Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package jasper for openSUSE:Factory checked in at 2025-08-06 14:31:40 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/jasper (Old) and /work/SRC/openSUSE:Factory/.jasper.new.1085 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "jasper" Wed Aug 6 14:31:40 2025 rev:35 rq:1297855 version:4.2.8 Changes: -------- --- /work/SRC/openSUSE:Factory/jasper/jasper.changes 2025-03-27 22:31:39.595013278 +0100 +++ /work/SRC/openSUSE:Factory/.jasper.new.1085/jasper.changes 2025-08-06 14:32:24.365809105 +0200 @@ -1,0 +2,23 @@ +Wed Aug 6 05:37:05 UTC 2025 - Michael Vetter <[email protected]> + +- Update to 4.2.8: + * Fixed a bug in the JPC decoder that could cause bad memory + accesses if the debug level is set sufficiently high (#402, #403). + +------------------------------------------------------------------- +Mon Aug 4 06:41:44 UTC 2025 - Michael Vetter <[email protected]> + +- Update to 4.2.7: + * Added some missing range checking on several coding parameters in + the JPC encoder (#401). + +------------------------------------------------------------------- +Mon Aug 4 06:41:23 UTC 2025 - Michael Vetter <[email protected]> + +- Update to 4.2.6: + * Added a check for a missing color component in the jas_image_chclrspc + function (#400). + * Fixed a minor build problem related to the use of -Wstrict-prototypes + with Clang. + +------------------------------------------------------------------- Old: ---- version-4.2.5.tar.gz New: ---- version-4.2.8.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ jasper.spec ++++++ --- /var/tmp/diff_new_pack.oZbLv1/_old 2025-08-06 14:32:25.521857491 +0200 +++ /var/tmp/diff_new_pack.oZbLv1/_new 2025-08-06 14:32:25.521857491 +0200 @@ -1,7 +1,7 @@ # # spec file for package jasper # -# Copyright (c) 2025 SUSE LLC +# Copyright (c) 2025 SUSE LLC and contributors # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -20,7 +20,7 @@ %global __builddir obs_build Name: jasper -Version: 4.2.5 +Version: 4.2.8 Release: 0 Summary: An Implementation of the JPEG-2000 Standard, Part 1 License: JasPer-2.0 ++++++ version-4.2.5.tar.gz -> version-4.2.8.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/jasper-version-4.2.5/.github/workflows/ci.yml new/jasper-version-4.2.8/.github/workflows/ci.yml --- old/jasper-version-4.2.5/.github/workflows/ci.yml 2025-03-26 18:53:12.000000000 +0100 +++ new/jasper-version-4.2.8/.github/workflows/ci.yml 2025-08-06 05:55:34.000000000 +0200 @@ -13,18 +13,18 @@ build: strategy: matrix: - os: [ubuntu-22.04, ubuntu-20.04, macos-13, macos-12] + os: [ubuntu-24.04, ubuntu-24.04-arm, macos-15] compiler: [ {cc: gcc, cxx: g++}, {cc: clang, cxx: clang++} ] include: - - os: [windows-2022] - exclude: - # Temporarily disable Ubuntu 20.04 with GCC since linking with - # TSan fails due the linker being unable to find libtsan_preinit.o. - # This used to work previously. - # Perhaps, the cause is related to the following Ubuntu issue: - # https://bugs.launchpad.net/ubuntu/+source/gcc-9/+bug/2029910 - - os: ubuntu-20.04 - compiler: {cc: gcc, cxx: g++} + - os: [windows-2025] + #exclude: + # # Temporarily disable Ubuntu 