Jp2Image revealing bugs (see #2147)
      doxygen: update doc style in Photoshop class
      Remove deprecated variable
      Add unit tests for Photoshop::isIrb().
      Remove 2nd param from Photoshop::isIrb() since it is always hardcoded
      More unit tests for Photoshop methods
      ci: Try to fix job which is killed due to low memory?
      Move static functions to anonymous namespace
      Move private constants to .cpp
      JpegBase::markerHasLength moved to implementation details
      Factor out function readSegmentSize()
      Change logic to determine if segment has size
      Definition of new CMake presets & usage in CI jobs
      Update versions of conan dependencies
      ci: update conan version in all jobs

Luis Diaz Mas (19):
      CiActions: Increasing matrix build for Windows
      Less CI jobs on push
      Fedora-MinGW build to Github Workflows
      ci - Remove old CI script files
      ci - cache conan packages on Windows builds
      ci - Add coverage run on main branch
      ci - Linux uses ninja
      ci - mac uses ninja
      ci - Use Ninja in rest of builds
      cmake: Add target for obtaining local covarage reports
      doc: Update notes about c++11
      Add CTest support
      ci - Use ctest
      doc - Add Github Actions badges in doc
      ci - distros - fastTrue=False
      ci: Upgrade conan to version 1.51.0
      Remove deprecated option in conan
      Enable Workflow dispatch on Windows CI jobs
      Replace cygwin github action

Luis Díaz Más (307):
      Remove deprecated EPS format
      cpp: Replace auto_ptr by unique_ptr
      ci - changes to use c++11
      remove some cmake old checks + newer gtest version
      eps - do not install header
      ci - Remove old ubuntu versions & use only 2 threads to build
      cmake - Modern use of consuming gtest
      ci - use pyton3 commands
      ci - More jobs for Travis-ci
      Use stack variables instead of java style
      Initialization of variables (fix issue detected with sanitizers)
      appveyor: drop Visual Studio 2013 support
      ci - Disable build Release+Sanitizers temporarily
      Remove deprecated ASF Video
      Remove deprecated SSH support
      Remove deprecated Matroska support
      Remove deprecated QuickTime support
      Remove deprecated RiffVideo support
      Remove EXIV2_ENABLE_VIDEO and related stuff
      Remove EPS tests
      localtime_r support on MinGW
      auto_ptr -> unique_ptr for code with WIN_UNICODE enabled
      Increase the timeout from 20 to 60 seconds
      cmake: new toolchain file for MinGW cross-compilation on Ubuntu
      Reenable Release+Sanitizers build
      Fix warnings related to -Wdeprecated-copy
      cmake: Treat xmpsdk headers as system ones
      Fix warnings EXIV2_TEAM_EXTRA_WARNINGS
      revert changes that are affecting to VS
      Doc: Update links in main so that the CI badges point to the proper branches
      Remove typedef to Dictionary::const_iterator
      Fix warnings in VS
      Remove rest of useless typedefs from datasets.hpp
      Replace many of the iterators types with auto
      Doc: Fix links in README.md and remove them from the conan one
      Revert "Remove deprecated EPS format"
      Revert "eps - do not install header"
      Revert "Remove EPS tests"
      eps: Fix code after usage of unique_ptr. Remove deprecation tags
      ci: update github actions
      ci: fix installation of gtest on ubuntu 20.04
      cmake: disable -Wuseless-cast
      fix warning (hiding local variable)
      Do not treat warnings as errors
      ci: fix issues on Github actions
      Remove useless explicit constructor
      ci: warnings_as_errors OFF
      ci: alpine linux support
      fix tests expectations for alpine linux
      ci: trying to fix centos:8 build
      ci: add again arch linux & disable compilation&run of unit tests
      Fix -Werror=shadow warning after recovering EPS
      conan: update conan recipe versions
      gtest - remove wrapper which is not needed anymore
      ci: update conan version
      unitTests - use internal library object instead of recompiling sources
      ci: use -Wno-deprecated-declarations for avoiding gtest 1.10 warnings
      conan: fixes for Windows
      conan: use cmake_paths generator instead of cmake
      conan: put win dlls into bin directory
      ci-travis: trying to fix valgrind build
      ci: rescue appveyor config from old-master and backup others
      Win - Disable UNICODE which is failing at the moment
      ci: old expat & tune gtest options for windows
      conan - gtest debug_postfix only used in Debug mode
      increase timeout
      msvc: fix compiler warning on x86
      appveyor: build BMFF + enable cache again
      cmake: ignore PDBs warnings on Win/Debug/Static buils
      cmake: revert change due to old cmake versions on CentOS & debian9
      Fix MSVC build
      Move include/CMake to src
      Archive appveyor ci configurations
      Also test installation on Windows
      ci - win: Use ninja and Visual Studio shell
      Add missing public headers to install target
      Early access is always compiled
      MacOS build
      Github Actions - More builds on PRs
      ci: Remove travis builds
      Fixes in github actions
      No exe in executables
      ci - MacOS Matrix
      Rename github workflows
      ci - Special builds on Github actions
      ci - coverage build - deal with SHA issue
      ci - Add BMFF to windows matrix
      Remove old CI providers from main README
      ci - Do not create conanCache dir
      Copy mergify file from 0.27-maintenance
      ci - Use generic cmake way to compile and install
      ci - Add new special build with all project options enabled
      ci - Using gtest as static library to avoid mac linking issues
      ci - Use CTest in all the ci jobs
      ci - install tar in opensuse before checkout action
      ci - Use CTest for coverage builds
      cmake: find python3 and use it in tests
      cmake: remove obsolete targets
      ci - Win builds without unicode + with warnings as errors
      cmake - Use cmake -E to be able to run tests on different windows shells
      fix python tests on powershell
      BMFF python test - Output strings in different lines
      conan - change generator to be able to use latest expat version
      make win debug builds a bit faster
      Ignore missing PDBs
      mac - cmake_paths does not work directly on mac
      win - Only run tests on x64
      ci - Win matrix jobs will also run on:push for main
      Python3 dependency is not obligatory
      ci - Replace debian:9 with debian:10
      ci - Linux distros jobs being more explicit about options used
      Fix issues detected with PVS-Studio + other little improvements (#1689)
      ci: upgrade conan version on github actions (#2021)
      Revisiting cmake code for generating coverage reports (#2047)
      cmake: default c++ standard => 14
      keyTXTChunk improvement
      Remove dead code
      Initialize uninitialized variables
      Replace magicValue with constant variable
      Add new tests in PngChunk & PngImage for increasing coverage
      Clang-format in pngchunk_int.cpp
      Check array index before inspecting it
      Upgrade C++ standard to c++17 (#2052)
      Upgrade centos:8 to centos-stream (#2066)
      Rest of tests to have 100% coverage in BMP class
      Add many tests for datasets
      Delete dead code
      clang-format on datasets.cpp
      Hide public details
      Add new tests for Iptc classes
      Delete unused IptcKey copy operator
      More tests
      Remove dead code
      More tests for IptcDataSets
      upgrade coverage scripts
      Recover some documentation strings
      Use auto to reduce verbosity around code dealing with iterators
      Add some TODO comments
      Remove dead code
      Simplify code around UniquePtr(s) & use make_unique over new
      Fix build on linux
      Simplify cloning in actions
      Modern implementation of Singleton
      Simplify TaskFactory
      Remove useless ops
      add doc pvs studio
      Add PVS-Studio to a Github action
      Allow to run special builds with manual dispatch
      Extracting secrets from github
      Run pvs-studio from build directorin where json file is
      Reduce retention days to 7
      Be more explicit in codecov.yml
      cmake: export compile commands
      Revert "Delete dead code"
      ci-conan: be more explicit about desired compiler in conan profile (#2085)
      Remove deprecated test file
      remove usage of exiv2json in a test (#199)
      Move all tests depending on sample applications to bash_tests
      Remove deprecated bash tests
      cmake: warning message when python3 is not found
      Upgrade documentation regarding CMake & Tests (#2088)
      ci: remove conanCache from release workflow. Use newer python (#2092)
      Add system test to reproduce issue with special characters
      Remove dead code around EXV_UNICODE_PATH
      windows: Trick to get UTF-8 encoded argv in main entry point
      Replace platform specific code with std::filesystem
      ci: Use MSYS UCRT environment
      doc: update notes about MSYS
      Remove unused PRINTUCS2 CMake option
      Apply suggestions from code review
      Fix remaining wrong brackets
      Include CanonFlashInfo (somehow missing after cherry-picking)
      Use AutoRotate
      Add characterisation test for ImageFactory::create(type)
      Replace ImageType namespace by a enum class
      No need anymore to include each image header to use the ImageFactory
      New tests to check what happens with ImageFactory::create(crazyValue)
      bug: Fix crash when calling ImageFactory::create(none)
      test ImageFactory::load with existing images in test/data
      Add tests for ImageFactory::checkMode (for all the supported image types)
      Change order of ImageType values
      doc: Remove CI PR-status from main README
      ci: Do not run CI jobs on documentation changes
      Move exiv2 app into its own folder
      add characterisation tests for utils
      simpler implementation of startsWith
      Remove startsWith from utils
      replace is only used in actions.cpp
      Utils::strtol only used in the app
      Remove unused headers
      Replace dirname implementation with std::filesystem
      Replace basename implementation with std::filesystem
      Replace suffix implementation with std::filesystem
      get rid of suffix
      Remove Util::dirname and finally the util files
      Fix build on Windows
      Improvements in urlencode
      Make urldecode in-place
      Use std::filesystem for fileExist
      Hide pathOfFileUrl in the only place where it is used
      BasicIo::path() returns const ref
      ReplaceStringInPlace does it in-place now
      Use rename from filesystem
      Use remove from filesystem
      Image::setComment now takes string_view
      Remove dead code (winNumberOfLinks)
      Remove dead code (LSTAT)
      Remove dead code: copyXattrFrom
      Remove dead code
      Replace dynamic C array by std::vector
      cppcheck: reduce scope of variables
      Replace raw loop for any_of
      Use filesystem in getExiv2ConfigPath
      Remove many redundant or not needed header inclusions
      Use fs::file_size instead of stat
      Clean config.h from old stuff
      Clean more header inclusions
      Use standard [[maybe_unused]]
      Fix build on linux
      Improvements from code review
      Fix build when EXIV2_BUILD_MESSAGES is ON
      Move params construction to the .cpp file
      Implement Params singleton in modern C++ way
      Hide member variable
      Replace dynamic array for std::vector
      Build hash table in place
      Avoid naked new operator in sample apps
      Replace naked new operators
      Replace DataBuf internal buffer with std::vector
      Replace c style arrays by std::array
      Fix another case revealed by tests
      Simplify DataBuf
      No need to define copy & move ctors
      Remove useless DataBuf::clear()
      Factor out duplicated piece of code
      Several transformations on DataBuf + migration to size_t
      Fix issues found by fuzzer
      Fix warnings and place return statements separated from if
      Fix more issues found by fuzzer
      Fix windows builds
      Use SPDX for licenses (#2122)
      Do not define not needed stuff
      Remove unused file
      _fileno is only for Windows
      Remove unused stuff
      Removing unused headers thanks to IWYU
      hexdump to size_t
      Use [[maybe_unused]]
      Add missing header to the CMake configuration
      Removing unused headers thanks to IWYU
      Use SPDX identifiers in more files
      Fix build on Windows
      Use auto for unique pointers
      Fix mac build
      C++-style headers
      windows.h
      Fix debug builds
      Should fix build in some Linux distros
      Convert Exiv2::ErrorCode into an enum class
      remove templating & simplify error message
      CI: Add new workflow to check clang-format
      Remove dead sample apps
      Add bash script to format whole project
      Update .clang-format file & apply clang-format to whole project
      doc: add clang-format notes to CONTRIBUTING.md
      Jp2Image: Implement more checks from JP2 standard + fix bug
      Adapt tests to changes in JP2
      JP2 - stronger checks on Signatuer and FileType boxes
      Fix windows build
      Rename variables for better readability
      Help for formatting enums & arrays with clang-format
      Remove most of the asserts from codebase
      Improve compare function: no need to count chars
      Usage of EXIT_SUCCESS/FAILURE instead of hard-coded values
      Remove DataBuf::copyBytes and use std::copy instead
      Remove useless static_casts
      Update .clang-format to align pointers to the types
      Fix out of bounds read in isValidBoxFileType()
      Remove exiv2json sample and tests depending on it
      ci: split command in several lines
      ci: Use interprocedural optimization (LTO) in releases
      cmake: exiv2-xmp is now an OBJECT library
      Detect integer-overflow and throw in that case
      Add POC file
      Link fuzz app against std::filesystem libraries
      Fix integer overflow #2179
      Move Photoshopb class to internal namespace
      Include missing iostream header in photoshop.cpp
      Use std::pair to return multiple values
      Use .front() to avoid warning from static analysis
      Fix issues on ARM builds (#2205)
      Throwing when trying to access TooFar elements in DataBuf
      Fixing bad usages of DataBuf (when it is empty)
      DataBuf::c_data() returns nullptr when empty + avoid duplication
      More tests for DataBuf read/write functions
      Remove duplication by using templates
      Test parseUint32 and fix it when number is out of limits
      More tests for rational convertions
      Move string helpers to utils
      Reduce amount of string transformations
      Remove deprecated todo
      Move 1-liner to header file
      utils are in Internal namespace
      Revert some boilerplate which is not needed
      ci: move pvsStudio job to its own workflow & use new flag
      Fix special builds for main
      Update ubuntu-latest tag to ubuntu-22.04 (#2439)

Matthias Kuhn (1):
      Fix building on ios

Michael Allman (7):
      Make Exif.NikonAf2.ContrastDetectAFInFocus and
      Add autogenerated documentation for NikonAf22 tags to html docs
      Print value of ContrastDetectAFInFocus as Yes/No. Change internal
      When selecting which version of nikonAf2 metadata to parse, include the
      Document origin of data size specifications for Nikon maker note tag 0xb7
      Add a workflow build/test for macOS+Sanitizers
      Guard against parsing "inf" into an int64 in the EasyAccess/ISO API.

