Skip to content

Commit 8682ad2

Browse files
committed
0.18.17
1 parent b829580 commit 8682ad2

File tree

5 files changed

+93
-2
lines changed

5 files changed

+93
-2
lines changed

Diff for: Changelog.txt

+9
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,12 @@
1+
2018-01-19 Alex Tutubalin <lexa@lexa.ru>
2+
Secunia #79000:
3+
Credit: Laurent Delosieres, Secunia Research at Flexera
4+
* All legacy (RGB raw) image loaders checks for imgdata.image is not NULL
5+
* kodak_radc_load_raw: check image size before processing
6+
* legacy memory allocator: allocate max(widh,raw_width)*max(height,raw_height)
7+
* LibRaw 0.18.7
8+
9+
110
2017-12-06 Alex Tutubalin <lexa@lexa.ru>
211
Secunia #76000:
312
* Fixed fuji_width handling if file is neither fuji nor DNG

Diff for: dcraw/dcraw.c

+45
Original file line numberDiff line numberDiff line change
@@ -1623,6 +1623,10 @@ void CLASS nikon_load_raw()
16231623

16241624
void CLASS nikon_yuv_load_raw()
16251625
{
1626+
#ifdef LIBRAW_LIBRARY_BUILD
1627+
if(!image)
1628+
throw LIBRAW_EXCEPTION_IO_CORRUPT;
1629+
#endif
16261630
int row, col, yuv[4], rgb[3], b, c;
16271631
UINT64 bitbuf=0;
16281632
float cmul[4];
@@ -2444,6 +2448,10 @@ void CLASS sinar_4shot_load_raw()
24442448
unpacked_load_raw();
24452449
return;
24462450
}
2451+
#ifdef LIBRAW_LIBRARY_BUILD
2452+
else if(!image)
2453+
throw LIBRAW_EXCEPTION_IO_CORRUPT;
2454+
#endif
24472455
pixel = (ushort *) calloc (raw_width, sizeof *pixel);
24482456
merror (pixel, "sinar_4shot_load_raw()");
24492457
#ifdef LIBRAW_LIBRARY_BUILD
@@ -2963,6 +2971,11 @@ void CLASS quicktake_100_load_raw()
29632971

29642972
void CLASS kodak_radc_load_raw()
29652973
{
2974+
#ifdef LIBRAW_LIBRARY_BUILD
2975+
// All kodak radc images are 768x512
2976+
if(width>768 || raw_width>768 || height > 512 || raw_height>512 )
2977+
throw LIBRAW_EXCEPTION_IO_CORRUPT;
2978+
#endif
29662979
static const signed char src[] = {
29672980
1,1, 2,3, 3,4, 4,2, 5,7, 6,5, 7,6, 7,8,
29682981
1,0, 2,1, 3,3, 4,4, 5,2, 6,7, 7,6, 8,5, 8,8,
@@ -3214,6 +3227,10 @@ void CLASS gamma_curve (double pwr, double ts, int mode, int imax);
32143227

32153228
void CLASS lossy_dng_load_raw()
32163229
{
3230+
#ifdef LIBRAW_LIBRARY_BUILD
3231+
if(!image)
3232+
throw LIBRAW_EXCEPTION_IO_CORRUPT;
3233+
#endif
32173234
struct jpeg_decompress_struct cinfo;
32183235
struct jpeg_error_mgr jerr;
32193236
JSAMPARRAY buf;
@@ -3345,6 +3362,10 @@ void CLASS eight_bit_load_raw()
33453362

33463363
void CLASS kodak_c330_load_raw()
33473364
{
3365+
#ifdef LIBRAW_LIBRARY_BUILD
3366+
if(!image)
3367+
throw LIBRAW_EXCEPTION_IO_CORRUPT;
3368+
#endif
33483369
uchar *pixel;
33493370
int row, col, y, cb, cr, rgb[3], c;
33503371

@@ -3382,6 +3403,10 @@ void CLASS kodak_c330_load_raw()
33823403

33833404
void CLASS kodak_c603_load_raw()
33843405
{
3406+
#ifdef LIBRAW_LIBRARY_BUILD
3407+
if(!image)
3408+
throw LIBRAW_EXCEPTION_IO_CORRUPT;
3409+
#endif
33853410
uchar *pixel;
33863411
int row, col, y, cb, cr, rgb[3], c;
33873412