20.04 with GCC since linking with + # # TSan fails due the linker being unable to find libtsan_preinit.o. + # # This used to work previously. + # # Perhaps, the cause is related to the following Ubuntu issue: + # # https://bugs.launchpad.net/ubuntu/+source/gcc-9/+bug/2029910 + # - os: ubuntu-20.04 + # compiler: {cc: gcc, cxx: g++} fail-fast: false runs-on: ${{ matrix.os }} steps: diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/jasper-version-4.2.5/.github/workflows/release.yml new/jasper-version-4.2.8/.github/workflows/release.yml --- old/jasper-version-4.2.5/.github/workflows/release.yml 2025-03-26 18:53:12.000000000 +0100 +++ new/jasper-version-4.2.8/.github/workflows/release.yml 2025-08-06 05:55:34.000000000 +0200 @@ -13,7 +13,7 @@ jobs: build: #runs-on: ubuntu-latest - runs-on: ubuntu-22.04 + runs-on: ubuntu-24.04 steps: ############################################################ - name: Checkout diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/jasper-version-4.2.5/CMakeLists.txt new/jasper-version-4.2.8/CMakeLists.txt --- old/jasper-version-4.2.5/CMakeLists.txt 2025-03-26 18:53:12.000000000 +0100 +++ new/jasper-version-4.2.8/CMakeLists.txt 2025-08-06 05:55:34.000000000 +0200 @@ -12,7 +12,7 @@ # The major, minor, and micro version numbers of the project. set(JAS_VERSION_MAJOR 4) set(JAS_VERSION_MINOR 2) -set(JAS_VERSION_PATCH 5) +set(JAS_VERSION_PATCH 8) # The shared library versioning information. # Guidelines on how to change this information can be found below. @@ -108,6 +108,8 @@ option(JAS_PACKAGING "Enable packaging mode (e.g., disable RPATH)" OFF) +option(JAS_ENABLE_CMAKE_PACKAGE_CONFIG "Enable CMake package config file generation" OFF) + option(JAS_ENABLE_PIC "Enable position-independent code" ON) set(CMAKE_POSITION_INDEPENDENT_CODE ${JAS_ENABLE_PIC}) @@ -314,6 +316,7 @@ # Customize the compiler flags for warning messages. if(CMAKE_C_COMPILER_ID STREQUAL "Clang" OR CMAKE_C_COMPILER_ID STREQUAL "GNU") + check_c_compiler_flag("-Wno-stringop-truncation" JAS_GCC_WARN_NO_STRINGOP_TRUNCATION) check_c_compiler_flag("-Wno-stringop-overflow" @@ -331,7 +334,16 @@ add_c_compile_options(-Wno-sign-compare) add_c_compile_options(-Wformat) add_c_compile_options(-Wmissing-prototypes) - add_c_compile_options(-Wstrict-prototypes) + + # NOTE: The semantics of -Wstrict-prototypes differs in GCC and Clang. + # GCC does not warn about empty parameter lists in function definitions, + # while Clang does warn about this. + if(CMAKE_C_COMPILER_ID STREQUAL "GNU") + add_c_compile_options(-Wstrict-prototypes) + elseif(CMAKE_C_COMPILER_ID STREQUAL "Clang") + add_c_compile_options(-Wno-strict-prototypes) + endif() + add_c_compile_options(-Wno-type-limits) if (JAS_CLANG_WARN_NO_OUT_OF_RANGE_COMPARE) add_c_compile_options(-Wno-tautological-constant-out-of-range-compare) @@ -357,7 +369,9 @@ #add_c_compile_options(-Werror) set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Werror") endif() + elseif(CMAKE_C_COMPILER_ID STREQUAL "MSVC") + # possibly lossy conversion add_c_compile_options(/wd4244) # different const qualifiers @@ -372,6 +386,7 @@ # Treat all compiler warnings as