Miloš Komarčević (71):
      Add Exif Gamma tag
      Update Gamma tests
      Improve printing of GPS info
      Improve precision of GPS lat/lon printed values
      Correct GDS distance unit in description
      Add Exif Gamma tag
      Update Gamma tests
      Improve printing of GPS info
      Improve precision of GPS lat/lon printed values
      Correct GDS distance unit in description
      Update bmffimage.hpp include order and path
      Add Sony ARW compression to dict
      Update test for image/jxl
      Extending Nikon3.ColorBalance version coverage
      Fold into common 02xx versions
      Limit CR3 previews to JPEG only
      Expose unsupported CR3 previews as binary
      Add more DNG 1.6 tags (#2023)
      Forward CI changes
      Do not use exact string match for errno output
      Improve config file platform test
      Strip XMP raw packet before decoding
      Update tests after XMP stripping
      Update CI actions (#2143)
      Initial support for OM System MakerNote
      Add OM System MakerNote test
      Add some F mount lenses
      Account for header bytes for Exif and XMP boxes
      Add more JXL tests
      PNG: always strip the existing iCCP chunk
      Add Nikon LensData v0802
      Add more Nikon Z lenses
      CI: cancel running jobs on updates
      Add Nikon3.WhiteBalanceBias2
      Exif start can be at any byte in payload, not word aligned
      Support brotli compressed boxes in JPEG XL
      Update README for brotli dependency
      Match Conan's cmake find module case for Brotli
      Use local cmake module path the last
      Make brotli dependency controllable
      Install deps for and bump CodeQL action
      Use safe add to prevent overflow
      Avoid buffer reallocation (#2392)
      Add more Canon RF lenses
      Add an RF lens regression test
      Remove translatable mark from RF lenses
      Add more Canon RF lenses and camera IDs
      Add Canon R6m2 ID
      CI: improved in-progress job canceling
      CI: bump conan version
      CI: bump clang-format actions
      Prefer writing PNG eXIf chunk
      CI: inih now available for Cygwin
      Handle relative and absolute paths for pkg-config file
      Add static linkages to pkg-config file
      Switch to CMake provided FindIconv
      Export QuickTimeVideo
      Update some Canon IDs (#2501)
      Explicitly include stdint (#2558)
      Add some more Nikon Z lenses
      Add Sony ZV-E1 ID
      Fix shared object versioning
      Add equivalent soversion to meson build
      makernotes: workaround for Olympus header corruption
      Update Sony file format table
      Support for parsing DCP files
      Add DCP regression test
      Add DCP to list of supported file types
      Add test case for #2542
      Add regression test output
      Make CMake summary for samples depend on app

Mohamed Ali Chebbi (37):
      1748 Video Support in V1.0: part 1/3 : support MatroskaViedo (#2413)
      1748 Video Support in V1.0: part 2/3 : support Riffvideo (#2415)
      1748 Video Support in V1.0: part 3/3 : support Asfvideo (#2416)
      Encapsulate video support with compilation variable EXV_ENABLE_VIDEO (#2448)
      add test/data for video support
      add test/data for video support : delete filename (unuseful)
      add test/data for video support : make asfvideo more readable and fix some issues
      add test/data for video support : gix issue in riff video and reference data test
      add test/data for video support : format issue
      Rework Asf and Riff formats ; add test/data for video support
      Format issue
      add test/data for video support : fix ci issue
      add test/data for video support : windows compilation issue
      add test/data for video support : Format issue
      add test/data for video support : Fix test issue
      add test/data for video support : Fix codeQL warnings
      add test/data for video support : add enforce exceptions
      add test/data for video support : delete riff HeaderReader
      add test/data for video support : delete unused parameter from readList method
      add test/data for video support : restore Riff HeaderReader and reserve addtional byte in readStraingTag
      add test/data for video support : use readStraingTag instead of read
      add test/data for video support : enhance Debug messages
      add test/data for video support : rename Xmp.video.Duration to Xmp.video.duration
      add test/data for video support : rework readStringWcharTag method
      add test/data for video support : rework readStringWcharTag method 2
      rework of aspectRatio calculation for all video formats and rework the decoding of asf tags
      compilation issue on Mac OS
      compilation issue on Mac OS 2
      compilation issue on Windows
      fuzz issue : check that block is not corrupted before decoding
      fuzz issue : add debug message for futur use
      asfvideo fuzz issue : nb_headers should not exceed the max value of uint32
      Current master fails with image #2565
      Current master fails with image #2565: segmentation fault when trying to access outofband offest
      Current master fails with image #2565: segmentation fault when trying to access outofband offest: check all locations
      Update src/jpgimage.cpp
      Current master fails with image #2565: segmentation fault when trying to access outofband offest: add test files

Moshe Kaplan (1):
      Update README.md

Nehal J Wani (1):
      Exiv2 v0.28.0

Peter (18):
      Add camera models for NikonFl3 makernotes group (#1994)
      Fix minor whitespace formatting
      Fix pr#2053 for native Windows builds (#2058)
      Fix `exiv2`: verbose extract stdout mutli-file (#2068)
      Fix test_pr_1905.py for native 2019msvc64 (#2108) (#2112)
      Add tag website build text to README.md (#2113)
      Add tag description option to exiv2 app (#2279)
      Update olympus tags (#2246) (#2249)
      Add request for exiv2 version/source (bug report) (#2331)
      Update Nikon flash tags (#2274)
      Update git issue report (#2334)
      Update git feature request (#2342)
      Update Sony(1|2) tags (#2323)
      Fix/add exceptions for BMFF based files (#2364)
      Update makernote model ID tags (#2389)
      Fix seg fault when using `iconv_open()` (#2403)
      Update README.md wrt BMFF (#2405)
      Update `Exif.SonyMisc3c.*` and `Exif.Sony(1|2).SonyModelID` (#2420)

Peter Kovář (2):
      Corrected JPEG XL file type
      Removed tag handled separately

Robin Mills (38):
      bump_v1.00_version
      Ubuntu 18.04 is failing because it's using python2!
      fix_ci_ubuntu18.4
      Try 2.
      Try 3.
      Try 4.
      Give up.  Restore original script and comment off/exclude 18.04
      I thought the 18.04 request was commented off.  Apparently not.  Throw it away.  Shshshssssss.  FFfffff.
      Commented off code was good.  WebUI confused me.  Manually go back (apparently no reverse gear on git).
      fix_enableBMFF_v1
      Only reveal class bmffimage in include/exiv2/bmffimage.hpp ifdef EXV_ENABLE_BMFF
      fix_1558_cmake_build_type
      bump_v1.00_version
      fix_enableBMFF_v1
      Only reveal class bmffimage in include/exiv2/bmffimage.hpp ifdef EXV_ENABLE_BMFF
      Fix Cygwin64 to use  -std=gnu++11 (instead of -std=c++11).  MinGW/msys2 remains broken on CI.  It's OK on my machine.
      Fix icc_test which is failing on Linux:
      Fix Ubuntu 20.04/Release/Sanitizer test breaker
      Don't build with C++98 on Cygwin jobs
      GitLab/Fedora/MinGW Disable EXIV2_TEAM_WARNINGS_AS_ERRORS.
      exifprint_lint
      Forgive "SHORT or LONG" tags.  Add test code.
      Fixing typos.
      Fix python test code to run on Windows.
      fix_1516_include_path
      Update SECURITY.md
      fix_1416_iptc_DateCreated (#1547)
      Updating documentation to respect ctest.
      Restored test lensTest.  Minimized differences between main/README.md and 0.27-maintenance/README.md.
      Adding version_test.py.
      Fixes following review.
      Fixes following review.
      Fix `$ $` typo.  Well spotted, @kmilos.
      Fixing tests.  test_issue_981.py is now running all 6 commands.  The output Key has correctly changed.  The type and value are wrong.
      Rewire Canon MakerNote 0x0026 (AFInfo) to allow TiffDecoder::decodeCanonAFInfo to handle this tag.
      Fixing test following Christoph's Review.  (Christoph is one clever Mother!)
      Fix regressionTests with modified reference files.  `cp test/tmp/* test/data/test_reference_files/`
      Delete contrib/organize directory

