From 0a881ab3de8e12dabfbda4a369fc5487d5f7e029 Mon Sep 17 00:00:00 2001 From: Gilles Caulier Date: Sat, 20 Jan 2018 19:09:33 +0100 Subject: update internal Libraw to last stable 0.18.7 --- NEWS | 1 + libs/rawengine/libraw/Changelog.txt | 16 +++++++++++ libs/rawengine/libraw/internal/dcraw_common.cpp | 37 +++++++++++++++++++++++++ libs/rawengine/libraw/libraw/libraw_version.h | 2 +- libs/rawengine/libraw/src/libraw_cxx.cpp | 2 +- 5 files changed, 56 insertions(+), 2 deletions(-) diff --git a/libs/rawengine/libraw/Changelog.txt b/libs/rawengine/libraw/Changelog.txt index 58cd242..c9fc520 100644 --- a/core/libs/rawengine/libraw/Changelog.txt +++ b/core/libs/rawengine/libraw/Changelog.txt @@ -1,3 +1,19 @@ +2018-01-19 Alex Tutubalin +Secunia #79000: +Credit: Laurent Delosieres, Secunia Research at Flexera + * All legacy (RGB raw) image loaders checks for imgdata.image is not NULL + * kodak_radc_load_raw: check image size before processing + * legacy memory allocator: allocate max(widh,raw_width)*max(height,raw_height) + * LibRaw 0.18.7 + + +2017-12-06 Alex Tutubalin +Secunia #76000: + * Fixed fuji_width handling if file is neither fuji nor DNG + * Fixed xtrans interpolate for broken xtrans pattern + * Fixed panasonic decoder + * LibRaw 0.18.6 + 2017-09-22 Alex Tutubalin * Fixed possible out of bound access in Kodak 6500 loader * LibRaw 0.18.5 diff --git a/libs/rawengine/libraw/internal/dcraw_common.cpp b/libs/rawengine/libraw/internal/dcraw_common.cpp index 294e2e2..520d19a 100644 --- a/core/libs/rawengine/libraw/internal/dcraw_common.cpp +++ b/core/libs/rawengine/libraw/internal/dcraw_common.cpp @@ -1340,6 +1340,10 @@ void CLASS nikon_load_raw() void CLASS nikon_yuv_load_raw() { +#ifdef LIBRAW_LIBRARY_BUILD + if(!image) + throw LIBRAW_EXCEPTION_IO_CORRUPT; +#endif int row, col, yuv[4], rgb[3], b, c; UINT64 bitbuf=0; float cmul[4]; @@ -2156,6 +2160,10 @@ void CLASS sinar_4shot_load_raw() unpacked_load_raw(); return; } +#ifdef LIBRAW_LIBRARY_BUILD + else if(!image) + throw LIBRAW_EXCEPTION_IO_CORRUPT; +#endif pixel = (ushort *) calloc (raw_width, sizeof *pixel); merror (pixel, "sinar_4shot_load_raw()"); #ifdef LIBRAW_LIBRARY_BUILD @@ -2675,6 +2683,11 @@ void CLASS quicktake_100_load_raw() void CLASS kodak_radc_load_raw() { +#ifdef LIBRAW_LIBRARY_BUILD + // All kodak radc images are 768x512 + if(width>768 || raw_width>768 || height > 512 || raw_height>512 ) + throw LIBRAW_EXCEPTION_IO_CORRUPT; +#endif static const signed char src[] = { 1,1, 2,3, 3,4, 4,2, 5,7, 6,5, 7,6, 7,8, 1,0, 2,1, 3,3, 4,4, 5,2, 6,7, 7,6, 8,5, 8,8, @@ -2926,6 +2939,10 @@ void CLASS gamma_curve (double pwr, double ts, int mode, int imax); void CLASS lossy_dng_load_raw() { +#ifdef LIBRAW_LIBRARY_BUILD + if(!image) + throw