errors. add_c_compile_options(/WX) endif() + endif() if(JAS_ENABLE_HIDDEN) @@ -743,11 +758,13 @@ # (e.g., stdio.h and stdint.h). So, we cannot reliably use # check_include_file here. jas_get_includes_from_targets(CMAKE_REQUIRED_INCLUDES JPEG::JPEG) + message("JPEG include directories: ${CMAKE_REQUIRED_INCLUDES}") check_c_source_compiles(" #include <stdio.h> #include <stdint.h> + #include <stddef.h> #include <jpeglib.h> - int main() {} + int main(void) {} " JAS_HAVE_JPEGLIB_H) if(JAS_HAVE_JPEGLIB_H) set(JAS_HAVE_LIBJPEG 1) @@ -862,3 +879,43 @@ DESTINATION "${CMAKE_INSTALL_LIBDIR}/pkgconfig") install(FILES "README.md" DESTINATION "${CMAKE_INSTALL_DOCDIR}") + +################################################################################ +# CMake package config files for find_package(JasPer CONFIG ...) +################################################################################ + +if(JAS_ENABLE_CMAKE_PACKAGE_CONFIG) + + include(CMakePackageConfigHelpers) + + # Create a version file for the package. + write_basic_package_version_file( + "${CMAKE_CURRENT_BINARY_DIR}/JasPerConfigVersion.cmake" + VERSION ${JAS_VERSION} + COMPATIBILITY AnyNewerVersion + ) + + # Configure the config file that downstream projects will include. + configure_package_config_file( + "${CMAKE_CURRENT_SOURCE_DIR}/build/cmake/modules/JasPerConfig.cmake.in" + "${CMAKE_CURRENT_BINARY_DIR}/JasPerConfig.cmake" + INSTALL_DESTINATION "${CMAKE_INSTALL_LIBDIR}/cmake/JasPer" + ) + + # Export the targets. + install(EXPORT JasPerTargets + FILE JasPerTargets.cmake + NAMESPACE JasPer:: + DESTINATION "${CMAKE_INSTALL_LIBDIR}/cmake/JasPer" + ) + + # Install the config and version files. + install(FILES + "${CMAKE_CURRENT_BINARY_DIR}/JasPerConfig.cmake" + "${CMAKE_CURRENT_BINARY_DIR}/JasPerConfigVersion.cmake" + DESTINATION "${CMAKE_INSTALL_LIBDIR}/cmake/JasPer" + ) + +endif() + +################################################################################ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/jasper-version-4.2.5/NEWS.txt new/jasper-version-4.2.8/NEWS.txt --- old/jasper-version-4.2.5/NEWS.txt 2025-03-26 18:53:12.000000000 +0100 +++ new/jasper-version-4.2.8/NEWS.txt 2025-08-06 05:55:34.000000000 +0200 @@ -1,3 +1,24 @@ +4.2.8 (2025-08-05) +================== + +* Fixed a bug in the JPC decoder that could cause bad memory accesses + if the debug level is set sufficiently high (#402, #403). + +4.2.7 (2025-08-02) +================== + +* Added some missing range checking on several coding parameters in the + JPC encoder (#401). + +4.2.6 (2025-08-02) +================== + +* Added a check for a missing color component in the jas_image_chclrspc + function (#400). + +* Fixed a minor build problem related to the use of -Wstrict-prototypes + with Clang. + 4.2.5 (2025-03-26) ================== diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/jasper-version-4.2.5/build/build new/jasper-version-4.2.8/build/build --- old/jasper-version-4.2.5/build/build 2025-03-26 18:53:12.000000000 +0100 +++ new/jasper-version-4.2.8/build/build 2025-08-06 05:55:34.000000000 +0200 @@ -125,6 +125,7 @@ cmake_generator= enable_32bit=0 enable_cxx=1 +enable_cmake_package_config=0 