Rosen Penev (425):
      xmpsdk: don't use register
      clang-tidy: use = delete
      clang-tidy: use braced init list
      convert Pair to std::pair
      clang-tidy: range for loop conversions
      clang-tidy: use = default
      clang-tidy: simplify boolean expressions
      clang-tidy: don't check for NULL with delete
      clang-tidy: use using
      clang-tidy: remove pointless static
      clang-tidy: use default member init
      clang-tidy: use override
      clang-tidy: use empty() instead of comparing size
      clang-tidy: don't use string compare
      clang-tidy: remove pointless string init
      clang-tidy: empty() conversions
      clang-tidy: simplify boolean expression
      default con/destructors in headers
      clang-tidy: fix declartation names
      clang-tidy: remove redundant member init
      fix bad for range loop
      clang-tidy: remove duplicate public
      clang-tidy: remove pointless const
      fix compilation with EXIV2_DEBUG_MESSAGES
      clang-tidy: add ending namespace comments
      clang-tidy: fix badly indented if
      clang-tidy: make several member functions const
      clang-tidy: don't use else after return
      replace {} initialization with fill
      clang-tidy: use uppercase numeric literals
      clang-tidy: range loop conversions
      manual for range loop conversions
      clang-tidy: use auto
      clang-tidy: run through performance checks
      clang-tidy: pass by value
      remove pointless constructors
      clang-tidy: init in member initializer
      more constexpr
      clang-tidy: convert to static
      clang-tidy: add missing explicit
      clang-tidy: use C++ casting
      some range loop conversions
      Jzon: algorithm conversions
      clang-tidy: remove pointless return
      clang-tidy: fix ending namespace comnments
      use auto in template
      clang-tidy: no else after return
      clang-tidy: use dynamic cast
      default con/destructors in headers
      clang-tidy: remove pointless member init
      remove initializers
      remove some pointless std::set
      clang-tidy: avoid global non const variables
      clang-tidy: use nullptr
      remove old MSVC hacks
      clang-tidy: simplify bools
      clang-tidy: do not use else after return
      clang-tidy: use default member init
      clang-tidy: use = default
      con/destructor fixes
      clang-tidy: replace virtual with override
      clang-tidy: do not use 0 for bool
      clang-tidy: remove dedundant initializer
      clang-tidy: replace throw with noexcept
      clang-tidy: remove redundant specifiers
      clang-tidy: pass by value
      clang-tidy: use auto
      clang-tidy: use override
      clang-tidy: add explicit
      clang-tidy: use nullptr
      clang-tidy: use braced init list
      remove most usages of std::make_pair
      use more emplace_back
      make array constexpr
      move namespace fs below includes
      move initializations to class
      simplify ReplaceStringInPlace slightly
      clang-tidy: use braced init list
      clang-tidy: use concat namespaces
      clang-tidy: use default
      clang-tidy: use auto
      clang-tidy: range loop conversion
      clang-tidy: replace typedef with using
      constexpr string conversions
      manual braced init conversion
      clang-tidy: use emplace_back
      manual nullptr conversions
      clang-tidy: use empty() instead of size()
      clang-tidy: remove pointless get()
      clang-tidy: simplify bool
      clang-tidy: get rid of compare() usage
      clang-tidy: remove C casts
      replace several typedefs with using
      use make_unsigned_t
      misc stuff
      clang-tidy: add some missing operators
      manual namespace concatenations
      clang-tidy: add ending namespace comment
      clang-tidy: don't use else after return/throw
      conversions to make_unique
      manual unimplemented operator = delete
      remove some new
      replace EXV_COUNTOF with std::size
      clang-tidy: don't use C casts
      manual move conversions
      manual nullptr removals
      some std::array conversions (#2148)
      clang-tidy: C array to std::array conversions
      std::array conversions
      find to std::find
      static constexpr conversions
      remove various usages of memset
      const member function
      const variable
      use empty()
      add missing destructor
      use = delete and move to public
      delete
      nodiscard addition
      std::function
      remove unused var from deleted stuff
      clang-tidy: use auto
      clang-tidy: add more nodiscard
      clang-tidy: use default
      function move
      clang-tidy: use C++ headers
      replace Sleep with sleep_for
      some chrono
      clang-tidy: use any_of
      clang-tidy: no else after return
      clang-tidy: do not use using namespace
      clang-tidy: fix inconsistent decleration
      C to std::function
      struct to std::pair conversions
      structured binding conversions
      use auto
      clang-tidy: add parentheses to macros
      clang-tidy: use strcmmp properly
      replace ret variable with return statement
      try to actually fix null pointer deref
      remove some unique_ptrs
      clang-tidy: default member init
      clang-tidy: replace throw() with noexcept
      clang-tidy: use delete
      clang-tidy: use nullptr
      clang-tidy: manual clang-tidy fixes
      clang-tidy: manual special functions
      replace malloc/free with new/delete
      algorithm conversions
      remove unused class declarations
      add constexpr constructor
      remove default constructor
      clang-tidy: default member init
      std::pair conversion
      minor clang-tidy fixes (#2213)
      std::function conversions
      clang-tidy: remove const params in decls
      reference conversions
      remove const std::function
      fix misplaced const
      remove some double pointer stuff
      replace readlink with std::filesystem
      fix mmap compilation
      use _v
      clang-tidy: replace pointer magic with data()
      clang-tidy: add missing special member functions
      clang-tidy: C casts to C++
      clang-tidy: use default member init
      clang-tidy: add missing override
      clang-tidy: use C++ casts
      clang-tidy: no else after return
      clang-tidy: some llvm- warnings
      clang-tidy: remove const char operator
      pass bool by value
      clang-tidy: remove const
      clang-tidy: use auto
      clang-tidy: missing override
      clang-tidy: replace + with append()
      clang-tidy: fix mismatching declaration variable
      try to fix some fanalyzer warnings
      clang: remove pointless ; at the end of function
      remove friend operator
      clang-tidy: use '' for find
      fix some gcc -Weffc++ warnings
      find_if conversion
      find_if and lambda conversions
      use some auto
      make upper the same as lower
      const ref conversions
      remove pointless &*
      remove string_view from headers
      Make headers compatible with C++11
      return make_unique directly
      make_unique conversions
      po: update files
      replace [0] with front() where applicable
      sonarlint: replace lock_guard with scoped_lock
      sonarlint: replace loop with find_if
      sonarlint: add an empty do while loop
      clang-tidy: use auto
      clang-tidy: avoid C casts
      replace shared_ptr with make_shared
      misc sonarlint changes
      replace structs with std::pair
      strcmp to == conversions
      remove GroupName struct
      get rid of extern const
      simplify switch statement with returns
      enum class conversion
      remove unused using
      remove explicit constructor
      default init static variable
      const conversions
      misc sonarlint cleanups
      remove c_str for fs stuff
      fix compilation with mingw iconv
      remove pointless UNUSED statement
      fix iconv handling and windows
      simplify some defines
      manual replacement of [0] with front()
      don't use w32 sockets for cygwin
      revert std::function back to function pointers
      remove constructor
      fix compilation without mmap and non win32
      cmakelists.txt: run through cmake-format
      replace custom gcd function with std
      std::to_string conversions
      remove pointless x_default variable
      move structured bindings up
      remove using
      Add more MIME type mappings for TIFF-based raws
      misc sonarlint stuff
      use reference to work around MSVC bug
      cland-tidy: simplify booleans
      get rid of nested if conditions
      replace find/rfind with startsWith
      Use std::enable_if_t and std::is_signed_v.
      early exit
      clang-tidy: various fixes
      clang-tidy: use make_unique
      use find instead of std::find_if
      replace any_of with find
      use some future C++ stuff when possible
      static_cast make_unsigned
      clang-tidy: apply to newly merged stuff
      get rid of -fanalyzer memory leaks
      clang-tidy on Windows
      use some if constexpr
      fix __cplusplus check for MSVC
      wmain: build as c++ instead of c
      manual default member init
      add const
      avoid reassignment
      remove double libintl check
      return nullptr instead of reset
      fix copy constructors
      add missing const
      use find instead of count
      replace substr with resize/pop_back
      remove unused variable
      static_cast
      xmpsdk: Fix dangling pointer warning
      fix C++20 deprecation warning
      fix WIN32 macro
      std::find to find template
      more std::find to Exiv2::find
      use gnu_printf
      move inline to declaration
      clang-tidy: add const to parameter
      safe_op: C++17 improvements
      add support for gcc and clang 7
      namespace enforce.hpp functions to Internal
      use __has_include
      remove manual math
      work around windows.h min/max macros
      move initialization up
      default initializations
      remove deleted Image member functions
      do the same for Io functions
      more delete removals
      remove some overriden defaulted destructors
      add missing member functions
      remove deleted members from static classes
      add meson build
      add basic meson CI
      meson: g++-[789] build
      use EXV_ICONV_CONST
      remove mmap/munmap checks
      remove unused defines
      add missing &
      meson CI: test static library as well
      remove constructors
      simplify loop
      std to Exiv2 find
      clang-tidy fixes for recent stuff
      swap variables
      use numeric limits instead of -1
      don't assign in while
      replace switch with if/return
      unreachable code
      use if constexpr
      fix comma warning
      fix implicit conversion
      clang-tidy: cast initial variable
      clang-tidy: don't assign in if
      use lower()
      clang-tidy: replace memcpy with copy_n
      replace standard check with feature test macro
      replace std::pair and tuple with C structs
      clang-tidy: no else after return
      clang-tidy: add explicit
      meson: make xmp boolean a feature
      meson CI: build with verbose
      meson CI: add library type to name
      meson CI: add special clang and libc++ CI
      meson: add support for linux libc++fs
      meson: bump warning level
      link against gtest-main
      remove base constructor
      github CI: install gtest with brew
      unitTests: fix old API usage
      make conversions explicit
      use upper() function
      fix memory leak
      replace localtime with _s/_r variant
      explicit conversion
      fix wrong snprintf format
      replace array with vector
      use count_if
      use std::replace
      meson: split off internal library
      meson: add unit tests
      template second parameter for startsWith
      add contains function
      meson: move warning/sanitizer stuff to CI
      meson CI: build as C++20
      avoid shadowing warning
      github CI: add dependabot
      github CI: install regular conan
      github CI: use python -m pip
      default init variable
      fix off by 1 error
      cast expression
      close socket before return
      direct init structs
      clang-tidy: default init various members
      Remove some constructors
      use find()
      use GetCurrentProcessId on Windows
      github CI: remove no warning options
      meson CI: use env section
      meson CI: add lld to clang
      meson CI: add more clang versions
      meson CI: add GCC10 too
      meson CI: build for 32-bit Windows too
      meson CI: add /analyze for MSVC
      github CI: use env
      github CI: remove EXIV2_ENABLE_VIDEO
      github CI: use ilammy/msvc-dev-cmd
      github CI: test x86 on Windows
      coverity: add move operations
      get rid of convertToUint64
      coverity: remove dead code
      SonarLint cleanups
      github CI: update conan
      github CI: remove NoConan
      meson: update wraps
      github CI: update conan
      add various moves
      meson CI: use vc++latest
      fix compilation under FreeBSD
      remove old MSVC workaround
      remove MSVC hacks
      replace enable_if with if constexpr
      clang-tidy: no _ in tests
      get rid of Key() move operations
      gcc: remove redundant struct
      gcc: noexcept
      gcc: ifdef
      random fixes
      extern to static
      MSVC warning fixes
      remove inline function
      don't assign an fs::path to a string
      clang-tidy: don't use non const refs
      more SonarLint cleanups
      clang: fix various documentation errors
      clang: small fixes
      remove several constructors
      constexpr some constructors
      remove constexpr
      std::array removals
      get rid of EXV_CALL_MEMBER_FN
      geotag: add GCC7 support
      make runner.py executable
      meson: build samples
      meson: remove now unused checks
      easyaccess const changes
      remove codecvt
      direct initialize some structs
      clang-tidy: remove const from data members
      meson: fix tests when zlib is disabled
      geotag: fix compilation with MSYS
      don't compile WIN32 stuff when iconv is present
      meson: build iconv with FreeBSD
      meson CI: add FreeBSD
      meson CI: remove static build
      meson CI: add MSYS2
      use using in slice
      remove EXIV2API from src
      meson: add libobsd wrap
      meson: only define MinGW stuff for non UCRT
      meson CI: move clang workflow to the same file
      meson CI: test oldest and newest compilers only
      meson CI: remove /analyze
      meson CI: test all features enabled and disabled
      meson: fix UCRT check
      convert manual loop to find
      remove some unused defines.
      sonarlint cleanups
      clang-tidy: add nodiscard
      const ref to ref conversions
      clang-tidy: replace defines with enum
      simplify loops
      fix asfvideo unicode handling

Shawn Baker (1):
      libcurl is now optional. Updated to the latest versions of libcurl and expat. (#1992)

Steve Robbins (1):
      xmpsdk: Unconditionally use <stdint.h>

Sturmflut (8):
      Add Sigma 12-24mm F4 DG HSM Art lens for Nikon
      Add test for Pull Request #2069 (Sigma 12-24mm F4 DG HSM Art lens for Nikon)
      Fix branch names in CONTRIBUTING.md (master was renamed to main)
      Fix branch names in GIT_GUIDELINES.md (master was renamed to main)
      [nikon] Add Tokina AT-X 14-20 F2 PRO DX lens
      [nikon] Add instructions for adding new Nikon F mount lenses
      [tests] Add test for Tokina AT-X 14-20 F2 PRO DX lens on Nikon bodies
      [nikon] Add Tokina ATX-i 11-20mm F2.8 CF lens (#2072)

Viktor Schneider (17):
      add support for more fujifilm tags
      remove auto range for DynamicRangeAuto setting
      print newer labels first when interpreting Fujifilm tags
      remove redundant TagDetails and fix formatting
      add some fujifilm tags from exiftool and extend TagDetails
      remove TODO entries
      fix typo in fujiSharpness and prevent undefined behaviour when shifting signed values
      add comment that fujiColor value 512 differs from exiftool
      update test cases to respect new fujifilm tags
      apply fujif…
clrpackages pushed a commit to clearlinux-pkgs/exiv2 that referenced this issue Jun 9, 2023
…27.6

Antonio Rojas (1):
      Fix build with gtest 1.11

Attila Oláh (1):
      Fix compilation with -Wunused-variable

Christoph Hasse (4):
      fix: avoid processing MOV (quicktime) files when BMFF is enabled
      fix: incorrectly triggered enforce check during preview extraction in LoaderTiff::getData(), closes #1829
      workaround for softprops/action-gh-release#139
      fix naming of canon EF 35-80mm.closes #2247

David Houlder (2):
      Canon cr3 previews (#1958)
      Performance boost: don't read boxes we're not interested in