@@ -3545,6 +3570,10 @@ void CLASS kodak_65000_load_raw()
35453570

35463571
void CLASS kodak_ycbcr_load_raw()
35473572
{
3573+
#ifdef LIBRAW_LIBRARY_BUILD
3574+
if(!image)
3575+
throw LIBRAW_EXCEPTION_IO_CORRUPT;
3576+
#endif
35483577
short buf[384], *bp;
35493578
int row, col, len, c, i, j, k, y[2][2], cb, cr, rgb[3];
35503579
ushort *ip;
@@ -3579,6 +3608,10 @@ void CLASS kodak_ycbcr_load_raw()
35793608

35803609
void CLASS kodak_rgb_load_raw()
35813610
{
3611+
#ifdef LIBRAW_LIBRARY_BUILD
3612+
if(!image)
3613+
throw LIBRAW_EXCEPTION_IO_CORRUPT;
3614+
#endif
35823615
short buf[768], *bp;
35833616
int row, col, len, c, i, rgb[3],ret;
35843617
ushort *ip=image[0];
@@ -3607,6 +3640,10 @@ void CLASS kodak_rgb_load_raw()
36073640

36083641
void CLASS kodak_thumb_load_raw()
36093642
{
3643+
#ifdef LIBRAW_LIBRARY_BUILD
3644+
if(!image)
3645+
throw LIBRAW_EXCEPTION_IO_CORRUPT;
3646+
#endif
36103647
int row, col;
36113648
colors = thumb_misc >> 5;
36123649
for (row=0; row < height; row++)
@@ -4229,6 +4266,10 @@ void CLASS foveon_thumb()
42294266

42304267
void CLASS foveon_sd_load_raw()
42314268
{
4269+
#ifdef LIBRAW_LIBRARY_BUILD
4270+
if(!image)
4271+
throw LIBRAW_EXCEPTION_IO_CORRUPT;
4272+
#endif
42324273
struct decode *dindex;
42334274
short diff[1024];
42344275
unsigned bitbuf=0;
@@ -4279,6 +4320,10 @@ void CLASS foveon_huff (ushort *huff)
42794320

42804321
void CLASS foveon_dp_load_raw()
42814322
{
4323+
#ifdef LIBRAW_LIBRARY_BUILD
4324+
if(!image)
4325+
throw LIBRAW_EXCEPTION_IO_CORRUPT;
4326+
#endif
42824327
unsigned c, roff[4], row, col, diff;
42834328
ushort huff[512], vpred[2][2], hpred[2];
42844329

Diff for: internal/dcraw_common.cpp

+37
Original file line numberDiff line numberDiff line change
@@ -1340,6 +1340,10 @@ void CLASS nikon_load_raw()
13401340

13411341
void CLASS nikon_yuv_load_raw()
13421342
{
1343+
#ifdef LIBRAW_LIBRARY_BUILD
1344+
if(!image)
1345+
throw LIBRAW_EXCEPTION_IO_CORRUPT;
1346+
#endif
13431347
int row, col, yuv[4], rgb[3], b, c;
13441348
UINT64 bitbuf=0;
13451349
float cmul[4];
@@ -2156,6 +2160,10 @@ void CLASS sinar_4shot_load_raw()
21562160
unpacked_load_raw();
21572161
return;
21582162
}
2163+
#ifdef LIBRAW_LIBRARY_BUILD
2164+
else if(!image)
2165+
throw LIBRAW_EXCEPTION_IO_CORRUPT;
2166+
#endif
21592167
pixel = (ushort *) calloc (raw_width, sizeof *pixel);
21602168
merror (pixel, "sinar_4shot_load_raw()");
21612169
#ifdef LIBRAW_LIBRARY_BUILD
@@ -2675,6 +2683,11 @@ void CLASS quicktake_100_load_raw()
26752683

26762684
void CLASS kodak_radc_load_raw()
26772685
{
2686+
#ifdef LIBRAW_LIBRARY_BUILD
2687+
// All kodak radc images are 768x512
2688+
if(width>768 || raw_width>768 || height > 512 || raw_height>512 )
2689+
throw LIBRAW_EXCEPTION_IO_CORRUPT;
2690+
#endif
26782691
static const signed char src[] = {
26792692
1,1, 2,3, 3,4, 4,2, 5,7, 6,5, 7,6, 7,8,
26802693
1,0, 2,1, 3,3, 4,4, 5,2, 6,7, 7,6, 8,5, 8,8,
@@ -2926,6 +2939,10 @@ void CLASS gamma_curve (double pwr, double ts, int mode, int imax);
29262939