while [ $# -gt 0 ]; do option="$1" @@ -144,6 +145,15 @@ cmake_generator="Ninja" ;; + --cmake-package-config) + shift 1 + enable_cmake_package_config=1 + ;; + --no-cmake-package-config) + shift 1 + enable_cmake_package_config=0 + ;; + --clean-build-dir) shift 1 clean_build_dir=1 @@ -486,6 +496,14 @@ configure_opts+=(-B"$build_dir") configure_opts+=(-H"$source_dir") +#configure_opts+=(--trace-expand) + +if [ -n "$enable_cmake_package_config" ]; then + configure_opts+=( + -D "JAS_ENABLE_CMAKE_PACKAGE_CONFIG=$enable_cmake_package_config" + ) +fi + if [ -n "$cmake_generator" ]; then configure_opts+=(-G "$cmake_generator") fi diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/jasper-version-4.2.5/build/build_all new/jasper-version-4.2.8/build/build_all --- old/jasper-version-4.2.5/build/build_all 2025-03-26 18:53:12.000000000 +0100 +++ new/jasper-version-4.2.8/build/build_all 2025-08-06 05:55:34.000000000 +0200 @@ -233,10 +233,11 @@ strict=1 command_file= enable_test=1 +enable_conformance_test=1 requested_tests=() hard_fail=0 -while getopts hvb:cnd:swC:Xqt:F option; do +while getopts hvb:cnd:swC:XYqt:F option; do case "$option" in n) enable=0;; @@ -265,6 +266,8 @@ strict=1;; X) enable_test=0;; + Y) + enable_conformance_test=0;; h) usage;; *) @@ -298,6 +301,11 @@ ================================================================================ EOF +if [ -n "$RUNNER_OS" ]; then + echo "RUNNER_NAME: $RUNNER_NAME" + echo "RUNNER_OS: $RUNNER_OS" +fi + os=unknown if [ -n "$RUNNER_OS" ]; then case "$RUNNER_OS" in @@ -314,6 +322,7 @@ ubuntu_clang_hack=0 # If invoked by GitHub Actions CI... if [ -n "$RUNNER_OS" ]; then + if [ "$os" = linux ]; then # Assume that the OS being Linux means Ubuntu. case "$CC" in @@ -322,6 +331,32 @@ ;; esac fi + + # Disable conformance tests in the following situations since the tests + # take too long: + # - on the ARM architecture + # - on Windows + case "$os" in + linux) + arch="$(uname -m)" || panic "uname failed" + echo "architecture: $arch" + case "$arch" in + aarch*|arm*) + is_arm=1;; + *) + is_arm=0;; + esac + ;; + windows) + is_arm=0 + ;; + esac + echo "ARM architecture: $is_arm" + if [ "$os" = "windows" -o "$is_arm" -ne 0 ]; then + echo "WARNING: disabling conformance tests" + enable_conformance_test=0 + fi + fi #ubuntu_clang_hack=0 @@ -366,16 +401,14 @@ if [ "$enable_test" -ne 0 ]; then test_option=(--test) - conformance_tests_option=(--conformance-tests) else test_option=(--no-test) - conformance_tests_option=(--no-conformance-tests) fi -case "$os" in -windows) +if [ "$enable_conformance_test" -ne 0 ]; then + conformance_tests_option=(--conformance-tests) +else conformance_tests_option=(--no-conformance-tests) - ;; -esac +fi ################################################################################ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/jasper-version-4.2.5/build/cmake/modules/JasPerConfig.cmake.in new/jasper-version-4.2.8/build/cmake/modules/JasPerConfig.cmake.in --- old/jasper-version-4.2.5/build/cmake/modules/JasPerConfig.cmake.in 1970-01-01 01:00:00.000000000 +0100 +++ new/jasper-version-4.2.8/build/cmake/modules/JasPerConfig.cmake.in 