LIBRAW_EXCEPTION_IO_CORRUPT; +#endif struct jpeg_decompress_struct cinfo; struct jpeg_error_mgr jerr; JSAMPARRAY buf; @@ -3057,6 +3074,10 @@ void CLASS eight_bit_load_raw() void CLASS kodak_c330_load_raw() { +#ifdef LIBRAW_LIBRARY_BUILD + if(!image) + throw LIBRAW_EXCEPTION_IO_CORRUPT; +#endif uchar *pixel; int row, col, y, cb, cr, rgb[3], c; @@ -3094,6 +3115,10 @@ void CLASS kodak_c330_load_raw() void CLASS kodak_c603_load_raw() { +#ifdef LIBRAW_LIBRARY_BUILD + if(!image) + throw LIBRAW_EXCEPTION_IO_CORRUPT; +#endif uchar *pixel; int row, col, y, cb, cr, rgb[3], c; @@ -3257,6 +3282,10 @@ void CLASS kodak_65000_load_raw() void CLASS kodak_ycbcr_load_raw() { +#ifdef LIBRAW_LIBRARY_BUILD + if(!image) + throw LIBRAW_EXCEPTION_IO_CORRUPT; +#endif short buf[384], *bp; int row, col, len, c, i, j, k, y[2][2], cb, cr, rgb[3]; ushort *ip; @@ -3291,6 +3320,10 @@ void CLASS kodak_ycbcr_load_raw() void CLASS kodak_rgb_load_raw() { +#ifdef LIBRAW_LIBRARY_BUILD + if(!image) + throw LIBRAW_EXCEPTION_IO_CORRUPT; +#endif short buf[768], *bp; int row, col, len, c, i, rgb[3],ret; ushort *ip=image[0]; @@ -3319,6 +3352,10 @@ void CLASS kodak_rgb_load_raw() void CLASS kodak_thumb_load_raw() { +#ifdef LIBRAW_LIBRARY_BUILD + if(!image) + throw LIBRAW_EXCEPTION_IO_CORRUPT; +#endif int row, col; colors = thumb_misc >> 5; for (row=0; row < height; row++) diff --git a/libs/rawengine/libraw/libraw/libraw_version.h b/libs/rawengine/libraw/libraw/libraw_version.h index ad2f398..b6cacec 100644 --- a/core/libs/rawengine/libraw/libraw/libraw_version.h +++ b/core/libs/rawengine/libraw/libraw/libraw_version.h @@ -22,7 +22,7 @@ it under the terms of the one of two licenses as you choose: #define LIBRAW_MAJOR_VERSION 0 #define LIBRAW_MINOR_VERSION 18 -#define LIBRAW_PATCH_VERSION 6 +#define LIBRAW_PATCH_VERSION 7 #define LIBRAW_VERSION_TAIL Release #define LIBRAW_SHLIB_CURRENT 16 diff --git a/libs/rawengine/libraw/src/libraw_cxx.cpp b/libs/rawengine/libraw/src/libraw_cxx.cpp index fbd1f6a..d242222 100644 --- a/core/libs/rawengine/libraw/src/libraw_cxx.cpp +++ b/core/libs/rawengine/libraw/src/libraw_cxx.cpp @@ -2508,7 +2508,7 @@ int LibRaw::unpack(void) S.raw_pitch = (decoder_info.decoder_flags & LIBRAW_DECODER_LEGACY_WITH_MARGINS) ? S.raw_width*8 : S.width*8; // allocate image as temporary buffer, size imgdata.rawdata.raw_alloc = 0; - imgdata.image = (ushort (*)[4]) calloc(unsigned(S.raw_width)*unsigned(S.raw_height),sizeof(*imgdata.image)); + imgdata.image = (ushort (*)[4]) calloc(unsigned(MAX(S.width,S.raw_width))*unsigned(MAX(S.height,S.raw_height)),sizeof(*imgdata.image)); if(!(decoder_info.decoder_flags & LIBRAW_DECODER_ADOBECOPYPIXEL)) { imgdata.rawdata.raw_image = (ushort*) imgdata.image ; -- cgit v0.11.2