Heiko Bauke (1):
      fix out of range access, minor performance improvement

John55h (1):
      Update canonmn_int.cpp

Kevin Backhouse (140):
      Regression test for GHSA-5p8g-9xf3-gfrr
      Improve bound checking in WebPImage::doWriteMetadata()
      Regression test for GHSA-jgm9-5fw5-pw9p
      Better bounds checking in Jp2Image::encodeJp2Header()
      Fix signed/unsigned compiler warnings.
      Regression test for GHSA-8949-hhfh-j7rj
      Add more bounds checks in Jp2Image::encodeJp2Header
      Regression test for GHSA-7569-phvm-vwc2
      Add bounds check in Jp2Image::doWriteMetadata().
      Fix infinite loop caused by subBox with zero size.
      Prevent large allocation.
      Initialize field.
      Use readOrThrow to check error conditions of iIo.read().
      Fix quadratic complexity performance bug.
      Regression test for Exiv2/exiv2#1570.
      Fix out-of-bounds read in bmffimage.cpp
      Stop the test from failing when EXIV2_ENABLE_BMFF=Off.
      Fix signed/unsigned compiler warning.
      Fix signed/unsigned compiler warning.
      Fix LGTM warning about format specifier
      Check that the string is properly terminated.
      Regression test for GHSA-mv9g-fxh2-m49m
      Don't crash if s > size.
      Print message to stderr when EXIV2_DEBUG_MESSAGES is enabled.
      fix: use vector::at() rather than operator[] (#1735)
      fix: zero initialize local variables. (#1737)
      fix: stricter date parsing in value.cpp (#1720)
      Regression test for GHSA-pvjp-m4f6-q984
      Prevent divide-by-zero crash.
      Defensive coding to avoid 0x80000000/0xFFFFFFFF FPE.
      fix: fix incorrect loop condition (#1752)
      Regression test for GHSA-h9x9-4f77-336w
      Throw exception if lens info wasn't found.
      Check that findKey didn't return end().
      Regression test for GHSA-583f-w9pm-99r2
      Better bounds checking in Jp2Image::printStructure
      Regression test for GHSA-hqjh-hpv8-8r9p
      Extra checking to prevent the loop counter from wrapping around.
      Defensive coding changes to avoid integer overflow in loop conditions.
      Better fix for potential integer overflow in `bytes.size() - 3`.
      Type of escapeStart should be size_t.
      Regression test for GHSA-v5g7-46xf-h728
      Check that `type` isn't an empty string.
      Safer std::vector indexing.
      Better way to print the error message.
      Regression test for GHSA-m479-7frc-gqqg
      dirLength == 0 can cause an infinite loop.
      Defensive programming in Image::printIFDStructure
      Regression test for GHSA-9jh3-fcc3-g6hv
      Make sure that read is complete to prevent infinite loop.
      Regression test for https://github.com/Exiv2/exiv2/security/advisories/GHSA-g44w-q3vm-gwjq
      &bytes[0] will crash if bytes has zero elements.
      Skip unittest because -pR is disabled in release builds so the test fails.
      Remove redundant check.
      Regression test for GHSA-mvc4-g5pv-4qqq
      bufRead needs to be adjusted after seek()
      Improved handling of jpg segments to avoid out-of-bound reads.
      Fix compiler warning.
      Update src/jpgimage.cpp
      poc from GHSA-9jh3-fcc3-g6hv can now be parsed without error.
      Add comment to explain bounds-check.
      Fix build error when EXIV2_DEBUG_MESSAGES is enabled.
      Fix warning: comparison of integer expressions of different signedness
      Regression test for Exiv2/exiv2#1812
      Check size before allocation to avoid out-of-memory errors.
      Regression test for Exiv2/exiv2#1815
      Add bounds-check to prevent out-of-bounds read in memcmp.
      Regression test for Exiv2/exiv2#1817
      Use DataBuf, rather than new[], for automatic delete when an exception is throw.
      Regression test for Exiv2/exiv2#1819
      Check that the string isn't empty
      Add static_cast to fix build error on Windows.
      Add comment to explain the bounds-check.
      Regression test for Exiv2/exiv2#1827
      Check value is in range before casting from double to uint32_t, to avoid undefined behavior.
      Update src/tags_int.cpp
      Regression test for Exiv2/exiv2#1830
      Safer casting from double to long.
      Replace assertion with an error message.
      Regression test for Exiv2/exiv2#1838
      Check that the float is within the range of an int before casting.
      Regression test for Exiv2/exiv2#1841
      Use DataBuf rather than raw malloc.
      Replace assertion with an error message.
      Test for Exiv2/exiv2#1821
      Regression test for Exiv2/exiv2#1845
      Replace assertion with an error message.
      Regression test for Exiv2/exiv2#1793
      Add `pbox_end` param to `BmffImage::boxHandler` to enforce box nesting.
      Support for 64-bit box lengths looked broken.
      address + box_length == box_end
      Extra protection against large allocations.
      Fix compiler warnings.
      Fix format specifier.
      Backport other minor fixes from main.
      Fix compiler warning.
      Don't use `auto` on 0.27-maintenance.
      Back-port Actions and fuzzer to the 0.27-maintenance branch
      Fix for Exiv2/exiv2#1856
      Set -DEXIV2_ENABLE_BMFF=ON in the Actions workflows.
      Fix mistake in macOS release workflow.
      Update version: 0.27.5.1 (0.27.5 RC1)
      Add doc to release build.
      Remove failing Conan steps from macOS workflow.
      Update releasenotes.txt
      Credit to OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=37363
      Add test to improve code coverage.
      Don't use C++11 features.
      Fix expat link error on Windows.
      Only build XMLValidator when XMP is enabled.
      Regression test for Exiv2/exiv2#1881
      Credit to OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=37492
      Add second test file for better code coverage.
      Regression test for Exiv2/exiv2#1887
      Credit to OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=37889
      Standardize on conan 1.39.0
      Credit to OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=38887
      Add regression test to Exiv2/exiv2#1918
      Regression test for Exiv2/exiv2#1901
      Comment out bogus code.
      Add more checks to prevent integer overflow.
      Throw an exception on integer overflow.
      Fix indentation
      Fix build error on Fedora.
      We can't use decltype on the 0.27-maintenance branch.
      Add second test to improve code coverage.
      Add third test to improve code coverage.
      Add workaround for conan outage.
      Revert "Fix for Exiv2/exiv2#1856"
      Fix indentation
      Only include expat.h when XMP is enabled.
      DataBuf::read_uint methods don't exist on the 0.27-maintenance branch.
      Add bounds checking.
      Treat Exif.Sony1.PreviewImage as undefined tag.
      PoC image file for Exiv2/exiv2#2027
      Use memmove, rather than memcpy, because memory regions might overlap.
      Update tiffvisitor_int.cpp
      Fix bug in loop. It wasn't iterating over the elements of dateStrings as intended.
      Regression test for Exiv2/exiv2#2268
      Replace assert with enforce. (Fix for Exiv2/exiv2#2268)

Luis Diaz (4):
      ci: sync workflows with latest changes on main branch
      Fix out of bounds read in isValidBoxFileType()
      Add poc for fuzzing coverage
      ci: update conan version in ci jobs and dependencies version

Luis Díaz Más (15):
      ci: use always pip3 for installing conan
      ci: Use same travis jobs as in main (drop Ubuntu 16.04)
      New mergify config file to forward changes to main
      ci-travis: trying to fix valgrind build
      msvc: fix compiler warning on x86
      cmake: ignore PDBs warnings on Win/Debug/Static buils
      Increase the timeout from 20 to 60 seconds
      increase timeout
      Fix conan ci luis (#2018)
      0.27 Running tests with ctest (#2024)
      0.27 Nightly pre-builds for 0.27 (#2025)
      Fix JP2 write/read metadata
      Detect integer-overflow and throw in that case
      Add POC file for issue 2190
      Fix integer overflow #2179

Miloš Komarčević (30):
      Update bmffimage.hpp include order and path (#1648)
      Merge pull request #1548 from Exiv2/add_exif_gamma
      Check if embedded RAF image is really a TIFF
      Clarify comment on old vs new RAF
      Check I/O read result on RAF inspection
      Add test
      Limit CR3 previews to JPEG only
      Limit CR3 previews to JPEG only
      Expose unsupported CR3 previews as binary
      Streamline MinGW package installation for CI
      Update README.md for pacman command simplification
      Remove legacy MinGW CI builds
      Initial MSYS2 workflow for GHA
      Handle unused warnings
      Add more DNG 1.6 tags
      Switch Cygwin CI to GHA (#2032)
      Update conan for Windows CI
      Add Sony ARW compression to dict (#2046)
      Strip XMP raw packet before decoding (#2139)
      Update CI actions (0.27-maintenance) (#2142)
      Initial support for OM System MakerNote
      Add OM System MakerNote test
      Account for header bytes for Exif and XMP boxes (backport #2234)
      Add some F mount lenses
      PNG: always strip the existing iCCP chunk
      Add Nikon LensData v0802 (backport #2287)
      Add Nikon3.WhiteBalanceBias2 (backport #2311)
      ci: Upgrade conan to version 1.51.0
      Add more MIME type mappings for TIFF-based raws
      Exif start can be at any byte in payload, not word aligned

Nehal J Wani (3):
      Bump conan version
      Replace array with std::vector in decodeBase64()
      Exiv2 v0.27.6

Peter (3):
      Fix rename text in manpage (#2328)
      Fix bmff exception; Bump Conan version (#2375)
      Update docs concerning BMFF-based files (#2404)

Robin Mills (36):
      bump_release_number_0.37.4.39
      fix_enableBMFF
      Bump version number.
      Update releasenotes.txt
      update changelog
      fix_broken_man_page
      v0.27.4
      Fix Ubuntu 20.04/Release/Sanitizer test breaker
      update_docs_for_0.27.5.1
      Good catch, @hassec.  I noticed that change and thought "oh, somebody has update the man page.  I didn't know it searched the current directory."  I added that code 5+ years ago and forgotten what it does.  Right.  My bad.  I've fixed it.
      fix_1516_include_path
      update_docs_again
      update_27.5_docs_again
      Costmetic change to trigger CI.
      The CI is using cmake 3.10.  I've back-ported code from main/src/CMakeLists.txt
      bump_revision_27.5.2
      exiv2_v0.27.5RC3
      Build Trigger.
      Another build trigger.
      Exiv2 v0.27.5
      fix_1558_cmake_build_type
      retrigger checks
      retrigger checks
      retrigger checks
      add --verbose option for Cygwin/CI.  No idea why it's failing.  Been stable since I wrote it a year ago.
      Revert "add --verbose option for Cygwin/CI.  No idea why it's failing.  Been stable since I wrote it a year ago."
      The Cygwin/CI is broken. (#2003)
      Added a sentence to `5.4 Cygwin/64` about `apt-cyg`.
      Initial changes to documentation to support CTest.  I intend to integrate changes from main/README.md in this PR.
      Fixes following review.
      Bringing format/layout of 0.27-maintenance/README.md very close to main/README.md.
      Minor layout improvements.
      I've polished this and minimized the differences with main/README.md.  It's not possible to add lensTest into 0.27-maintenance without modifying Exiv2::getExiv2ConfigPath().
      Fixes following review.
      Fixes following review.
      fix_2044_add_tiff_tags
clrpackages pushed a commit to clearlinux-pkgs/exiv2 that referenced this issue Nov 2, 2023
…28.0

Alan01 (2):
      Create da.po
      Update da.po

Alex Esseling (36):
      work on canon tags
      second rund
      update tags ID
      update canonrf tags, new lenses
      update to tags
      Adding Ambience Selection to tag list
      Adding tag Canon AFMicroAdj
      Canon MultiExposure tag added
      Adding Canon Lighting Optimization Tag
      Adding of Canon Vignetting Correction Tag 2
      canon filter options
      Adding LensSerialNumber Tag
      Adding Canon AF Config Tag
      Adding Canon RawBurst Tag
      Canon AF Info 2 Tag
      wrong brackets fixed
      fix wrong brackets
      fix of tests case test_issue_981.py
      fix of test_issue_1151.py
      fix test_issue_1122.py
      ExposureCompensation added
      Exif.Canon.CanonFlashInfo
      Exif.CanonCs.SpotMeteringMode
      Exif.CanonCs.PhotoEffect
      Exif.CanonSi.NDFilter
      Exif.CanonSi.SelfTimer2
      Exif.Canon.CanonFlashInfo
      Exif.CanonSi.FlashOutput
      Exif.CanonSi.NDFilter
      fix test cases
      adding exposurecompensation
      OpticalZoomCode added
      fix typo Optical Zoom Code
      adding OpticalZoomCode
      AEB Bracket Value added
      controlmode added

Alexander Steffen (7):
      Add test for all known Canon lenses
      Execute test commands always with shell
      Remove undetectable lenses
      Clean up Canon lens list
      Fix rounding error in fnumber calculation
      Fix misdetection of Tamron SP AF 300mm as Canon EF 75-300mm
      Improve detection of Canon lenses with TC

Andrea Giudiceandrea (1):
      Add Exif.Image.PageName tag (#1765)

Antonio Rojas (1):
      Fix build with gtest 1.11

Attila Oláh (1):
      Fix compilation with -Wunused-variable

Ben McCann (1):
      Enable video support by default

Christoph Hasse (70):
      fix archlinux ci build
      docs: fix example command in man pages. closes #1685 (#1686)
      refactor!: remove free() function from DataBuf to avoid potential problems, see #1542
      feat: Setup github actions workflow to build tagged release and nightly pre-release (#1676)
      refactor: move canon lens tests into new test directory
      refactor!: use lensfun style nameing for lenses
      refactor: use function to calculate raw exif value given aperture
      feat: rework lens test to account for ambiguous lenses
      fix: readd some previously removed lenses now that we plan to trea ambiguous lenses
      fix: prevent creation of nightly release with  draf==true
      feat: improve lens recognition of canon makernote
      fix: fix bash test following the new canon lens identification
      fix: update tests following new canon lens identification
      fix: prefer symbolic boolean operators so windows is happy
      fix: make casts explicit to please msvc
      fix: workaround centos-8 bug-18212
      fix: allow for FX.Y syntax in aperture regex
      fix: change duplicated Canon RF 100-500 2x into missing 1.4 teleconverter version
      fix: avoid processing MOV (quicktime) files when BMFF is enabled
      fix: add Sigma 30mm f/1.4 DC DN | C to canon lens detection
      feat: add test for #1782
      refactor: remove FindRegex.cmake
      refactor: remove regex related cmake stuff
      refactor: replace old linux regex.h with regex from STL.
      refactor: use POSIX regex syntax as that is what was used before
      refactor: update readme to reflect regex changes
      refactor: avoid unused variable warning of regex_error
      refactor: remove leftover empty if statement
      remove exv_grep_keys_t type alias
      fix: SIGSEGV on parsing of config file. (introduced in main by clang-tidy fix)
      add test of config file based lens name determination
      first search cwd for config file then check home dir
      adapt test to make use of config file search in cwd
      adapt man pages to reflect new config file path behaviour
      Fixes for Max and Win
      make the ifdef in getExiv2ConfigPath a bit more minimal
      update man page to reflect what is done in code
      add Canon EF 100-400 2x, and make size of aperture lens matching delta dependent on teleconverter factor
      test: add new test for lens
      Update codecov badge in readme to show results of main branch
      refactor: small cleanup of test infra to avoid duplicate runs
      dont do codecov for samples and tests
      update codecov coverage github action and remove use of deprecated bash uploader
      check integrity of codecov executable
      check integrity of codecov executable
      fix: incorrectly triggered enforce check during preview extraction in LoaderTiff::getData(), closes #1829
      workaround for softprops/action-gh-release#139
      fix(testing): codecov reports (#2094)
      move test reference files into their own subdirectory
      feat(testing): add a new extensive regression test that runs exiv2 over every test file we have
      move test_regression_allfiles.py into its own subdirectory and add the test to cmakelists.txt
      Decoding of Canon HDRInfo tag
      fix(canon): cleanup canonAf2 and canonAf3 related code
      add .git-blame-ignore-revs file and add clang-format commit to it (#2170)
      also run format action on pull request
      fix naming of canon EF 35-80mm.closes #2247
      add files from #2247 to regression test suite
      fix(ci) disable webready and curl for release builds [ci skip]
      fix(ci) adapt to breaking changes of upgrading github-script [ci skip]
      fix(video) bmffimage can not currently handle mp42 files so skip those
      feat(video) revive quicktime.{h,cpp} and adapt to codebase changes.
      fix(video) filetype detection: handle video via quicktimevideo.cpp and other ftyp files in bmffimage
      test(video) add small video file to execute some code in quicktimevideo.cpp
      fix(video) clang-format quicktimevideo
      fix(video) dont throw in isQTimeType
      fix(quicktimevideo) silence windows warnings
      fix(quicktimevideo) cleanup and hardening as suggested in review by @kevinbackhouse
      fix(quicktimevideo) avoid out of bounds read, closes #2340
      test(quicktimevideo) add poc for #2340
      fix(doc) mention video support in exiv2.md