2025-08-06 05:55:34.000000000 +0200 @@ -0,0 +1,5 @@ +@PACKAGE_INIT@ + +set(JasPer_FOUND TRUE) + +include("${CMAKE_CURRENT_LIST_DIR}/JasPerTargets.cmake") Binary files old/jasper-version-4.2.5/data/test/bad/poc_402.jpc and new/jasper-version-4.2.8/data/test/bad/poc_402.jpc differ Binary files old/jasper-version-4.2.5/data/test/bad/poc_403.jpc and new/jasper-version-4.2.8/data/test/bad/poc_403.jpc differ Binary files old/jasper-version-4.2.5/data/test/other/poc_400.pnm and new/jasper-version-4.2.8/data/test/other/poc_400.pnm differ Binary files old/jasper-version-4.2.5/data/test/other/poc_401.pnm and new/jasper-version-4.2.8/data/test/other/poc_401.pnm differ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/jasper-version-4.2.5/src/libjasper/CMakeLists.txt new/jasper-version-4.2.8/src/libjasper/CMakeLists.txt --- old/jasper-version-4.2.5/src/libjasper/CMakeLists.txt 2025-03-26 18:53:12.000000000 +0100 +++ new/jasper-version-4.2.8/src/libjasper/CMakeLists.txt 2025-08-06 05:55:34.000000000 +0200 @@ -168,6 +168,16 @@ ${libjasper_ras_sources} ) +if(JAS_ENABLE_CMAKE_PACKAGE_CONFIG) + install(TARGETS libjasper + EXPORT JasPerTargets + ARCHIVE DESTINATION ${CMAKE_INSTALL_LIBDIR} + LIBRARY DESTINATION ${CMAKE_INSTALL_LIBDIR} + RUNTIME DESTINATION ${CMAKE_INSTALL_BINDIR} + INCLUDES DESTINATION ${CMAKE_INSTALL_INCLUDEDIR} + ) +endif() + # The JasPer include directories in the source and build tree must be included # before any other directories that may contain the include directory for an # already installed version of the JasPer library. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/jasper-version-4.2.5/src/libjasper/base/jas_image.c new/jasper-version-4.2.8/src/libjasper/base/jas_image.c --- old/jasper-version-4.2.5/src/libjasper/base/jas_image.c 2025-03-26 18:53:12.000000000 +0100 +++ new/jasper-version-4.2.8/src/libjasper/base/jas_image.c 2025-08-06 05:55:34.000000000 +0200 @@ -118,6 +118,8 @@ jas_image_coord_t *bry); static void jas_image_fmtinfo_init(jas_image_fmtinfo_t *fmtinfo); static void jas_image_fmtinfo_cleanup(jas_image_fmtinfo_t *fmtinfo); +static jas_cmcmptfmt_t* jas_cmcmptfmt_array_create(int n); +static void jas_cmcmptfmt_array_destroy(jas_cmcmptfmt_t* cmptfmts, int n); /******************************************************************************\ * Create and destroy operations. @@ -413,6 +415,36 @@ jas_free(cmpt); } +static jas_cmcmptfmt_t* jas_cmcmptfmt_array_create(int n) +{ + jas_cmcmptfmt_t* cmptfmts; + JAS_LOGDEBUGF(10, "jas_cmcmptfmt_array_create(%d)\n", n); + if (!(cmptfmts = jas_alloc2(n, sizeof(jas_cmcmptfmt_t)))) { + return 0; + } + for (int i = 0; i < n; ++i) { + cmptfmts[i].buf = 0; + } + JAS_LOGDEBUGF(10, "jas_cmcmptfmt_array_create(%d) returning %p\n", n, + JAS_CAST(void *, cmptfmts)); + return cmptfmts; +} + +static void jas_cmcmptfmt_array_destroy(jas_cmcmptfmt_t* cmptfmts, int n) +{ + assert(cmptfmts); + assert(n > 0); + JAS_LOGDEBUGF(10, "jas_cmcmptfmt_array_destroy(%p, %d)\n", + JAS_CAST(void *, cmptfmts), n); + for (int i = 0; i < n; ++i) { + if (cmptfmts[i].buf) { + jas_free(cmptfmts[i].buf); + } + cmptfmts[i].buf = 