Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package openjph for openSUSE:Factory checked in at 2025-10-30 17:09:47 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/openjph (Old) and /work/SRC/openSUSE:Factory/.openjph.new.1980 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "openjph" Thu Oct 30 17:09:47 2025 rev:12 rq:1314505 version:0.24.4 Changes: -------- --- /work/SRC/openSUSE:Factory/openjph/openjph.changes 2025-10-11 22:48:17.308366409 +0200 +++ /work/SRC/openSUSE:Factory/.openjph.new.1980/openjph.changes 2025-10-30 17:10:09.735506961 +0100 @@ -1,0 +2,12 @@ +Thu Oct 30 07:42:26 UTC 2025 - Michael Vetter <[email protected]> + +- Update to 0.24.4: + * Fix an issue with ATK marker segment processing #224 + +------------------------------------------------------------------- +Wed Oct 29 10:43:01 UTC 2025 - Michael Vetter <[email protected]> + +- Update to 0.24.3: + * Protect against illegally long QCD and QCC marker segments. + +------------------------------------------------------------------- Old: ---- 0.24.2.tar.gz New: ---- 0.24.4.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ openjph.spec ++++++ --- /var/tmp/diff_new_pack.614BFc/_old 2025-10-30 17:10:10.387534439 +0100 +++ /var/tmp/diff_new_pack.614BFc/_new 2025-10-30 17:10:10.391534608 +0100 @@ -17,7 +17,7 @@ Name: openjph -Version: 0.24.2 +Version: 0.24.4 Release: 0 Summary: An implementation of JPEG2000 Part-15 License: BSD-2-Clause ++++++ 0.24.2.tar.gz -> 0.24.4.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/OpenJPH-0.24.2/src/core/codestream/ojph_params.cpp new/OpenJPH-0.24.4/src/core/codestream/ojph_params.cpp --- old/OpenJPH-0.24.2/src/core/codestream/ojph_params.cpp 2025-10-08 10:33:45.000000000 +0200 +++ new/OpenJPH-0.24.4/src/core/codestream/ojph_params.cpp 2025-10-29 20:49:07.000000000 +0100 @@ -1625,8 +1625,8 @@ if ((Sqcd & 0x1F) == 0) { num_subbands = (Lqcd - 3); - if (Lqcd != 3 + num_subbands) - OJPH_ERROR(0x00050083, "wrong Lqcd value in QCD marker"); + if (num_subbands > 97 || Lqcd != 3 + num_subbands) + OJPH_ERROR(0x00050083, "wrong Lqcd value of %d in QCD marker", Lqcd); for (ui32 i = 0; i < num_subbands; ++i) if (file->read(&SPqcd.u8[i], 1) != 1) OJPH_ERROR(0x00050084, "error reading QCD marker"); @@ -1642,8 +1642,8 @@ else if ((Sqcd & 0x1F) == 2) { num_subbands = (Lqcd - 3) / 2; - if (Lqcd != 3 + 2 * num_subbands) - OJPH_ERROR(0x00050086, "wrong Lqcd value in QCD marker"); + if (num_subbands > 97 || Lqcd != 3 + 2 * num_subbands) + OJPH_ERROR(0x00050086, "wrong Lqcd value of %d in QCD marker", Lqcd); for (ui32 i = 0; i < num_subbands; ++i) { if (file->read(&SPqcd.u16[i], 2) != 2) @@ -1680,8 +1680,8 @@ if ((Sqcd & 0x1F) == 0) { num_subbands = (Lqcd - offset); - if (Lqcd != offset + num_subbands) - OJPH_ERROR(0x000500A5, "wrong Lqcd value in QCC marker"); + if (num_subbands > 97 || Lqcd != offset + num_subbands) + OJPH_ERROR(0x000500A5, "wrong Lqcd value of %d in QCC marker", Lqcd); for (ui32 i = 0; i < num_subbands; ++i) if (file->read(&SPqcd.u8[i], 1) != 1) OJPH_ERROR(0x000500A6, "error reading QCC marker"); @@ -1697,8 +1697,8 @@ else if ((Sqcd & 