pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/trunk]: pkgsrc/graphics/libraw libraw: Update to 0.20.2



details:   https://anonhg.NetBSD.org/pkgsrc/rev/0d20dc358b8a
branches:  trunk
changeset: 458992:0d20dc358b8a
user:      nia <nia%pkgsrc.org@localhost>
date:      Tue Sep 28 09:59:24 2021 +0000

description:
libraw: Update to 0.20.2

2020-10-14 Alex Tutubalin <lexa%lexa.ru@localhost>

 * LibRaw 0.20.2
 Reverted 0.20.1 change:
   - const buffer for open_buffer() and open_bayer() calls
 Because of 0.20.0 ABI break

2020-10-14 Alex Tutubalin <lexa%lexa.ru@localhost>

 * LibRaw 0.20.1
 * Improvements:
   - exif callback is called on EXIF GPS and EXIF Interop IFDs
   - open_bayer call documented
   - Canon (ColorDatsSubver==32): parse Specular White instead of hardcoded value
 * Fixes for normal files processing:
   - Olympus XZ-1: do not provide linear_max (it is wrong in metadata)
   - Nikon Z cameras: added space in camera list
   - raw-identify: fixed wb-preset print
   - Pentax Optio 33WR: maker index was incorrect
   - dcraw_emu: corrected help line for -6 option.
   - raw-identify: corrected range check for color matrices print
   - use_camera_matrix option: fixed a bug introduced when making
     compiler more happy.

 * Fixes for damaged/special crafted files processing:
   - Fix for truncated CR3 files parsing
   - DNG metadata merger: all color loops are limited to MIN(4,colors)
   - Check for marings: should be less than raw image size
   - Check for xmpdata present in Samsung Lens ID assignment
   - Check for column range in leaf_hdr decoder
   - Additional checks in Hasselblad model parser
   - Fuji rotate: better limits check
   - DNG files: limit tiff_samples

 * Not fixes, but makes ASAN/compilers/etc happy:
   - corrected GPS EXIF output
   - const buffer for open_buffer() and open_bayer() calls


2020-07-23 Alex Tutubalin <lexa%lexa.ru@localhost>

 * LibRaw 0.20

== Camera Format support ==
  Canon CR3
  GoPro (via GPR SDK)
  Panasonic 14-bit
  Fujifilm compressed/16bit
  Rapsberry Pi RAW+JPEG format (if USE_6BY9RPI defined)
  Foveon X3F support changed: it is supported only if USE_X3FTOOLS defined
  at build (see below for 'Imported code policy changed')

== Camera support (+59, 1131 total) ==
  Canon: PowerShot G5 X Mark II, G7 X Mark III, SX70 HS,
         EOS R, EOS RP, EOS 90D, EOS 250D,  EOS M6 Mark II, EOS M50, EOS M200
         EOS 1DX Mark III (lossless files only)
  DJI Mavic Air, Osmo Action
  FujiFilm GFX 100, X-A7, X-Pro3, X100V, X-T4 (uncompressed/lossless compressed only), X-T200
  GoPro Fusion, HERO5, HERO6, HERO7, HERO8
  Hasselblad L1D-20c, X1D II 50C
  Leica D-LUX7, Q-P, Q2, V-LUX5, C-Lux / CAM-DC25, SL2, M10 Monochrom
  Nikon D780, Z50, P950
  Olympus TG-6, E-M5 Mark III, E-PL10, E-M1 Mark III,
  Panasonic DC-FZ1000 II, DC-G90, DC-S1, DC-S1R, DC-S1H, DC-TZ95
  PhaseOne IQ4 150MP
  Ricoh GR III
  Sony A7R IV, A9 II, ILCE-6100, ILCE-6600, RX0 II, RX100 VII
  Zenit M

also multiple smartphones (the tested ones are listed in LibRaw::cameraList)

== Source code re-arranged ==
 * dcraw.c is not used in the generation and build processes
 * dcraw_common.cpp and libraw_cxx.cpp are split into multiple code chunks
   placed in separate subfolders (decoders/ for raw data decoders,
   metadata/ for metadata parsers, etc)
 * dcraw_common.cpp and libraw_cxx.cpp remain to preserve existing
   build environments (these files are now just a bunch of #include directives).
 * It is possible to build LibRaw
    a)without postprocessing functions (dcraw_process() and  called function)
    b)without postprocessing and LibRaw::raw2image() call (and called function).
   It may be useful to reduce library memory/code footprint.
   See Makefile.devel.nopp and Makefile.devel.noppr2i for the list of source
   files needed to build reduced/stripped library.

