From bf6c774305c9feb30cff7b99e1a475df61bfa008 Mon Sep 17 00:00:00 2001 From: DRC Date: Thu, 7 Dec 2017 19:29:42 -0600 Subject: [PATCH 1/4] Fix whitespace errors --- doxygen-extra.css | 2 +- simd/jsimd_mips_dspr2.S | 1 - simd/jsimd_mips_dspr2_asm.h | 2 -- turbojpeg.c | 2 +- 4 files changed, 2 insertions(+), 5 deletions(-) diff --git a/doxygen-extra.css b/doxygen-extra.css index 5abbcc21..f1bd4c26 100644 --- a/doxygen-extra.css +++ b/doxygen-extra.css @@ -1,3 +1,3 @@ code { - color: #4665A2; + color: #4665A2; } diff --git a/simd/jsimd_mips_dspr2.S b/simd/jsimd_mips_dspr2.S index c8c286cb..c26dd5c5 100644 --- a/simd/jsimd_mips_dspr2.S +++ b/simd/jsimd_mips_dspr2.S @@ -4484,4 +4484,3 @@ LEAF_MIPS_DSPR2(jsimd_convsamp_float_mips_dspr2) END(jsimd_convsamp_float_mips_dspr2) /*****************************************************************************/ - diff --git a/simd/jsimd_mips_dspr2_asm.h b/simd/jsimd_mips_dspr2_asm.h index 64f98804..499e34b7 100644 --- a/simd/jsimd_mips_dspr2_asm.h +++ b/simd/jsimd_mips_dspr2_asm.h @@ -281,5 +281,3 @@ LEAF_MIPS32R2(symbol) \ addiu sp, sp, \stack_offset .endif .endm - - diff --git a/turbojpeg.c b/turbojpeg.c index a8935995..662c68f6 100644 --- a/turbojpeg.c +++ b/turbojpeg.c @@ -222,7 +222,7 @@ static int setCompDefaults(struct jpeg_compress_struct *cinfo, #ifndef NO_GETENV if((env=getenv("TJ_OPTIMIZE"))!=NULL && strlen(env)>0 && !strcmp(env, "1")) cinfo->optimize_coding=TRUE; - if((env=getenv("TJ_ARITHMETIC"))!=NULL && strlen(env)>0 && !strcmp(env, "1")) + if((env=getenv("TJ_ARITHMETIC"))!=NULL && strlen(env)>0 && !strcmp(env, "1")) cinfo->arith_code=TRUE; if((env=getenv("TJ_RESTART"))!=NULL && strlen(env)>0) { From 7d3feda796591dc250938d52762c1b271ceab6e2 Mon Sep 17 00:00:00 2001 From: DRC Date: Fri, 15 Dec 2017 16:45:25 -0600 Subject: [PATCH 2/4] BUILDING.md: Adjust Android recipes for NDK r16+ NDK r16b moved some things around, so modify the Android build recipes to take that into account while preserving compatibility with previous NDK releases. NOTE: the GCC 4.9 NDK toolchain is deprecated, so we will need to develop new Android build recipes for libjpeg-turbo 1.6 that use the Clang toolchain. Closes #196 --- BUILDING.md | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) diff --git a/BUILDING.md b/BUILDING.md index 2725f30a..42aadf28 100644 --- a/BUILDING.md +++ b/BUILDING.md @@ -388,7 +388,9 @@ needs. HOST=arm-linux-androideabi SYSROOT=${NDK_PATH}/platforms/android-${ANDROID_VERSION}/arch-arm ANDROID_CFLAGS="-march=armv7-a -mfloat-abi=softfp -fprefetch-loop-arrays \ - --sysroot=${SYSROOT}" + -D__ANDROID_API__=${ANDROID_VERSION} --sysroot=${SYSROOT} \ + -isystem ${NDK_PATH}/sysroot/usr/include \ + -isystem ${NDK_PATH}/sysroot/usr/include/${HOST}" TOOLCHAIN=${NDK_PATH}/toolchains/${HOST}-${TOOLCHAIN_VERSION}/prebuilt/${BUILD_PLATFORM} export CPP=${TOOLCHAIN}/bin/${HOST}-cpp @@ -424,7 +426,9 @@ needs. # It should not be necessary to modify the rest HOST=aarch64-linux-android SYSROOT=${NDK_PATH}/platforms/android-${ANDROID_VERSION}/arch-arm64 - ANDROID_CFLAGS="--sysroot=${SYSROOT}" + ANDROID_CFLAGS="-D__ANDROID_API__=${ANDROID_VERSION} --sysroot=${SYSROOT} \ + -isystem ${NDK_PATH}/sysroot/usr/include \ + -isystem ${NDK_PATH}/sysroot/usr/include/${HOST}" TOOLCHAIN=${NDK_PATH}/toolchains/${HOST}-${TOOLCHAIN_VERSION}/prebuilt/${BUILD_PLATFORM} export CPP=${TOOLCHAIN}/bin/${HOST}-cpp @@ -460,7 +464,9 @@ needs. # It should not be necessary to modify the rest HOST=i686-linux-android SYSROOT=${NDK_PATH}/platforms/android-${ANDROID_VERSION}/arch-x86 - ANDROID_CFLAGS="--sysroot=${SYSROOT}" + ANDROID_CFLAGS="-D__ANDROID_API__=${ANDROID_VERSION} --sysroot=${SYSROOT} \ + -isystem ${NDK_PATH}/sysroot/usr/include \ + -isystem ${NDK_PATH}/sysroot/usr/include/${HOST}" TOOLCHAIN=${NDK_PATH}/toolchains/x86-${TOOLCHAIN_VERSION}/prebuilt/${BUILD_PLATFORM} export CPP=${TOOLCHAIN}/bin/${HOST}-cpp @@ -496,7 +502,9 @@ needs. # It should not be necessary to modify the rest HOST=x86_64-linux-android SYSROOT=${NDK_PATH}/platforms/android-${ANDROID_VERSION}/arch-x86_64 - ANDROID_CFLAGS="--sysroot=${SYSROOT}" + ANDROID_CFLAGS="-D__ANDROID_API__=${ANDROID_VERSION} --sysroot=${SYSROOT} \ + -isystem ${NDK_PATH}/sysroot/usr/include \ + -isystem ${NDK_PATH}/sysroot/usr/include/${HOST}" TOOLCHAIN=${NDK_PATH}/toolchains/x86_64-${TOOLCHAIN_VERSION}/prebuilt/${BUILD_PLATFORM} export CPP=${TOOLCHAIN}/bin/${HOST}-cpp From 0fba3c1993986d9fe74aef47d8b2bcd182adc79a Mon Sep 17 00:00:00 2001 From: DRC Date: Fri, 15 Dec 2017 20:05:58 -0600 Subject: [PATCH 3/4] Bump version to 1.5.4 to prepare for new commits --- CMakeLists.txt | 2 +- configure.ac | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index fb5e182b..46094cc8 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -9,7 +9,7 @@ if(POLICY CMP0022) endif() project(libjpeg-turbo C) -set(VERSION 1.5.3) +set(VERSION 1.5.4) string(REPLACE "." ";" VERSION_TRIPLET ${VERSION}) list(GET VERSION_TRIPLET 0 VERSION_MAJOR) list(GET VERSION_TRIPLET 1 VERSION_MINOR) diff --git a/configure.ac b/configure.ac index af80ee5d..6424140d 100644 --- a/configure.ac +++ b/configure.ac @@ -2,7 +2,7 @@ # Process this file with autoconf to produce a configure script. AC_PREREQ([2.56]) -AC_INIT([libjpeg-turbo], [1.5.3]) +AC_INIT([libjpeg-turbo], [1.5.4]) AM_INIT_AUTOMAKE([-Wall foreign dist-bzip2]) AC_PREFIX_DEFAULT(/opt/libjpeg-turbo) From 0e2bca0744feaf74509818f950120dceff8e28d0 Mon Sep 17 00:00:00 2001 From: DRC Date: Fri, 15 Dec 2017 20:37:02 -0600 Subject: [PATCH 4/4] jdarith.c: Fix two signed integer overflows I guess I have to fix these, or Google Autofuzz is going to keep bugging me about them. Fixes #171 Fixes #197 Fixes #198 --- ChangeLog.md | 10 ++++++++++ jdarith.c | 6 +++--- 2 files changed, 13 insertions(+), 3 deletions(-) diff --git a/ChangeLog.md b/ChangeLog.md index f5fe44bf..e44ddc89 100644 --- a/ChangeLog.md +++ b/ChangeLog.md @@ -1,3 +1,13 @@ +1.5.4 +===== + +1. Fixed two signed integer overflows in the arithmetic decoder, detected by +the Clang undefined behavior sanitizer, that could be triggered by attempting +to decompress a specially-crafted malformed JPEG image. These issues did not +pose a security threat, but removing the warnings makes it easier to detect +actual security issues, should they arise in the future. + + 1.5.3 ===== diff --git a/jdarith.c b/jdarith.c index ce0f9209..0f560f65 100644 --- a/jdarith.c +++ b/jdarith.c @@ -4,7 +4,7 @@ * This file was part of the Independent JPEG Group's software: * Developed 1997-2015 by Guido Vollbeding. * libjpeg-turbo Modifications: - * Copyright (C) 2015-2016, D. R. Commander. + * Copyright (C) 2015-2017, D. R. Commander. * For conditions of distribution and use, see the accompanying README.ijg * file. * @@ -306,7 +306,7 @@ decode_mcu_DC_first (j_decompress_ptr cinfo, JBLOCKROW *MCU_data) while (m >>= 1) if (arith_decode(cinfo, st)) v |= m; v += 1; if (sign) v = -v; - entropy->last_dc_val[ci] += v; + entropy->last_dc_val[ci] = (entropy->last_dc_val[ci] + v) & 0xffff; } /* Scale and output the DC coefficient (assumes jpeg_natural_order[0]=0) */ @@ -564,7 +564,7 @@ decode_mcu (j_decompress_ptr cinfo, JBLOCKROW *MCU_data) while (m >>= 1) if (arith_decode(cinfo, st)) v |= m; v += 1; if (sign) v = -v; - entropy->last_dc_val[ci] += v; + entropy->last_dc_val[ci] = (entropy->last_dc_val[ci] + v) & 0xffff; } if (block)