Colin Watson (2):
      Add custom update-pot target
      Annotate some strings with xgettext:no-c-format

D4N (1):
      Add linux_distribution_check github action

Daniel Vogelbacher (1):
      Use official Canon RF lens model names

David Houlder (2):
      Canon cr3 previews (#1958)
      Performance boost: don't read boxes we're not interested in

Dmitry Fedorov (4):
      fix for reading jpeg-xr images
      Update src/tiffimage_int.cpp
      Update src/tiffimage_int.cpp
      Added JPEG-XR test file (#1946)

Eli Schwartz (1):
      meson: compile convert.cpp separately, with just iconv

Evan Miller (2):
      Pass -fstack-protector-strong to linker
      Explicitly test for libproc.h (#1916)

Fabrice Fontaine (1):
      add BUILD_WITH_STACK_PROTECTOR option

Facundo (1):
      Output of -PV was not suitable for inputting to -m-, key was missing. (#1970)

Gribouilleuse (3):
      Addition of 4 lenses Pentax
      Addition of 4 lenses Pentax
      Uppercase Pentax to PENTAX at lines 819 to 822

Heiko Bauke (1):
      fix out of range access, minor performance improvement

Jakub Wilk (1):
      READMEs: Add whitespace around atx-style headers

Jeka Pats (1):
      Add libFuzzer integration + report bug

Jim Easterbrook (5):
      Hide "static constexpr auto" from SWIG
      Restore modified tags after TZ manipulation
      Add test files for PR 1999 / issue 1998
      Use \" instead of ' for exiv2 command string
      Add key name to "Value not set" error message (#2149)

John55h (1):
      Update canonmn_int.cpp

Josh Soref (1):
      Spelling (#2067)

Kevin Backhouse (288):
      Update security process.
      Regression test for https://github.com/Exiv2/exiv2/security/advisories/GHSA-jgm9-5fw5-pw9p
      Better bounds checking in Jp2Image::encodeJp2Header()
      Fix signed/unsigned compiler warnings.
      Regression test for https://github.com/Exiv2/exiv2/security/advisories/GHSA-5p8g-9xf3-gfrr
      Improve bound checking in WebPImage::doWriteMetadata()
      Regression test for https://github.com/Exiv2/exiv2/issues/1570.
      Fix out-of-bounds read in bmffimage.cpp
      Stop the test from failing when EXIV2_ENABLE_BMFF=Off.
      Fix signed/unsigned compiler warning.
      Fix signed/unsigned compiler warning.
      Fix LGTM warning about format specifier
      Check that the string is properly terminated.
      Add windows_distribution_check GitHub Action.
      Add more bounds checks in Jp2Image::encodeJp2Header
      Regression test for https://github.com/Exiv2/exiv2/security/advisories/GHSA-8949-hhfh-j7rj
      Add clarification about reproducibility requirements.
      Regression test for https://github.com/Exiv2/exiv2/security/advisories/GHSA-7569-phvm-vwc2
      Add bounds check in Jp2Image::doWriteMetadata().
      Fix infinite loop caused by subBox with zero size.
      Prevent large allocation.
      Use readOrThrow to check error conditions of iIo.read().
      Fix quadratic complexity performance bug.
      Remove obsolete snprintf macros.
      fix: zero initialize local variables. (#1743)
      fix: stricter date parsing in value.cpp (#1720)
      Replace sprintf with snprintf.
      feat: Codeql analysis (#1747)
      Defensive coding to avoid 0x80000000/0xFFFFFFFF FPE.
      Regression test for https://github.com/Exiv2/exiv2/security/advisories/GHSA-pvjp-m4f6-q984
      Prevent divide-by-zero crash.
      Defensive coding to avoid 0x80000000/0xFFFFFFFF FPE.
      fix incorrect loop condition (#1752)
      Regression test for https://github.com/Exiv2/exiv2/security/advisories/GHSA-h9x9-4f77-336w
      Throw exception if lens info wasn't found.
      Check that findKey didn't return end().
      Regression test for https://github.com/Exiv2/exiv2/security/advisories/GHSA-583f-w9pm-99r2
      Better bounds checking in Jp2Image::printStructure
      Add custom CodeQL query for null iterator deref.
      Regression test for https://github.com/Exiv2/exiv2/issues/1763
      Don't deref end iterator.
      CodeQL query to detect unsafe uses of std::vector::operator[].
      Updates to make fuzzing work.
      Rename fuzz target
      Add printing and writing to fuzzer.
      Action that runs fuzzer for short amount of time on PRs.
      Add workflow_dispatch for manual trigger
      Fix indentation
      Try with sudo.
      Fix code scanning alert: "Multiplication result converted to larger type".
      Add -workers option to use all cores.
      Regression test for https://github.com/Exiv2/exiv2/security/advisories/GHSA-mv9g-fxh2-m49m
      Don't crash if s > size.
      Print message to stderr when EXIV2_DEBUG_MESSAGES is enabled.
      Better way to print the error message.
      Regression test for https://github.com/Exiv2/exiv2/security/advisories/GHSA-m479-7frc-gqqg
      dirLength == 0 can cause an infinite loop.
      Defensive programming in Image::printIFDStructure
      Ignore results in the xmpsdk directory.
      Regression test for https://github.com/Exiv2/exiv2/security/advisories/GHSA-v5g7-46xf-h728
      Check that `type` isn't an empty string.
      Safer std::vector indexing.
      Regression test for https://github.com/Exiv2/exiv2/security/advisories/GHSA-hqjh-hpv8-8r9p
      Extra checking to prevent the loop counter from wrapping around.
      Defensive coding changes to avoid integer overflow in loop conditions.
      Better fix for potential integer overflow in `bytes.size() - 3`.
      Type of escapeStart should be size_t.
      Fix warning: comparison of integer expressions of different signedness
      Add a test to improve coverage in xmpsidecar.cpp
      Regression test for https://github.com/Exiv2/exiv2/issues/1793
      Add `pbox_end` param to `BmffImage::boxHandler` to enforce box nesting.
      Support for 64-bit box lengths looked broken.
      address + box_length == box_end
      Enable fuzzing of bmffimage.cpp
      Extra protection against large allocations.
      Fix compiler warnings.
      Fix format specifier.
      Regression test for https://github.com/Exiv2/exiv2/security/advisories/GHSA-9jh3-fcc3-g6hv
      Make sure that read is complete to prevent infinite loop.
      Remove redundant check.
      Regression test for https://github.com/Exiv2/exiv2/security/advisories/GHSA-g44w-q3vm-gwjq
      &bytes[0] will crash if bytes has zero elements.
      Skip unittest because -pR is disabled in release builds so the test fails.
      Regression test for https://github.com/Exiv2/exiv2/security/advisories/GHSA-mvc4-g5pv-4qqq
      bufRead needs to be adjusted after seek()
      Improved handling of jpg segments to avoid out-of-bound reads.
      Fix compiler warning.
      Update src/jpgimage.cpp
      poc from GHSA-9jh3-fcc3-g6hv can now be parsed without error.
      Add comment to explain bounds-check.
      Add `markerHasLength` utility function.
      Fix build error when EXIV2_DEBUG_MESSAGES is enabled.
      Add fuzzing dictionary and test all printStructure() options
      Remove redundant call to exifData().
      Regression test for https://github.com/Exiv2/exiv2/issues/1815
      Add bounds-check to prevent out-of-bounds read in memcmp.
      Regression test for https://github.com/Exiv2/exiv2/issues/1817
      Use DataBuf, rather than new[], for automatic delete when an exception is throw.
      Add static_cast to fix build error on Windows.
      Regression test for https://github.com/Exiv2/exiv2/issues/1812
      Check size before allocation to avoid out-of-memory errors.
      Add comment to explain the bounds-check.
      Regression test for https://github.com/Exiv2/exiv2/issues/1819
      Check that the string isn't empty
      Regression test for https://github.com/Exiv2/exiv2/issues/1827
      Check value is in range before casting from double to uint32_t, to avoid undefined behavior.
      Update src/tags_int.cpp
      Use std::round for rounding to nearest.
      Replace assertion with an error message.
      Regression test for https://github.com/Exiv2/exiv2/issues/1830
      Safer casting from double to long.
      Regression test for https://github.com/Exiv2/exiv2/issues/1838
      Check that the float is within the range of an int before casting.
      Regression test for https://github.com/Exiv2/exiv2/issues/1841
      Use DataBuf rather than raw malloc.
      Replace assertion with an error message.
      Regression test for https://github.com/Exiv2/exiv2/issues/1845
      Replace assertion with an error message.
      Test for https://github.com/Exiv2/exiv2/issues/1821
      Fix for https://github.com/Exiv2/exiv2/issues/1856
      Add sanitizer flags when fuzzing.
      Add LSAN suppressions.
      Decouple EXIV2_BUILD_FUZZ_TESTS from EXIV2_TEAM_USE_SANITIZERS.
      Call Metadatum::print() to increase fuzzing coverage.
      Add special build mode for OSS-Fuzz.
      Add OSS-Fuzz status badge and CIFuzz integration.
      Credit to OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=37363
      Add test to improve code coverage.
      Regression test for https://github.com/Exiv2/exiv2/issues/1881
      Credit to OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=37492
      Only build XMLValidator when XMP is enabled.
      Add second test file for better code coverage.
      Make fields of DataBuf private.
      Fix build failure on Windows.
      Fix build failure.
      Add unit test for methods like DataBuf::read_uint32 and DataBuf::write_uint32.
      Make offset=0 the default parameter.
      Regression test for https://github.com/Exiv2/exiv2/issues/1887
      Credit to OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=37889
      Standardize on conan 1.39.0
      Add doc to release build.
      Remove unused constructor that was causing a build failure in OSS-Fuzz.
      Regression test for https://github.com/Exiv2/exiv2/issues/1901
      Comment out bogus code.
      Add more checks to prevent integer overflow.
      Throw an exception on integer overflow.
      Fix test failure.
      Credit to OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=38887
      Regression test for https://github.com/Exiv2/exiv2/issues/1912
      Do the calculation in floating point to avoid integer overflow.
      Regression test for: https://github.com/Exiv2/exiv2/issues/1920
      Credit to OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=39060
      Add CodeQL query to detect variants of issue #1920.
      Add regression test to https://github.com/Exiv2/exiv2/pull/1918
      Update copyright and bug-address
      Add second test to improve code coverage.
      Add third test to improve code coverage.
      Clarify ownership model of CiffComponent::pData_
      Add workaround for conan outage: https://github.com/conan-io/conan/issues/9695
      We only need to extract one byte.
      Fix Conan on macOS
      Fix Conan on macOS
      Use same Conan version on macOS as on other platforms.
      Use =default.
      More =default changes.
      Regression test for https://github.com/Exiv2/exiv2/issues/1954
      Use std::move to transfer ownership of DataBufs.
      Delete the copy assignment operator to avoid accidental copying.
      Revert "Fix for https://github.com/Exiv2/exiv2/issues/1856"
      Fix indentation
      Credit to OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=39555
      Try a newer version of Conan.
      Add readOrThrow and seekOrThrow to BasicIo.
      Remove static functions readOrThrow and seekOrThrow.
      Remove Conan from MacOS build.
      Remove opensuse/tumbleweed, because the docker image is broken.
      Regression test for https://github.com/Exiv2/exiv2/issues/2006
      Credit to OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=41438
      Treat Exif.Sony1.PreviewImage as undefined tag.
      PoC image file for https://github.com/Exiv2/exiv2/issues/2027
      Use memmove, rather than memcpy, because memory regions might overlap.
      Clarify policy on when a bug is considered a security issue (#2038)
      Fix bug in loop. It wasn't iterating over the elements of dateStrings as intended.
      Delete TiffEntryBase::isMalloced_ field and use a std::shared_ptr instead.
      Remove DataBuf::release() which is no longer used.
      Add storage parameter to setData.
      Add comments.
      Replace Value::toLong with Value::toInt64. (#2062)
      Replace Metadatum::toLong() with Metadatum::toInt64().
      Convert type of pixelHeight/pixelWidth to platform-independent uint32_t.
      Fix compiler warnings.
      Move Metadatum::toUint32() implementation out of header file.
      Catch std::exception in iptcprint.
      Credit to OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=45291
      Add exclusion for issue_2160_poc.jpg
      Add poc for fuzzing coverage.
      More bounds checking in Adjust::adjustDateTime
      Replace long with int64_t in exiv2app.hpp
      Change return type of BasicIo::tell() to size_t.
      Fix some "signed shift" warnings.
      Fix some incorrect format specifiers.
      Fix some "signed shift" warnings
      Eliminate some false positive results.
      Regression test for https://github.com/Exiv2/exiv2/issues/2268
      Replace assert with enforce. (Fix for https://github.com/Exiv2/exiv2/issues/2268)
      Add issue_2268_poc.jp2 to the exclude list.
      Move enums from tags_int.hpp to tags.hpp
      Fix some "unsafe vector access" warnings.
      clang-format
      Simplify the iptcDataSegs logic
      Use emplace_back
      Convert IfdId and SectionId to enum classes.
      Don't use long in floatToRationalCast
      Use int32_t in TimeValue
      Use size_t for the offset.
      Change type of sizeDataArea_
      Use size_t
      Fix implicit type conversions.
      Refactor printIFDStructure depth increment
      Refactor printTiffStructure depth increment
      Convert type of depth parameter to size_t.
      Fix clang-tidy warning about double move.
      Change the return type of the 2Data functions to size_t.
      Fix implicit cast warning.
      Use std::map for faster lookup.
      Suggestions from @neheb and @piponazo.
      Correct error from #2301
      Use std::unordered_set for tiffImageTags
      Use a switch
      Suggestions from @neheb and @piponazo
      Use std::unordered_map for TiffTreeStruct lookup.
      Remove unneeded constructor
      Replace TiffTreeStruct with std::pair
      Use emplace().
      Regression test for https://github.com/Exiv2/exiv2/issues/2320
      Credit to OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=49894
      Regression test for https://github.com/Exiv2/exiv2/issues/2339
      Credit to OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50315
      Regression test for https://github.com/Exiv2/exiv2/issues/2345
      Credit to OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50901
      Avoid potential integer overflow.
      Fix clang-format error.
      Don't allow zero width/height in WebPImage::inject_VP8X
      Bump conan version to 1.52.0
      Use getULong to read unsigned numbers.
      Regression test for https://github.com/Exiv2/exiv2/issues/2366
      Credit to OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=51707
      nul-terminate string
      clang-format
      Regression test for https://github.com/Exiv2/exiv2/issues/2352
      Credit to OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=51241
      Credit to OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=51751
      clang-format
      Regression test for https://github.com/Exiv2/exiv2/issues/2383
      Credit to OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=52382
      Regression test for https://github.com/Exiv2/exiv2/issues/2385
      Credit to OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=52355
      Use Safe::add() in tiffvisitor_int.cpp
      Regression test for https://github.com/Exiv2/exiv2/issues/2393
      Credit to OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=52731
      Change return type of getFileLength() to int64_t.
      Use size_t for sizes and offsets.
      Fix issue 2380: bug in (unused) non-mmap code.
      Add #error so the build fails if mmap isn't supported.
      Use std::is_signed and std::enable_if.
      clang-format
      Regression test for https://github.com/Exiv2/exiv2/issues/2423
      Add break to loop to fix issue 2423, plus some other cleanups.
      Use Safe::add
      Regression test for https://github.com/Exiv2/exiv2/issues/2427
      Credit to OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=52767
      Remove libinih from codebase and add it as a dependency instead.
      Update .github/workflows/on_PR_windows_matrix.yml
      cmake fatal error if inih library is not found.
      Add inih dependency
      Add EXIV2_ENABLE_INIH flag to enable building without libinih.
      Silence unused parameter warning when EXV_ENABLE_INIH is undefined.
      Use double type to improve floating point accuracy.
      Use toInt64() for hours and minutes, because they should be integer valued.
      Fix test failures on 32-bit platforms.
      Fix long-running loop
      Fix integer overflow which enables enforce to be bypassed.
      Enable video support by default
      Check that the pointer isn't NULL.
      Use enforce, not assert, to avoid crash.
      Convert tail-recursion to loop to avoid stack exhaustion.
      Suggestion from @neheb
      Minor refactorings to stop UBSAN from complaining.

