libbpg-0.9.8

This commit is contained in:
King_DuckZ 2021-03-15 14:26:22 +01:00
parent 1261ac523b
commit 62bba2b5bf
6 changed files with 18 additions and 5 deletions

View file

@ -1,3 +1,8 @@
version 0.9.8:
- x265 library compilation fixes
- buffer overflow fixes
version 0.9.7: version 0.9.7:
- Increased the memory size of the JS decoder to 32 MiB and avoid - Increased the memory size of the JS decoder to 32 MiB and avoid

View file

@ -1 +1 @@
0.9.7 0.9.8

View file

@ -688,6 +688,14 @@ Image *image_alloc(int w, int h, BPGImageFormatEnum format, int has_alpha,
{ {
Image *img; Image *img;
int i, linesize, w1, h1, c_count; int i, linesize, w1, h1, c_count;
uint64_t size;
/* XXX: support large images ? */
size = (uint64_t)w * (uint64_t)h * 2;
if (size > INT32_MAX) {
fprintf(stderr, "Image is too large\n");
exit(1);
}
img = malloc(sizeof(Image)); img = malloc(sizeof(Image));
memset(img, 0, sizeof(*img)); memset(img, 0, sizeof(*img));
@ -1088,7 +1096,7 @@ Image *read_png(BPGMetaData **pmd,
static BPGMetaData *jpeg_get_metadata(jpeg_saved_marker_ptr first_marker) static BPGMetaData *jpeg_get_metadata(jpeg_saved_marker_ptr first_marker)
{ {
static const char app1_exif[] = "Exif"; static const char app1_exif[] = "Exif\0";
static const char app1_xmp[] = "http://ns.adobe.com/xap/1.0/"; static const char app1_xmp[] = "http://ns.adobe.com/xap/1.0/";
static const char app2_iccp[] = "ICC_PROFILE"; static const char app2_iccp[] = "ICC_PROFILE";
jpeg_saved_marker_ptr marker; jpeg_saved_marker_ptr marker;

View file

@ -232,7 +232,7 @@ static int build_msps(uint8_t **pbuf, int *pbuf_len,
input_data += len; input_data += len;
input_data_len -= len; input_data_len -= len;
buf_len = 4 + 2 + msps_len * 2 + 4 + (input_data_len - len); buf_len = 4 + 2 + msps_len * 2;
buf = av_malloc(buf_len); buf = av_malloc(buf_len);
idx = 0; idx = 0;