0x1F) == 2) { num_subbands = (Lqcd - offset) / 2; - if (Lqcd != offset + 2 * num_subbands) - OJPH_ERROR(0x000500A8, "wrong Lqcc value in QCC marker"); + if (num_subbands > 97 || Lqcd != offset + 2 * num_subbands) + OJPH_ERROR(0x000500A8, "wrong Lqcc value of %d in QCC marker", Lqcd); for (ui32 i = 0; i < num_subbands; ++i) { if (file->read(&SPqcd.u16[i], 2) != 2) @@ -2314,7 +2314,7 @@ ////////////////////////////////////////////////////////////////////////// param_atk* param_atk::get_atk(int index) { - assert(type == OJPH_ATK_TOP); + assert(top_atk == NULL); if (Latk == 0) { @@ -2345,17 +2345,19 @@ } ////////////////////////////////////////////////////////////////////////// - bool param_atk::read_coefficient(infile_base *file, float &K) + bool param_atk::read_coefficient(infile_base *file, float &K, si32& bytes) { int coeff_type = get_coeff_type(); if (coeff_type == 0) { // 8bit ui8 v; if (file->read(&v, 1) != 1) return false; + bytes -= 1; K = v; } else if (coeff_type == 1) { // 16bit ui16 v; if (file->read(&v, 2) != 2) return false; + bytes -= 2; K = swap_byte(v); } else if (coeff_type == 2) { // float @@ -2364,6 +2366,7 @@ ui32 i; } v; if (file->read(&v.i, 4) != 4) return false; + bytes -= 4; v.i = swap_byte(v.i); K = v.f; } @@ -2373,13 +2376,16 @@ ui64 i; } v; if (file->read(&v.i, 8) != 8) return false; + bytes -= 8; v.i = swap_byte(v.i); K = (float)v.d; } else if (coeff_type == 4) { // 128 bit float ui64 v, v1; if (file->read(&v, 8) != 8) return false; + bytes -= 8; if (file->read(&v1, 8) != 8) return false; // v1 not needed + bytes -= 8; v = swap_byte(v); union { @@ -2405,17 +2411,19 @@ ////////////////////////////////////////////////////////////////////////// - bool param_atk::read_coefficient(infile_base *file, si16 &K) + bool param_atk::read_coefficient(infile_base *file, si16 &K, si32& bytes) { int coeff_type = get_coeff_type(); if (coeff_type == 0) { si8 v; if (file->read(&v, 1) != 1) return false; + bytes -= 1; K = v; } else if (coeff_type == 1) { si16 v; if (file->read(&v, 2) != 2) return false; + bytes -= 2; K = (si16)swap_byte((ui16)v); } else @@ -2432,16 +2440,19 @@ if (file->read(&Latk, 2) != 2) OJPH_ERROR(0x000500E1, "error reading ATK-Latk parameter"); Latk = swap_byte(Latk); + si32 bytes = Latk - 2; ojph::ui16 temp_Satk; if (file->read(&temp_Satk, 2) != 2) OJPH_ERROR(0x000500E2, "error reading ATK-Satk parameter"); + bytes -= 2; temp_Satk = swap_byte(temp_Satk); int tmp_idx = temp_Satk & 0xFF; - if (tmp_idx == 0 || tmp_idx == 1 || top_atk->get_atk(tmp_idx) != NULL) + if ((top_atk && top_atk->get_atk(tmp_idx) != NULL) + || tmp_idx == 0 || tmp_idx == 1) OJPH_ERROR(0x000500F3, "ATK-Satk parameter sets ATK marker index to " "the illegal value of %d. ATK-Satk should be in (2-255) and, I " "believe, must not be repeated; otherwise, it would be unclear " - "what marker segment must be employed when this index is used.", + "what marker segment must be employed when an index is repeated.", tmp_idx); Satk = temp_Satk; if (is_m_init0() == false) // only even-indexed is supported @@ -2458,10 +2469,11 @@ OJPH_ERROR(0x000500E6, "ATK-Satk parameter