Luis Diaz (37):
      Rename GHA workflows for having more intuitive navigation
      cmake: Add missing source file
      Add unit tests for PngChunk::keyTXTChunk
      Add new BMP tests
      Fix MSVC warnings by casting integer values
      Fix release build (see #2085)
      ci: use conan cache in other windows builds
      ci: do not stop on failure
      ci: Enable Linux distributions pipeline on PRs
      Link against stdc++fs on Linux when it is needed
      Install new image_types.h header
      make startsWith constexpr and use string_view
      Recover IptDataSets::recordId in the API
      DateValue is now a bit more permissive with malformed dates
      Add unit tests for Error class
      Remove obsolete werror sample
      remove werror-test from README
      Use compiler deduction guides for error list
      Change Metadatum::copy return value from long to size_t
      Change Metadatum::size() return value from long to size_t
      More size_t for sizes
      More conversions to size_t while removing static_casts
      Add unit tests for Jp2Image revealing bugs (see #2147)
      doxygen: update doc style in Photoshop class
      Remove deprecated variable
      Add unit tests for Photoshop::isIrb().
      Remove 2nd param from Photoshop::isIrb() since it is always hardcoded
      More unit tests for Photoshop methods
      ci: Try to fix job which is killed due to low memory?
      Move static functions to anonymous namespace
      Move private constants to .cpp
      JpegBase::markerHasLength moved to implementation details
      Factor out function readSegmentSize()
      Change logic to determine if segment has size
      Definition of new CMake presets & usage in CI jobs
      Update versions of conan dependencies
      ci: update conan version in all jobs

Luis Diaz Mas (19):
      CiActions: Increasing matrix build for Windows
      Less CI jobs on push
      Fedora-MinGW build to Github Workflows
      ci - Remove old CI script files
      ci - cache conan packages on Windows builds
      ci - Add coverage run on main branch
      ci - Linux uses ninja
      ci - mac uses ninja
      ci - Use Ninja in rest of builds
      cmake: Add target for obtaining local covarage reports
      doc: Update notes about c++11
      Add CTest support
      ci - Use ctest
      doc - Add Github Actions badges in doc
      ci - distros - fastTrue=False
      ci: Upgrade conan to version 1.51.0
      Remove deprecated option in conan
      Enable Workflow dispatch on Windows CI jobs
      Replace cygwin github action

Luis Díaz Más (307):
      Remove deprecated EPS format
      cpp: Replace auto_ptr by unique_ptr
      ci - changes to use c++11
      remove some cmake old checks + newer gtest version
      eps - do not install header
      ci - Remove old ubuntu versions & use only 2 threads to build
      cmake - Modern use of consuming gtest
      ci - use pyton3 commands
      ci - More jobs for Travis-ci
      Use stack variables instead of java style
      Initialization of variables (fix issue detected with sanitizers)
      appveyor: drop Visual Studio 2013 support
      ci - Disable build Release+Sanitizers temporarily
      Remove deprecated ASF Video
      Remove deprecated SSH support
      Remove deprecated Matroska support
      Remove deprecated QuickTime support
      Remove deprecated RiffVideo support
      Remove EXIV2_ENABLE_VIDEO and related stuff
      Remove EPS tests
      localtime_r support on MinGW
      auto_ptr -> unique_ptr for code with WIN_UNICODE enabled
      Increase the timeout from 20 to 60 seconds
      cmake: new toolchain file for MinGW cross-compilation on Ubuntu
      Reenable Release+Sanitizers build
      Fix warnings related to -Wdeprecated-copy
      cmake: Treat xmpsdk headers as system ones
      Fix warnings EXIV2_TEAM_EXTRA_WARNINGS
      revert changes that are affecting to VS
      Doc: Update links in main so that the CI badges point to the proper branches
      Remove typedef to Dictionary::const_iterator
      Fix warnings in VS
      Remove rest of useless typedefs from datasets.hpp
      Replace many of the iterators types with auto
      Doc: Fix links in README.md and remove them from the conan one
      Revert "Remove deprecated EPS format"
      Revert "eps - do not install header"
      Revert "Remove EPS tests"
      eps: Fix code after usage of unique_ptr. Remove deprecation tags
      ci: update github actions
      ci: fix installation of gtest on ubuntu 20.04
      cmake: disable -Wuseless-cast
      fix warning (hiding local variable)
      Do not treat warnings as errors
      ci: fix issues on Github actions
      Remove useless explicit constructor
      ci: warnings_as_errors OFF
      ci: alpine linux support
      fix tests expectations for alpine linux
      ci: trying to fix centos:8 build
      ci: add again arch linux & disable compilation&run of unit tests
      Fix -Werror=shadow warning after recovering EPS
      conan: update conan recipe versions
      gtest - remove wrapper which is not needed anymore
      ci: update conan version
      unitTests - use internal library object instead of recompiling sources
      ci: use -Wno-deprecated-declarations for avoiding gtest 1.10 warnings
      conan: fixes for Windows
      conan: use cmake_paths generator instead of cmake
      conan: put win dlls into bin directory
      ci-travis: trying to fix valgrind build
      ci: rescue appveyor config from old-master and backup others
      Win - Disable UNICODE which is failing at the moment
      ci: old expat & tune gtest options for windows
      conan - gtest debug_postfix only used in Debug mode
      increase timeout
      msvc: fix compiler warning on x86
      appveyor: build BMFF + enable cache again
      cmake: ignore PDBs warnings on Win/Debug/Static buils
      cmake: revert change due to old cmake versions on CentOS & debian9
      Fix MSVC build
      Move include/CMake to src
      Archive appveyor ci configurations
      Also test installation on Windows
      ci - win: Use ninja and Visual Studio shell
      Add missing public headers to install target
      Early access is always compiled
      MacOS build
      Github Actions - More builds on PRs
      ci: Remove travis builds
      Fixes in github actions
      No exe in executables
      ci - MacOS Matrix
      Rename github workflows
      ci - Special builds on Github actions
      ci - coverage build - deal with SHA issue
      ci - Add BMFF to windows matrix
      Remove old CI providers from main README
      ci - Do not create conanCache dir
      Copy mergify file from 0.27-maintenance
      ci - Use generic cmake way to compile and install
      ci - Add new special build with all project options enabled
      ci - Using gtest as static library to avoid mac linking issues
      ci - Use CTest in all the ci jobs
      ci - install tar in opensuse before checkout action
      ci - Use CTest for coverage builds
      cmake: find python3 and use it in tests
      cmake: remove obsolete targets
      ci - Win builds without unicode + with warnings as errors
      cmake - Use cmake -E to be able to run tests on different windows shells
      fix python tests on powershell
      BMFF python test - Output strings in different lines
      conan - change generator to be able to use latest expat version
      make win debug builds a bit faster
      Ignore missing PDBs
      mac - cmake_paths does not work directly on mac
      win - Only run tests on x64
      ci - Win matrix jobs will also run on:push for main
      Python3 dependency is not obligatory
      ci - Replace debian:9 with debian:10
      ci - Linux distros jobs being more explicit about options used
      Fix issues detected with PVS-Studio + other little improvements (#1689)
      ci: upgrade conan version on github actions (#2021)
      Revisiting cmake code for generating coverage reports (#2047)
      cmake: default c++ standard => 14
      keyTXTChunk improvement
      Remove dead code
      Initialize uninitialized variables
      Replace magicValue with constant variable
      Add new tests in PngChunk & PngImage for increasing coverage
      Clang-format in pngchunk_int.cpp
      Check array index before inspecting it
      Upgrade C++ standard to c++17 (#2052)
      Upgrade centos:8 to centos-stream (#2066)
      Rest of tests to have 100% coverage in BMP class
      Add many tests for datasets
      Delete dead code
      clang-format on datasets.cpp
      Hide public details
      Add new tests for Iptc classes
      Delete unused IptcKey copy operator
      More tests
      Remove dead code
      More tests for IptcDataSets
      upgrade coverage scripts
      Recover some documentation strings
      Use auto to reduce verbosity around code dealing with iterators
      Add some TODO comments
      Remove dead code
      Simplify code around UniquePtr(s) & use make_unique over new
      Fix build on linux
      Simplify cloning in actions
      Modern implementation of Singleton
      Simplify TaskFactory
      Remove useless ops
      add doc pvs studio
      Add PVS-Studio to a Github action
      Allow to run special builds with manual dispatch
      Extracting secrets from github
      Run pvs-studio from build directorin where json file is
      Reduce retention days to 7
      Be more explicit in codecov.yml
      cmake: export compile commands
      Revert "Delete dead code"
      ci-conan: be more explicit about desired compiler in conan profile (#2085)
      Remove deprecated test file
      remove usage of exiv2json in a test (#199)
      Move all tests depending on sample applications to bash_tests
      Remove deprecated bash tests
      cmake: warning message when python3 is not found
      Upgrade documentation regarding CMake & Tests (#2088)
      ci: remove conanCache from release workflow. Use newer python (#2092)
      Add system test to reproduce issue with special characters
      Remove dead code around EXV_UNICODE_PATH
      windows: Trick to get UTF-8 encoded argv in main entry point
      Replace platform specific code with std::filesystem
      ci: Use MSYS UCRT environment
      doc: update notes about MSYS
      Remove unused PRINTUCS2 CMake option
      Apply suggestions from code review
      Fix remaining wrong brackets
      Include CanonFlashInfo (somehow missing after cherry-picking)
      Use AutoRotate
      Add characterisation test for ImageFactory::create(type)
      Replace ImageType namespace by a enum class
      No need anymore to include each image header to use the ImageFactory
      New tests to check what happens with ImageFactory::create(crazyValue)
      bug: Fix crash when calling ImageFactory::create(none)
      test ImageFactory::load with existing images in test/data
      Add tests for ImageFactory::checkMode (for all the supported image types)
      Change order of ImageType values
      doc: Remove CI PR-status from main README
      ci: Do not run CI jobs on documentation changes
      Move exiv2 app into its own folder
      add characterisation tests for utils
      simpler implementation of startsWith
      Remove startsWith from utils
      replace is only used in actions.cpp
      Utils::strtol only used in the app
      Remove unused headers
      Replace dirname implementation with std::filesystem
      Replace basename implementation with std::filesystem
      Replace suffix implementation with std::filesystem
      get rid of suffix
      Remove Util::dirname and finally the util files
      Fix build on Windows
      Improvements in urlencode
      Make urldecode in-place
      Use std::filesystem for fileExist
      Hide pathOfFileUrl in the only place where it is used
      BasicIo::path() returns const ref
      ReplaceStringInPlace does it in-place now
      Use rename from filesystem
      Use remove from filesystem
      Image::setComment now takes string_view
      Remove dead code (winNumberOfLinks)
      Remove dead code (LSTAT)
      Remove dead code: copyXattrFrom
      Remove dead code
      Replace dynamic C array by std::vector
      cppcheck: reduce scope of variables
      Replace raw loop for any_of
      Use filesystem in getExiv2ConfigPath
      Remove many redundant or not needed header inclusions
      Use fs::file_size instead of stat
      Clean config.h from old stuff
      Clean more header inclusions
      Use standard [[maybe_unused]]
      Fix build on linux
      Improvements from code review
      Fix build when EXIV2_BUILD_MESSAGES is ON
      Move params construction to the .cpp file
      Implement Params singleton in modern C++ way
      Hide member variable
      Replace dynamic array for std::vector
      Build hash table in place
      Avoid naked new operator in sample apps
      Replace naked new operators
      Replace DataBuf internal buffer with std::vector
      Replace c style arrays by std::array
      Fix another case revealed by tests
      Simplify DataBuf
      No need to define copy & move ctors
      Remove useless DataBuf::clear()
      Factor out duplicated piece of code
      Several transformations on DataBuf + migration to size_t
      Fix issues found by fuzzer
      Fix warnings and place return statements separated from if
      Fix more issues found by fuzzer
      Fix windows builds
      Use SPDX for licenses (#2122)
      Do not define not needed stuff
      Remove unused file
      _fileno is only for Windows
      Remove unused stuff
      Removing unused headers thanks to IWYU
      hexdump to size_t
      Use [[maybe_unused]]
      Add missing header to the CMake configuration
      Removing unused headers thanks to IWYU
      Use SPDX identifiers in more files
      Fix build on Windows
      Use auto for unique pointers
      Fix mac build
      C++-style headers
      windows.h
      Fix debug builds
      Should fix build in some Linux distros
      Convert Exiv2::ErrorCode into an enum class
      remove templating & simplify error message
      CI: Add new workflow to check clang-format
      Remove dead sample apps
      Add bash script to format whole project
      Update .clang-format file & apply clang-format to whole project
      doc: add clang-format notes to CONTRIBUTING.md
      Jp2Image: Implement more checks from JP2 standard + fix bug
      Adapt tests to changes in JP2
      JP2 - stronger checks on Signatuer and FileType boxes
      Fix windows build
      Rename variables for better readability
      Help for formatting enums & arrays with clang-format
      Remove most of the asserts from codebase
      Improve compare function: no need to count chars
      Usage of EXIT_SUCCESS/FAILURE instead of hard-coded values
      Remove DataBuf::copyBytes and use std::copy instead
      Remove useless static_casts
      Update .clang-format to align pointers to the types
      Fix out of bounds read in isValidBoxFileType()
      Remove exiv2json sample and tests depending on it
      ci: split command in several lines
      ci: Use interprocedural optimization (LTO) in releases
      cmake: exiv2-xmp is now an OBJECT library
      Detect integer-overflow and throw in that case
      Add POC file
      Link fuzz app against std::filesystem libraries
      Fix integer overflow #2179
      Move Photoshopb class to internal namespace
      Include missing iostream header in photoshop.cpp
      Use std::pair to return multiple values
      Use .front() to avoid warning from static analysis
      Fix issues on ARM builds (#2205)
      Throwing when trying to access TooFar elements in DataBuf
      Fixing bad usages of DataBuf (when it is empty)
      DataBuf::c_data() returns nullptr when empty + avoid duplication
      More tests for DataBuf read/write functions
      Remove duplication by using templates
      Test parseUint32 and fix it when number is out of limits
      More tests for rational convertions
      Move string helpers to utils
      Reduce amount of string transformations
      Remove deprecated todo
      Move 1-liner to header file
      utils are in Internal namespace
      Revert some boilerplate which is not needed
      ci: move pvsStudio job to its own workflow & use new flag
      Fix special builds for main
      Update ubuntu-latest tag to ubuntu-22.04 (#2439)