== Normalized make/model ==

There is a huge number of identical cameras sold under different names,
depending on the market (e.g. multiple Panasonic or Canon models)
and even some identical cameras sold under different brands
(Panasonic -> Leica, Sony -> Hasselblad).

To reduce clutter, a normalization mechanism has been implemented in LibRaw:

In imgdata.idata:
    char normalized_make[64]; - primary vendor name (e.g. Panasonic for
    Leica re-branded cameras)
    char normalized_model[64]; - primary camera model name
    unsigned maker_index; - primary vendor name in indexed form (enum
       LibRaw_cameramaker_index, LIBRAW_CAMERAMAKER_* constant).
These fields are always filled upon LibRaw::open_file()/open_buffer() calls.

const char* LibRaw::cameramakeridx2maker(int index): converts maker_index
to normalized_make.

We recommend that you use these normalized names in a variety of data tables
(color profiles, etc.) to reduce the number of duplicate entries.

New vendor index values will be added strictly to the end of the
LibRaw_cameramaker_index table, ensuring that the numbers assigned to
vendors that are already known to LibRaw will not change.

== DNG frame selection  ==

 DNG frames selection code re-worked:
  - by default all frames w/ the NewSubfileType tag equal to 0
  (high-res image) are added to the list of available images (selection
  performed via imgdata.params.shot_select field, as usual)
  - the special case for Fuju SuperCCD (SamplesPerPixel == 2) works as
  before: shot_select=1 will extract second sub-image.
  - Additional flags to imgdata.params.raw_processing_options:
     LIBRAW_PROCESSING_DNG_ADD_ENHANCED - will add Enhanced DNG frame
     (NewSubfileType == 16) to the list of available frames
     LIBRAW_PROCESSING_DNG_ADD_PREVIEWS - will add previews
     (NewSubfileType == 1) to the list.

  - By default, DNG frames are not reordered and are available in same order
  as in DNG (LibRaw traverses IFD/Sub-IFD trees in deep-first order).
  To prioritize the largest image, set LIBRAW_PROCESSING_DNG_PREFER_LARGEST_IMAGE
  bit in imgdata.params.raw_processing_options.

 - DNG Stage2/Stage3 processing via DNG SDK (request via flags in
 raw_processing_options)

== Imported code policy disclaimer ==

  We've changed the policy regarding 3rd party code imported into LibRaw.

  We (like other authors of open-source RAW parsers) gladly import support
  code for various RAW formats from other projects (if the license allows it).
  This is done to expand camera support.
  Unfortunately, not all imported code can tolerate truncated or otherwise
  damaged raw files, as well as arbitrary conditions or arbitrary data;
  not all authors handle rejecting unexpected input well.

  LibRaw is now widely used in various projects, including ImageMagick, which,
  in turn, is often used on web sites to process any input images, including
  arbitrary data from unknown users.
  This opens up wide possibilities for exploiting the various vulnerabilities
  present in the code borrowed from other projects into LibRaw. In order to
  avoid such security risks, - the borrowed code will no longer compile
  by default.
  We are not able to support it in general case, and the authors refuse
  to add code to reject unexpected input.

  Thus, if you use some kind of camera for which the support is disabled
  by default, you need to recompile LibRaw for your specific case.

  Formats currently affected:
   X3F (Foveon) file format.
    Code is imported from Kalpanika X3F tools: https://github.com/Kalpanika/x3f
    To turn the support on, define USE_X3FTOOLS

   Rapsberry Pi RAW+JPEG format.
     Code is imported from https://github.com/6by9/dcraw/,
     To turn the support on, define USE_6BY9RPI
  Format support is indicated via LibRaw::capabilities() call with flags:
    LIBRAW_CAPS_X3FTOOLS - Foveon support
    LIBRAW_CAPS_RPI6BY9 - RPi RAW+JPEG support

== GoPro .gpr format support ==
 GoPro  format supported via open-source GPR SDK
 See README.GoPro.txt for details.