0; + } + jas_free(cmptfmts); +} + /******************************************************************************\ * Load and save operations. \******************************************************************************/ @@ -1588,12 +1620,15 @@ jas_cmcmptfmt_t *incmptfmts; jas_cmcmptfmt_t *outcmptfmts; + assert(image); + assert(outprof); + #if 0 jas_eprintf("IMAGE\n"); jas_image_dump(image, stderr); #endif - if (image->numcmpts_ == 0) { + if (!jas_image_numcmpts(image)) { /* can't work with a file with no components; continuing would crash because we'd attempt to @@ -1604,6 +1639,8 @@ outimage = 0; xform = 0; + incmptfmts = 0; + outcmptfmts = 0; if (!(inimage = jas_image_copy(image))) { goto error; } @@ -1694,16 +1731,22 @@ } inpixmap.numcmpts = numinclrchans; - if (!(incmptfmts = jas_alloc2(numinclrchans, sizeof(jas_cmcmptfmt_t)))) { + assert(numinclrchans != 0); + if (!(incmptfmts = jas_cmcmptfmt_array_create(numinclrchans))) { // formerly call to abort() goto error; } inpixmap.cmptfmts = incmptfmts; for (unsigned i = 0; i < numinclrchans; ++i) { const int j = jas_image_getcmptbytype(inimage, JAS_IMAGE_CT_COLOR(i)); + if (j < 0) { + jas_logerrorf("missing color component %d\n", i); + goto error; + } if (!(incmptfmts[i].buf = jas_alloc2(width, sizeof(long)))) { goto error; } + assert(j >= 0 && j < jas_image_numcmpts(inimage)); incmptfmts[i].prec = jas_image_cmptprec(inimage, j); incmptfmts[i].sgnd = jas_image_cmptsgnd(inimage, j); incmptfmts[i].width = width; @@ -1711,7 +1754,7 @@ } outpixmap.numcmpts = numoutclrchans; - if (!(outcmptfmts = jas_alloc2(numoutclrchans, sizeof(jas_cmcmptfmt_t)))) { + if (!(outcmptfmts = jas_cmcmptfmt_array_create(numoutclrchans))) { // formerly call to abort() goto error; } @@ -1719,9 +1762,14 @@ for (unsigned i = 0; i < numoutclrchans; ++i) { const int j = jas_image_getcmptbytype(outimage, JAS_IMAGE_CT_COLOR(i)); + if (j < 0) { + jas_logerrorf("missing color component %d\n", i); + goto error; + } if (!(outcmptfmts[i].buf = jas_alloc2(width, sizeof(long)))) { goto error; } + assert(j >= 0 && j < jas_image_numcmpts(outimage)); outcmptfmts[i].prec = jas_image_cmptprec(outimage, j); outcmptfmts[i].sgnd = jas_image_cmptsgnd(outimage, j); outcmptfmts[i].width = width; @@ -1746,14 +1794,8 @@ } } - for (unsigned i = 0; i < numoutclrchans; ++i) { - jas_free(outcmptfmts[i].buf); - } - jas_free(outcmptfmts); - for (unsigned i = 0; i < numinclrchans; ++i) { - jas_free(incmptfmts[i].buf); - } - jas_free(incmptfmts); + jas_cmcmptfmt_array_destroy(outcmptfmts, numoutclrchans); + jas_cmcmptfmt_array_destroy(incmptfmts, numinclrchans); jas_cmxform_destroy(xform); jas_image_destroy(inimage); @@ -1765,6 +1807,14 @@ #endif return outimage; error: + if (incmptfmts) { + assert(numinclrchans); + jas_cmcmptfmt_array_destroy(incmptfmts, numinclrchans); + } + if (outcmptfmts) { + assert(numoutclrchans); + jas_cmcmptfmt_array_destroy(outcmptfmts, numoutclrchans); + } if (xform) { jas_cmxform_destroy(xform); } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/jasper-version-4.2.5/src/libjasper/jpc/jpc_dec.c new/jasper-version-4.2.8/src/libjasper/jpc/jpc_dec.c --- old/jasper-version-4.2.5/src/libjasper/jpc/jpc_dec.c 2025-03-26 