Matthias Kuhn (1):
      Fix building on ios

Michael Allman (7):
      Make Exif.NikonAf2.ContrastDetectAFInFocus and
      Add autogenerated documentation for NikonAf22 tags to html docs
      Print value of ContrastDetectAFInFocus as Yes/No. Change internal
      When selecting which version of nikonAf2 metadata to parse, include the
      Document origin of data size specifications for Nikon maker note tag 0xb7
      Add a workflow build/test for macOS+Sanitizers
      Guard against parsing "inf" into an int64 in the EasyAccess/ISO API.

Miloš Komarčević (71):
      Add Exif Gamma tag
      Update Gamma tests
      Improve printing of GPS info
      Improve precision of GPS lat/lon printed values
      Correct GDS distance unit in description
      Add Exif Gamma tag
      Update Gamma tests
      Improve printing of GPS info
      Improve precision of GPS lat/lon printed values
      Correct GDS distance unit in description
      Update bmffimage.hpp include order and path
      Add Sony ARW compression to dict
      Update test for image/jxl
      Extending Nikon3.ColorBalance version coverage
      Fold into common 02xx versions
      Limit CR3 previews to JPEG only
      Expose unsupported CR3 previews as binary
      Add more DNG 1.6 tags (#2023)
      Forward CI changes
      Do not use exact string match for errno output
      Improve config file platform test
      Strip XMP raw packet before decoding
      Update tests after XMP stripping
      Update CI actions (#2143)
      Initial support for OM System MakerNote
      Add OM System MakerNote test
      Add some F mount lenses
      Account for header bytes for Exif and XMP boxes
      Add more JXL tests
      PNG: always strip the existing iCCP chunk
      Add Nikon LensData v0802
      Add more Nikon Z lenses
      CI: cancel running jobs on updates
      Add Nikon3.WhiteBalanceBias2
      Exif start can be at any byte in payload, not word aligned
      Support brotli compressed boxes in JPEG XL
      Update README for brotli dependency
      Match Conan's cmake find module case for Brotli
      Use local cmake module path the last
      Make brotli dependency controllable
      Install deps for and bump CodeQL action
      Use safe add to prevent overflow
      Avoid buffer reallocation (#2392)
      Add more Canon RF lenses
      Add an RF lens regression test
      Remove translatable mark from RF lenses
      Add more Canon RF lenses and camera IDs
      Add Canon R6m2 ID
      CI: improved in-progress job canceling
      CI: bump conan version
      CI: bump clang-format actions
      Prefer writing PNG eXIf chunk
      CI: inih now available for Cygwin
      Handle relative and absolute paths for pkg-config file
      Add static linkages to pkg-config file
      Switch to CMake provided FindIconv
      Export QuickTimeVideo
      Update some Canon IDs (#2501)
      Explicitly include stdint (#2558)
      Add some more Nikon Z lenses
      Add Sony ZV-E1 ID
      Fix shared object versioning
      Add equivalent soversion to meson build
      makernotes: workaround for Olympus header corruption
      Update Sony file format table
      Support for parsing DCP files
      Add DCP regression test
      Add DCP to list of supported file types
      Add test case for #2542
      Add regression test output
      Make CMake summary for samples depend on app

Mohamed Ali Chebbi (37):
      1748 Video Support in V1.0: part 1/3 : support MatroskaViedo (#2413)
      1748 Video Support in V1.0: part 2/3 : support Riffvideo (#2415)
      1748 Video Support in V1.0: part 3/3 : support Asfvideo (#2416)
      Encapsulate video support with compilation variable EXV_ENABLE_VIDEO (#2448)
      add test/data for video support
      add test/data for video support : delete filename (unuseful)
      add test/data for video support : make asfvideo more readable and fix some issues
      add test/data for video support : gix issue in riff video and reference data test
      add test/data for video support : format issue
      Rework Asf and Riff formats ; add test/data for video support
      Format issue
      add test/data for video support : fix ci issue
      add test/data for video support : windows compilation issue
      add test/data for video support : Format issue
      add test/data for video support : Fix test issue
      add test/data for video support : Fix codeQL warnings
      add test/data for video support : add enforce exceptions
      add test/data for video support : delete riff HeaderReader
      add test/data for video support : delete unused parameter from readList method
      add test/data for video support : restore Riff HeaderReader and reserve addtional byte in readStraingTag
      add test/data for video support : use readStraingTag instead of read
      add test/data for video support : enhance Debug messages
      add test/data for video support : rename Xmp.video.Duration to Xmp.video.duration
      add test/data for video support : rework readStringWcharTag method
      add test/data for video support : rework readStringWcharTag method 2
      rework of aspectRatio calculation for all video formats and rework the decoding of asf tags
      compilation issue on Mac OS
      compilation issue on Mac OS 2
      compilation issue on Windows
      fuzz issue : check that block is not corrupted before decoding
      fuzz issue : add debug message for futur use
      asfvideo fuzz issue : nb_headers should not exceed the max value of uint32
      Current master fails with image #2565
      Current master fails with image #2565: segmentation fault when trying to access outofband offest
      Current master fails with image #2565: segmentation fault when trying to access outofband offest: check all locations
      Update src/jpgimage.cpp
      Current master fails with image #2565: segmentation fault when trying to access outofband offest: add test files

Moshe Kaplan (1):
      Update README.md

Nehal J Wani (1):
      Exiv2 v0.28.0

Peter (18):
      Add camera models for NikonFl3 makernotes group (#1994)
      Fix minor whitespace formatting
      Fix pr#2053 for native Windows builds (#2058)
      Fix `exiv2`: verbose extract stdout mutli-file (#2068)
      Fix test_pr_1905.py for native 2019msvc64 (#2108) (#2112)
      Add tag website build text to README.md (#2113)
      Add tag description option to exiv2 app (#2279)
      Update olympus tags (#2246) (#2249)
      Add request for exiv2 version/source (bug report) (#2331)
      Update Nikon flash tags (#2274)
      Update git issue report (#2334)
      Update git feature request (#2342)
      Update Sony(1|2) tags (#2323)
      Fix/add exceptions for BMFF based files (#2364)
      Update makernote model ID tags (#2389)
      Fix seg fault when using `iconv_open()` (#2403)
      Update README.md wrt BMFF (#2405)
      Update `Exif.SonyMisc3c.*` and `Exif.Sony(1|2).SonyModelID` (#2420)

Peter Kovář (2):
      Corrected JPEG XL file type
      Removed tag handled separately

Robin Mills (38):
      bump_v1.00_version
      Ubuntu 18.04 is failing because it's using python2!
      fix_ci_ubuntu18.4
      Try 2.
      Try 3.
      Try 4.
      Give up.  Restore original script and comment off/exclude 18.04
      I thought the 18.04 request was commented off.  Apparently not.  Throw it away.  Shshshssssss.  FFfffff.
      Commented off code was good.  WebUI confused me.  Manually go back (apparently no reverse gear on git).
      fix_enableBMFF_v1
      Only reveal class bmffimage in include/exiv2/bmffimage.hpp ifdef EXV_ENABLE_BMFF
      fix_1558_cmake_build_type
      bump_v1.00_version
      fix_enableBMFF_v1
      Only reveal class bmffimage in include/exiv2/bmffimage.hpp ifdef EXV_ENABLE_BMFF
      Fix Cygwin64 to use  -std=gnu++11 (instead of -std=c++11).  MinGW/msys2 remains broken on CI.  It's OK on my machine.
      Fix icc_test which is failing on Linux:
      Fix Ubuntu 20.04/Release/Sanitizer test breaker
      Don't build with C++98 on Cygwin jobs
      GitLab/Fedora/MinGW Disable EXIV2_TEAM_WARNINGS_AS_ERRORS.
      exifprint_lint
      Forgive "SHORT or LONG" tags.  Add test code.
      Fixing typos.
      Fix python test code to run on Windows.
      fix_1516_include_path
      Update SECURITY.md
      fix_1416_iptc_DateCreated (#1547)
      Updating documentation to respect ctest.
      Restored test lensTest.  Minimized differences between main/README.md and 0.27-maintenance/README.md.
      Adding version_test.py.
      Fixes following review.
      Fixes following review.
      Fix `$ $` typo.  Well spotted, @kmilos.
      Fixing tests.  test_issue_981.py is now running all 6 commands.  The output Key has correctly changed.  The type and value are wrong.
      Rewire Canon MakerNote 0x0026 (AFInfo) to allow TiffDecoder::decodeCanonAFInfo to handle this tag.
      Fixing test following Christoph's Review.  (Christoph is one clever Mother!)
      Fix regressionTests with modified reference files.  `cp test/tmp/* test/data/test_reference_files/`
      Delete contrib/organize directory