== Windows support/Windows unicode (wchar_t*) filenames support ==

* (old) LibRaw's WIN32 external define split into 3 defines to fine tune
  compiler/api compatibility:
  LIBRAW_WIN32_DLLDEFS - use to compile DLLs (__dllimport/__dllexport attributes)
  LIBRAW_WIN32_UNICODEPATHS - indicates that runtime has calls/datatypes for wchar_t filenames
  LIBRAW_WIN32_CALLS - use Win32 calls where appropriative (binary mode for files, LibRaw_windows_datastream, _snprintf instead of snprintf, etc).

  If the (old) WIN32 macro is defined at compile time, all three new defines are defined in libraw.h
  If not, these defines are defined based on compiler version/libc++ defines

* LibRaw::open_file(wchar_t*) is always compiled in under Windows, but
  if LIBRAW_WIN32_UNICODEPATHS (see above) is not defined, this call will
  return LIBRAW_NOT_IMPLEMENTED.
  Use (LibRaw::capabilities() & LIBRAW_CAPS_UNICODEPATHS) on runtime
  to check that this call was really implemented (or check for #ifdef LIBRAW_WIN32_UNICODEPATHS after #include <libraw.h>)

== LibRaw*datastream simplified ==

  * tempbuffer_open, subfile_open are not used, so removed from
  LibRaw_abstract_datastream and derived classes.

  * jpeg_src() call implemented using ->read() call and own buffering
  (16k buffer).
  * buffering_off() call added. It should be used in derived classes
    to switch from buffered reads to unbuffered.

== minor/unsorted changes ==
   * new flag LIBRAW_WARN_DNGSDK_PROCESSED to indicate decoder used
   *  LibRaw::open() call, max_buf_size special meaning:
       == 1 => open using bigfile_datastream
       == 2 => open using file_datastream
   * Add support for zlib during configure
   * Fixed multiple problems found by OSS-Fuzz
   * Lots of changes in imgdata.makernotes (hope someone will document it)
   * DNG SDK could be used (if enabled) to unpack multi-image DNG files.
   * DNG whitelevel calculated via BitsPerSample if not set via tags.
   * DNG: support for LinearDNG w/ BlackLevelRepeat.. pattern
   * Generic Arri camera format replaced w/ list of specific camera models in supported cameras list.
   * new samples/rawtextdump sample: allows one to dump (small selection) of RAW data in text format.
   * samples/raw-identify:
     * +M/-M params (same as in dcraw_emu)
     * -L <file-w-filelist> parameter to get file list from a file
     * -m paramerer to use mmap'ed IO.
     * -t parameter for timing
   * samples/dcraw_emu: fixed +M handling
   * better support for Nikon Coolscan 16-bit NEF files.
   * Visual Studio project files: re-generated to .vcxproj (Visual Studio 2019), different
     intermediate folders for different sub-projects to allow 1-step rebuild.
   * imgdata.makernotes...cameraspecific: removed the vendor name prefix from variables.
   * Bayer images: ensure that even margins have the same COLOR() for both the active sensor area and the full sensor area.
   * raw processing flag bit LIBRAW_PROCESSING_CHECK_DNG_ILLUMINANT inverted and renamed to
     LIBRAW_PROCESSING_DONT_CHECK_DNG_ILLUMINANT. If not set, DNG illuminant will be checked.
   * New libraw_decoder_t flags:
      LIBRAW_DECODER_FLATDATA - in-file data could be used as is (if byte order matches), e.g. via mmap()
      LIBRAW_DECODER_FLAT_BG2_SWAPPED - special flag for Sony ARQ: indicates R-G-G2-B channel
                                        order in 4-color data
   * Camera-recorded image crop data is parsed into imgdata.sizes.raw_inset_crop structure:
        ctop,cleft,cwidth,cheight - crop size.
        aspect - LibRawImageAspects enum (3to2, 4to3, etc)
   * New define LIBRAW_NO_WINSOCK2 to not include winsock2.h on compile

   * New processing flag LIBRAW_PROCESSING_PROVIDE_NONSTANDARD_WB
   If set (default is not), and when applicable, color.cam_mul[] and
   color.WB_Coeffs/WBCT_Coeffs will contain WB settings for a non-standard
   workflow.
   Right now only Sony DSC-F828 is affected: camera-recorded white balance
   can't be directly applied to raw data because WB is for RGB, while raw
   data is RGBE.