18:53:12.000000000 +0100 +++ new/jasper-version-4.2.8/src/libjasper/jpc/jpc_dec.c 2025-08-06 05:55:34.000000000 +0200 @@ -1136,23 +1136,23 @@ if (tile->cp) { jpc_dec_cp_destroy(tile->cp); - //tile->cp = 0; + tile->cp = 0; } if (tile->tcomps) { jas_free(tile->tcomps); - //tile->tcomps = 0; + tile->tcomps = 0; } if (tile->pi) { jpc_pi_destroy(tile->pi); - //tile->pi = 0; + tile->pi = 0; } if (tile->pkthdrstream) { jas_stream_close(tile->pkthdrstream); - //tile->pkthdrstream = 0; + tile->pkthdrstream = 0; } if (tile->pptstab) { jpc_ppxstab_destroy(tile->pptstab); - //tile->pptstab = 0; + tile->pptstab = 0; } tile->state = JPC_TILE_DONE; @@ -2288,6 +2288,9 @@ const jpc_dec_tile_t *tile; for (tileno = 0, tile = dec->tiles; tileno < dec->numtiles; ++tileno, ++tile) { + if (!tile->tcomps) { + continue; + } assert(!dec->numcomps || tile->tcomps); unsigned compno; const jpc_dec_tcomp_t *tcomp; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/jasper-version-4.2.5/src/libjasper/jpc/jpc_enc.c new/jasper-version-4.2.8/src/libjasper/jpc/jpc_enc.c --- old/jasper-version-4.2.5/src/libjasper/jpc/jpc_enc.c 2025-03-26 18:53:12.000000000 +0100 +++ new/jasper-version-4.2.8/src/libjasper/jpc/jpc_enc.c 2025-08-06 05:55:34.000000000 +0200 @@ -484,18 +484,36 @@ cp->tileheight = atoi(jas_tvparser_getval(tvp)); break; case OPT_PRCWIDTH: - prcwidthexpn = jpc_floorlog2(atoi(jas_tvparser_getval(tvp))); + i = atoi(jas_tvparser_getval(tvp)); + if (i <= 0) { + jas_logerrorf("invalid precinct width (%d)\n", i); + goto error; + } + prcwidthexpn = jpc_floorlog2(i); break; case OPT_PRCHEIGHT: - prcheightexpn = jpc_floorlog2(atoi(jas_tvparser_getval(tvp))); + i = atoi(jas_tvparser_getval(tvp)); + if (i <= 0) { + jas_logerrorf("invalid precinct height (%d)\n", i); + goto error; + } + prcheightexpn = jpc_floorlog2(i); break; case OPT_CBLKWIDTH: - tccp->cblkwidthexpn = - jpc_floorlog2(atoi(jas_tvparser_getval(tvp))); + i = atoi(jas_tvparser_getval(tvp)); + if (i <= 0) { + jas_logerrorf("invalid code block width (%d)\n", i); + goto error; + } + tccp->cblkwidthexpn = jpc_floorlog2(i); break; case OPT_CBLKHEIGHT: - tccp->cblkheightexpn = - jpc_floorlog2(atoi(jas_tvparser_getval(tvp))); + i = atoi(jas_tvparser_getval(tvp)); + if (i <= 0) { + jas_logerrorf("invalid code block height (%d)\n", i); + goto error; + } + tccp->cblkheightexpn = jpc_floorlog2(i); break; case OPT_MODE: if ((tagid = jas_taginfo_nonull(jas_taginfos_lookup(modetab, diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/jasper-version-4.2.5/src/libjasper/jpc/jpc_t2dec.c new/jasper-version-4.2.8/src/libjasper/jpc/jpc_t2dec.c --- old/jasper-version-4.2.5/src/libjasper/jpc/jpc_t2dec.c 2025-03-26 18:53:12.000000000 +0100 +++ new/jasper-version-4.2.8/src/libjasper/jpc/jpc_t2dec.c 2025-08-06 05:55:34.000000000 +0200 @@ -348,7 +348,8 @@ const unsigned n = JAS_MIN((unsigned)numnewpasses, maxpasses); mycounter += n; numnewpasses -= n; - if ((len = jpc_bitstream_getbits(inb, cblk->numlenbits + jpc_floorlog2(n))) < 0) { + if ((len = jpc_bitstream_getbits(inb, + cblk->numlenbits + jpc_floorlog2(n))) < 0) { jpc_bitstream_close(inb); jas_logerrorf("cannot get bits\n"); return -1;