requires constant " "boundary extension, which is not supported yet."); if (is_reversible() == false) - if (read_coefficient(file, Katk) == false) + if (read_coefficient(file, Katk, bytes) == false) OJPH_ERROR(0x000500E7, "error reading ATK-Katk parameter"); if (file->read(&Natk, 1) != 1) OJPH_ERROR(0x000500E8, "error reading ATK-Natk parameter"); + bytes -= 1; if (Natk > max_steps) { if (d != d_store) // was this allocated -- very unlikely delete[] d; @@ -2475,19 +2487,22 @@ { if (file->read(&d[s].rev.Eatk, 1) != 1) OJPH_ERROR(0x000500E9, "error reading ATK-Eatk parameter"); + bytes -= 1; if (file->read(&d[s].rev.Batk, 2) != 2) OJPH_ERROR(0x000500EA, "error reading ATK-Batk parameter"); + bytes -= 2; d[s].rev.Batk = (si16)swap_byte((ui16)d[s].rev.Batk); ui8 LCatk; if (file->read(&LCatk, 1) != 1) OJPH_ERROR(0x000500EB, "error reading ATK-LCatk parameter"); + bytes -= 1; if (LCatk == 0) OJPH_ERROR(0x000500EC, "Encountered a ATK-LCatk value of zero; " "something is wrong."); if (LCatk > 1) OJPH_ERROR(0x000500ED, "ATK-LCatk value greater than 1; " "that is, a multitap filter is not supported"); - if (read_coefficient(file, d[s].rev.Aatk) == false) + if (read_coefficient(file, d[s].rev.Aatk, bytes) == false) OJPH_ERROR(0x000500EE, "Error reding ATK-Aatk parameter"); } } @@ -2498,16 +2513,20 @@ ui8 LCatk; if (file->read(&LCatk, 1) != 1) OJPH_ERROR(0x000500EF, "error reading ATK-LCatk parameter"); + bytes -= 1; if (LCatk == 0) OJPH_ERROR(0x000500F0, "Encountered a ATK-LCatk value of zero; " "something is wrong."); if (LCatk > 1) OJPH_ERROR(0x000500F1, "ATK-LCatk value greater than 1; " "that is, a multitap filter is not supported."); - if (read_coefficient(file, d[s].irv.Aatk) == false) + if (read_coefficient(file, d[s].irv.Aatk, bytes) == false) OJPH_ERROR(0x000500F2, "Error reding ATK-Aatk parameter"); } } + if (bytes != 0) + OJPH_ERROR(0x000500F3, "The length of an ATK marker segment " + "(ATK-Latk) is not correct"); return true; } @@ -2544,7 +2563,7 @@ ////////////////////////////////////////////////////////////////////////// param_atk* param_atk::add_object() { - assert(type == OJPH_ATK_TOP); + assert(top_atk = NULL); param_atk *p = this; while (p->next != NULL) p = p->next; @@ -2552,12 +2571,12 @@ { p->next = avail; avail = avail->next; - assert(p->next->type == OJPH_ATK_NONTOP); - p->next->init(this); } else - p->next = new param_atk(this, OJPH_ATK_NONTOP); - return p->next; + p->next = new param_atk; + p = p->next; + p->init(this); + return p; } } // !local namespace diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/OpenJPH-0.24.2/src/core/codestream/ojph_params_local.h new/OpenJPH-0.24.4/src/core/codestream/ojph_params_local.h --- old/OpenJPH-0.24.2/src/core/codestream/ojph_params_local.h 2025-10-08 10:33:45.000000000 +0200 +++ new/OpenJPH-0.24.4/src/core/codestream/ojph_params_local.h 2025-10-29 20:49:07.000000000 +0100 @@ -1074,32 +1074,50 @@ // Only one coefficient per step -- first order filter // Only even-indexed subsequence in first reconstruction step, // m_init = 0 is supported - private: - enum : ui8 { // this is not a real parameter; it used