Rosen Penev (425):
      xmpsdk: don't use register
      clang-tidy: use = delete
      clang-tidy: use braced init list
      convert Pair to std::pair
      clang-tidy: range for loop conversions
      clang-tidy: use = default
      clang-tidy: simplify boolean expressions
      clang-tidy: don't check for NULL with delete
      clang-tidy: use using
      clang-tidy: remove pointless static
      clang-tidy: use default member init
      clang-tidy: use override
      clang-tidy: use empty() instead of comparing size
      clang-tidy: don't use string compare
      clang-tidy: remove pointless string init
      clang-tidy: empty() conversions
      clang-tidy: simplify boolean expression
      default con/destructors in headers
      clang-tidy: fix declartation names
      clang-tidy: remove redundant member init
      fix bad for range loop
      clang-tidy: remove duplicate public
      clang-tidy: remove pointless const
      fix compilation with EXIV2_DEBUG_MESSAGES
      clang-tidy: add ending namespace comments
      clang-tidy: fix badly indented if
      clang-tidy: make several member functions const
      clang-tidy: don't use else after return
      replace {} initialization with fill
      clang-tidy: use uppercase numeric literals
      clang-tidy: range loop conversions
      manual for range loop conversions
      clang-tidy: use auto
      clang-tidy: run through performance checks
      clang-tidy: pass by value
      remove pointless constructors
      clang-tidy: init in member initializer
      more constexpr
      clang-tidy: convert to static
      clang-tidy: add missing explicit
      clang-tidy: use C++ casting
      some range loop conversions
      Jzon: algorithm conversions
      clang-tidy: remove pointless return
      clang-tidy: fix ending namespace comnments
      use auto in template
      clang-tidy: no else after return
      clang-tidy: use dynamic cast
      default con/destructors in headers
      clang-tidy: remove pointless member init
      remove initializers
      remove some pointless std::set
      clang-tidy: avoid global non const variables
      clang-tidy: use nullptr
      remove old MSVC hacks
      clang-tidy: simplify bools
      clang-tidy: do not use else after return
      clang-tidy: use default member init
      clang-tidy: use = default
      con/destructor fixes
      clang-tidy: replace virtual with override
      clang-tidy: do not use 0 for bool
      clang-tidy: remove dedundant initializer
      clang-tidy: replace throw with noexcept
      clang-tidy: remove redundant specifiers
      clang-tidy: pass by value
      clang-tidy: use auto
      clang-tidy: use override
      clang-tidy: add explicit
      clang-tidy: use nullptr
      clang-tidy: use braced init list
      remove most usages of std::make_pair
      use more emplace_back
      make array constexpr
      move namespace fs below includes
      move initializations to class
      simplify ReplaceStringInPlace slightly
      clang-tidy: use braced init list
      clang-tidy: use concat namespaces
      clang-tidy: use default
      clang-tidy: use auto
      clang-tidy: range loop conversion
      clang-tidy: replace typedef with using
      constexpr string conversions
      manual braced init conversion
      clang-tidy: use emplace_back
      manual nullptr conversions
      clang-tidy: use empty() instead of size()
      clang-tidy: remove pointless get()
      clang-tidy: simplify bool
      clang-tidy: get rid of compare() usage
      clang-tidy: remove C casts
      replace several typedefs with using
      use make_unsigned_t
      misc stuff
      clang-tidy: add some missing operators
      manual namespace concatenations
      clang-tidy: add ending namespace comment
      clang-tidy: don't use else after return/throw
      conversions to make_unique
      manual unimplemented operator = delete
      remove some new
      replace EXV_COUNTOF with std::size
      clang-tidy: don't use C casts
      manual move conversions
      manual nullptr removals
      some std::array conversions (#2148)
      clang-tidy: C array to std::array conversions
      std::array conversions
      find to std::find
      static constexpr conversions
      remove various usages of memset
      const member function
      const variable
      use empty()
      add missing destructor
      use = delete and move to public
      delete
      nodiscard addition
      std::function
      remove unused var from deleted stuff
      clang-tidy: use auto
      clang-tidy: add more nodiscard
      clang-tidy: use default
      function move
      clang-tidy: use C++ headers
      replace Sleep with sleep_for
      some chrono
      clang-tidy: use any_of
      clang-tidy: no else after return
      clang-tidy: do not use using namespace
      clang-tidy: fix inconsistent decleration
      C to std::function
      struct to std::pair conversions
      structured binding conversions
      use auto
      clang-tidy: add parentheses to macros
      clang-tidy: use strcmmp properly
      replace ret variable with return statement
      try to actually fix null pointer deref
      remove some unique_ptrs
      clang-tidy: default member init
      clang-tidy: replace throw() with noexcept
      clang-tidy: use delete
      clang-tidy: use nullptr
      clang-tidy: manual clang-tidy fixes
      clang-tidy: manual special functions
      replace malloc/free with new/delete
      algorithm conversions
      remove unused class declarations
      add constexpr constructor
      remove default constructor
      clang-tidy: default member init
      std::pair conversion
      minor clang-tidy fixes (#2213)
      std::function conversions
      clang-tidy: remove const params in decls
      reference conversions
      remove const std::function
      fix misplaced const
      remove some double pointer stuff
      replace readlink with std::filesystem
      fix mmap compilation
      use _v
      clang-tidy: replace pointer magic with data()
      clang-tidy: add missing special member functions
      clang-tidy: C casts to C++
      clang-tidy: use default member init
      clang-tidy: add missing override
      clang-tidy: use C++ casts
      clang-tidy: no else after return
      clang-tidy: some llvm- warnings
      clang-tidy: remove const char operator
      pass bool by value
      clang-tidy: remove const
      clang-tidy: use auto
      clang-tidy: missing override
      clang-tidy: replace + with append()
      clang-tidy: fix mismatching declaration variable
      try to fix some fanalyzer warnings
      clang: remove pointless ; at the end of function
      remove friend operator
      clang-tidy: use '' for find
      fix some gcc -Weffc++ warnings
      find_if conversion
      find_if and lambda conversions
      use some auto
      make upper the same as lower
      const ref conversions
      remove pointless &*
      remove string_view from headers
      Make headers compatible with C++11
      return make_unique directly
      make_unique conversions
      po: update files
      replace [0] with front() where applicable
      sonarlint: replace lock_guard with scoped_lock
      sonarlint: replace loop with find_if
      sonarlint: add an empty do while loop
      clang-tidy: use auto
      clang-tidy: avoid C casts
      replace shared_ptr with make_shared
      misc sonarlint changes
      replace structs with std::pair
      strcmp to == conversions
      remove GroupName struct
      get rid of extern const
      simplify switch statement with returns
      enum class conversion
      remove unused using
      remove explicit constructor
      default init static variable
      const conversions
      misc sonarlint cleanups
      remove c_str for fs stuff
      fix compilation with mingw iconv
      remove pointless UNUSED statement
      fix iconv handling and windows
      simplify some defines
      manual replacement of [0] with front()
      don't use w32 sockets for cygwin
      revert std::function back to function pointers
      remove constructor
      fix compilation without mmap and non win32
      cmakelists.txt: run through cmake-format
      replace custom gcd function with std
      std::to_string conversions
      remove pointless x_default variable
      move structured bindings up
      remove using
      Add more MIME type mappings for TIFF-based raws
      misc sonarlint stuff
      use reference to work around MSVC bug
      cland-tidy: simplify booleans
      get rid of nested if conditions
      replace find/rfind with startsWith
      Use std::enable_if_t and std::is_signed_v.
      early exit
      clang-tidy: various fixes
      clang-tidy: use make_unique
      use find instead of std::find_if
      replace any_of with find
      use some future C++ stuff when possible
      static_cast make_unsigned
      clang-tidy: apply to newly merged stuff
      get rid of -fanalyzer memory leaks
      clang-tidy on Windows
      use some if constexpr
      fix __cplusplus check for MSVC
      wmain: build as c++ instead of c
      manual default member init
      add const
      avoid reassignment
      remove double libintl check
      return nullptr instead of reset
      fix copy constructors
      add missing const
      use find instead of count
      replace substr with resize/pop_back
      remove unused variable
      static_cast
      xmpsdk: Fix dangling pointer warning
      fix C++20 deprecation warning
      fix WIN32 macro
      std::find to find template
      more std::find to Exiv2::find
      use gnu_printf
      move inline to declaration
      clang-tidy: add const to parameter
      safe_op: C++17 improvements
      add support for gcc and clang 7
      namespace enforce.hpp functions to Internal
      use __has_include
      remove manual math
      work around windows.h min/max macros
      move initialization up
      default initializations
      remove deleted Image member functions
      do the same for Io functions
      more delete removals
      remove some overriden defaulted destructors
      add missing member functions
      remove deleted members from static classes
      add meson build
      add basic meson CI
      meson: g++-[789] build
      use EXV_ICONV_CONST
      remove mmap/munmap checks
      remove unused defines
      add missing &
      meson CI: test static library as well
      remove constructors
      simplify loop
      std to Exiv2 find
      clang-tidy fixes for recent stuff
      swap variables
      use numeric limits instead of -1
      don't assign in while
      replace switch with if/return
      unreachable code
      use if constexpr
      fix comma warning
      fix implicit conversion
      clang-tidy: cast initial variable
      clang-tidy: don't assign in if
      use lower()
      clang-tidy: replace memcpy with copy_n
      replace standard check with feature test macro
      replace std::pair and tuple with C structs
      clang-tidy: no else after return
      clang-tidy: add explicit
      meson: make xmp boolean a feature
      meson CI: build with verbose
      meson CI: add library type to name
      meson CI: add special clang and libc++ CI
      meson: add support for linux libc++fs
      meson: bump warning level
      link against gtest-main
      remove base constructor
      github CI: install gtest with brew
      unitTests: fix old API usage
      make conversions explicit
      use upper() function
      fix memory leak
      replace localtime with _s/_r variant
      explicit conversion
      fix wrong snprintf format
      replace array with vector
      use count_if
      use std::replace
      meson: split off internal library
      meson: add unit tests
      template second parameter for startsWith
      add contains function
      meson: move warning/sanitizer stuff to CI
      meson CI: build as C++20
      avoid shadowing warning
      github CI: add dependabot
      github CI: install regular conan
      github CI: use python -m pip
      default init variable
      fix off by 1 error
      cast expression
      close socket before return
      direct init structs
      clang-tidy: default init various members
      Remove some constructors
      use find()
      use GetCurrentProcessId on Windows
      github CI: remove no warning options
      meson CI: use env section
      meson CI: add lld to clang
      meson CI: add more clang versions
      meson CI: add GCC10 too
      meson CI: build for 32-bit Windows too
      meson CI: add /analyze for MSVC
      github CI: use env
      github CI: remove EXIV2_ENABLE_VIDEO
      github CI: use ilammy/msvc-dev-cmd
      github CI: test x86 on Windows
      coverity: add move operations
      get rid of convertToUint64
      coverity: remove dead code
      SonarLint cleanups
      github CI: update conan
      github CI: remove NoConan
      meson: update wraps
      github CI: update conan
      add various moves
      meson CI: use vc++latest
      fix compilation under FreeBSD
      remove old MSVC workaround
      remove MSVC hacks
      replace enable_if with if constexpr
      clang-tidy: no _ in tests
      get rid of Key() move operations
      gcc: remove redundant struct
      gcc: noexcept
      gcc: ifdef
      random fixes
      extern to static
      MSVC warning fixes
      remove inline function
      don't assign an fs::path to a string
      clang-tidy: don't use non const refs
      more SonarLint cleanups
      clang: fix various documentation errors
      clang: small fixes
      remove several constructors
      constexpr some constructors
      remove constexpr
      std::array removals
      get rid of EXV_CALL_MEMBER_FN
      geotag: add GCC7 support
      make runner.py executable
      meson: build samples
      meson: remove now unused checks
      easyaccess const changes
      remove codecvt
      direct initialize some structs
      clang-tidy: remove const from data members
      meson: fix tests when zlib is disabled
      geotag: fix compilation with MSYS
      don't compile WIN32 stuff when iconv is present
      meson: build iconv with FreeBSD
      meson CI: add FreeBSD
      meson CI: remove static build
      meson CI: add MSYS2
      use using in slice
      remove EXIV2API from src
      meson: add libobsd wrap
      meson: only define MinGW stuff for non UCRT
      meson CI: move clang workflow to the same file
      meson CI: test oldest and newest compilers only
      meson CI: remove /analyze
      meson CI: test all features enabled and disabled
      meson: fix UCRT check
      convert manual loop to find
      remove some unused defines.
      sonarlint cleanups
      clang-tidy: add nodiscard
      const ref to ref conversions
      clang-tidy: replace defines with enum
      simplify loops
      fix asfvideo unicode handling

Shawn Baker (1):
      libcurl is now optional. Updated to the latest versions of libcurl and expat. (#1992)

Steve Robbins (1):
      xmpsdk: Unconditionally use <stdint.h>

Sturmflut (8):
      Add Sigma 12-24mm F4 DG HSM Art lens for Nikon
      Add test for Pull Request #2069 (Sigma 12-24mm F4 DG HSM Art lens for Nikon)
      Fix branch names in CONTRIBUTING.md (master was renamed to main)
      Fix branch names in GIT_GUIDELINES.md (master was renamed to main)
      [nikon] Add Tokina AT-X 14-20 F2 PRO DX lens
      [nikon] Add instructions for adding new Nikon F mount lenses
      [tests] Add test for Tokina AT-X 14-20 F2 PRO DX lens on Nikon bodies
      [nikon] Add Tokina ATX-i 11-20mm F2.8 CF lens (#2072)

Viktor Schneider (17):
      add support for more fujifilm tags
      remove auto range for DynamicRangeAuto setting
      print newer labels first when interpreting Fujifilm tags
      remove redundant TagDetails and fix formatting
      add some fujifilm tags from exiftool and extend TagDetails
      remove TODO entries
      fix typo in fujiSharpness and prevent undefined behaviour when shifting signed values
      add comment that fujiColor value 512 differs from exiftool
      update test cases to respect new fujifilm tags
      apply fujif…
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
2 participants