29272940
void CLASS lossy_dng_load_raw()
29282941
{
2942+
#ifdef LIBRAW_LIBRARY_BUILD
2943+
if(!image)
2944+
throw LIBRAW_EXCEPTION_IO_CORRUPT;
2945+
#endif
29292946
struct jpeg_decompress_struct cinfo;
29302947
struct jpeg_error_mgr jerr;
29312948
JSAMPARRAY buf;
@@ -3057,6 +3074,10 @@ void CLASS eight_bit_load_raw()
30573074

30583075
void CLASS kodak_c330_load_raw()
30593076
{
3077+
#ifdef LIBRAW_LIBRARY_BUILD
3078+
if(!image)
3079+
throw LIBRAW_EXCEPTION_IO_CORRUPT;
3080+
#endif
30603081
uchar *pixel;
30613082
int row, col, y, cb, cr, rgb[3], c;
30623083

@@ -3094,6 +3115,10 @@ void CLASS kodak_c330_load_raw()
30943115

30953116
void CLASS kodak_c603_load_raw()
30963117
{
3118+
#ifdef LIBRAW_LIBRARY_BUILD
3119+
if(!image)
3120+
throw LIBRAW_EXCEPTION_IO_CORRUPT;
3121+
#endif
30973122
uchar *pixel;
30983123
int row, col, y, cb, cr, rgb[3], c;
30993124

@@ -3257,6 +3282,10 @@ void CLASS kodak_65000_load_raw()
32573282

32583283
void CLASS kodak_ycbcr_load_raw()
32593284
{
3285+
#ifdef LIBRAW_LIBRARY_BUILD
3286+
if(!image)
3287+
throw LIBRAW_EXCEPTION_IO_CORRUPT;
3288+
#endif
32603289
short buf[384], *bp;
32613290
int row, col, len, c, i, j, k, y[2][2], cb, cr, rgb[3];
32623291
ushort *ip;
@@ -3291,6 +3320,10 @@ void CLASS kodak_ycbcr_load_raw()
32913320

32923321
void CLASS kodak_rgb_load_raw()
32933322
{
3323+
#ifdef LIBRAW_LIBRARY_BUILD
3324+
if(!image)
3325+
throw LIBRAW_EXCEPTION_IO_CORRUPT;
3326+
#endif
32943327
short buf[768], *bp;
32953328
int row, col, len, c, i, rgb[3],ret;
32963329
ushort *ip=image[0];
@@ -3319,6 +3352,10 @@ void CLASS kodak_rgb_load_raw()
33193352

33203353
void CLASS kodak_thumb_load_raw()
33213354
{
3355+
#ifdef LIBRAW_LIBRARY_BUILD
3356+
if(!image)
3357+
throw LIBRAW_EXCEPTION_IO_CORRUPT;
3358+
#endif
33223359
int row, col;
33233360
colors = thumb_misc >> 5;
33243361
for (row=0; row < height; row++)

Diff for: libraw/libraw_version.h

+1-1
Original file line numberDiff line numberDiff line change
@@ -22,7 +22,7 @@ it under the terms of the one of two licenses as you choose:
2222

2323
#define LIBRAW_MAJOR_VERSION 0
2424
#define LIBRAW_MINOR_VERSION 18
25-
#define LIBRAW_PATCH_VERSION 6
25+
#define LIBRAW_PATCH_VERSION 7
2626
#define LIBRAW_VERSION_TAIL Release
2727

2828
#define LIBRAW_SHLIB_CURRENT 16

Diff for: src/libraw_cxx.cpp

+1-1
Original file line numberDiff line numberDiff line change
@@ -2508,7 +2508,7 @@ int LibRaw::unpack(void)
25082508
S.raw_pitch = (decoder_info.decoder_flags & LIBRAW_DECODER_LEGACY_WITH_MARGINS) ? S.raw_width*8 : S.width*8;
25092509
// allocate image as temporary buffer, size
25102510
imgdata.rawdata.raw_alloc = 0;
2511-
imgdata.image = (ushort (*)[4]) calloc(unsigned(S.raw_width)*unsigned(S.raw_height),sizeof(*imgdata.image));
2511+
imgdata.image = (ushort (*)[4]) calloc(unsigned(MAX(S.width,S.raw_width))*unsigned(MAX(S.height,S.raw_height)),sizeof(*imgdata.image));
25122512
if(!(decoder_info.decoder_flags & LIBRAW_DECODER_ADOBECOPYPIXEL))
25132513
{
25142514
imgdata.rawdata.raw_image = (ushort*) imgdata.image ;

0 commit comments

Comments
 (0)