for debugging - OJPH_ATK_TOP = 0, - OJPH_ATK_NONTOP = 1 - }; - public: // member functions - param_atk(param_atk *top_atk = NULL, ui8 type = OJPH_ATK_TOP) { - avail = NULL; + param_atk() + { d = d_store; max_steps = sizeof(d_store) / sizeof(lifting_step); - this->top_atk = top_atk; - this->type = type; - init(this); + init(NULL); + } + ~param_atk() + { + if (avail) { + delete avail; + avail = NULL; + } + if (next) { + delete next; + next = NULL; + } + if (d != NULL && d != d_store) { + delete[] d; + d = d_store; + max_steps = sizeof(d_store) / sizeof(lifting_step); + } } - ~param_atk() { destroy(); } //////////////////////////////////////// void restart() { - assert(type == OJPH_ATK_TOP); + assert(top_atk == NULL); + + Latk = Satk = 0; + Katk = 0.0f; + Natk = 0; + if (d == NULL || d == d_store) { + d = d_store; + max_steps = sizeof(d_store) / sizeof(lifting_step); + } + memset(d, 0, max_steps * sizeof(lifting_step)); + param_atk** p = &avail; // move next to the end of avail while (*p != NULL) p = &((*p)->next); *p = next; - this->init(this); + + next = NULL; } bool read(infile_base *file); @@ -1116,42 +1134,25 @@ ui32 get_num_steps() const { return Natk; } float get_K() const { return Katk; } - private: - //////////////////////////////////////// - void init(param_atk *top_atk) + private: + ///////////////////////////////////// + void init(param_atk* top_atk) { Latk = Satk = 0; Katk = 0.0f; Natk = 0; - next = NULL; - this->top_atk = top_atk; - if (d == NULL) { + if (d == NULL || d == d_store) { d = d_store; max_steps = sizeof(d_store) / sizeof(lifting_step); } memset(d, 0, max_steps * sizeof(lifting_step)); + next = NULL; + this->top_atk = top_atk; + avail = NULL; } - - //////////////////////////////////////// - void destroy() - { - assert(type == OJPH_ATK_TOP); - if (avail) - delete avail; - if (next) { - delete next; - next = NULL; - } - if (d != NULL && d != d_store) { - delete[] d; - d = d_store; - max_steps = sizeof(d_store) / sizeof(lifting_step); - } - } - private: - bool read_coefficient(infile_base *file, float &K); - bool read_coefficient(infile_base *file, si16 &K); + bool read_coefficient(infile_base *file, float &K, si32& bytes); + bool read_coefficient(infile_base *file, si16 &K, si32& bytes); void init_irv97(); void init_rev53(); @@ -1167,8 +1168,6 @@ lifting_step d_store[6]; // lifting step coefficient param_atk* next; // used for chaining if more than one atk segment // exist in the codestream - ui8 type; // marker type -- this not a standard type; it is used - // for debugging param_atk* top_atk;// This is the top level atk, from which all atk // objects are derived diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/OpenJPH-0.24.2/src/core/common/ojph_version.h new/OpenJPH-0.24.4/src/core/common/ojph_version.h --- old/OpenJPH-0.24.2/src/core/common/ojph_version.h 2025-10-08 10:33:45.000000000 +0200 +++ new/OpenJPH-0.24.4/src/core/common/ojph_version.h 2025-10-29 20:49:07.000000000 +0100 @@ -35,4 +35,4 @@ #define OPENJPH_VERSION_MAJOR 0 #define OPENJPH_VERSION_MINOR 24 -#define OPENJPH_VERSION_PATCH 2 +#define OPENJPH_VERSION_PATCH 4