   * New processing flag: LIBRAW_PROCESSING_CAMERAWB_FALLBACK_TO_DAYLIGHT
   If set (default is not), LibRaw::dcraw_process() will fallback to
   daylight WB (excluding some very specific cases like Canon D30).
   This is how LibRaw 0.19 (and older) works.
   If not set: LibRaw::dcraw_process() will fallback to calculated auto WB if
   camera WB is requested, but appropriate white balance was not found in
   metadata.

  * Google changes cherry-picked (thanks to Jamie Pinheiro)
  * speedup: ppg interpolate: const loop invariant

  * Bugs fixed
   -Fixed several UBs found by OSS Fuzz
   -Fixed several problems found by other fuzzers.
   - Thumbnail size range check (CVE-2020-15503)
    Thanks to Jennifer Gehrke of Recurity Labs GmbH for problem report.
   - fixed possible overflows in canon and sigma makernotes parsers
   - fixed possible buffer overrun in crx (cr3) decoder
   - fixed memory leak in crx decoder (if compiled with LIBRAW_NO_CR3_MEMPOOL)
   - fixed possible overrun in Sony SRF and SR2 metadata parsers

  * Fixed typo in longitude (member of parsed GPS structure), update required for code that uses it.

diffstat:

 graphics/libraw/Makefile                               |   13 +-
 graphics/libraw/buildlink3.mk                          |    4 +-
 graphics/libraw/distinfo                               |   15 +-
 graphics/libraw/patches/patch-internal_libraw__x3f.cpp |   16 --
 graphics/libraw/patches/patch-libraw__r.pc.in          |    6 +-
 graphics/libraw/patches/patch-libraw_libraw__const.h   |   18 --
 graphics/libraw/patches/patch-src_libraw__cxx.cpp      |  130 -----------------
 7 files changed, 14 insertions(+), 188 deletions(-)

diffs (270 lines):

diff -r eeb005ce58bc -r 0d20dc358b8a graphics/libraw/Makefile
--- a/graphics/libraw/Makefile  Tue Sep 28 09:21:40 2021 +0000
+++ b/graphics/libraw/Makefile  Tue Sep 28 09:59:24 2021 +0000
@@ -1,8 +1,7 @@
-# $NetBSD: Makefile,v 1.35 2021/09/19 18:46:50 nia Exp $
+# $NetBSD: Makefile,v 1.36 2021/09/28 09:59:24 nia Exp $
 
-DISTNAME=      LibRaw-0.19.5
+DISTNAME=      LibRaw-0.20.2
 PKGNAME=       ${DISTNAME:tl}
-PKGREVISION=   1
 CATEGORIES=    graphics
 MASTER_SITES=  https://www.libraw.org/data/
 
@@ -11,7 +10,7 @@
 COMMENT=       Raw decoding/processing library
 LICENSE=       gnu-lgpl-v2.1 OR cddl-1.0
 
-USE_LANGUAGES=         c c++03
+USE_LANGUAGES=         c c++
 USE_LIBTOOL=           yes
 USE_TOOLS+=            pkg-config gmake
 GNU_CONFIGURE=         yes
@@ -20,12 +19,6 @@
 PKGCONFIG_OVERRIDE+=   libraw.pc.in
 PKGCONFIG_OVERRIDE+=   libraw_r.pc.in
 
-# internal/dcraw_common.cpp: In member function 'void LibRaw::xtrans_interpolate(int)':
-# internal/dcraw_common.cpp:5885:27: error: array subscript has type 'char' [-Werror=char-subscripts]
-#        cstat[fcol(row, col)]++;
-# Maybe fix this later.
-BUILDLINK_TRANSFORM+=  rm:-Werror=char-subscripts
-
 .include "options.mk"
 .include "../../graphics/lcms2/buildlink3.mk"
 .include "../../mk/jpeg.buildlink3.mk"
diff -r eeb005ce58bc -r 0d20dc358b8a graphics/libraw/buildlink3.mk
--- a/graphics/libraw/buildlink3.mk     Tue Sep 28 09:21:40 2021 +0000
+++ b/graphics/libraw/buildlink3.mk     Tue Sep 28 09:59:24 2021 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: buildlink3.mk,v 1.9 2020/03/15 10:31:59 rillig Exp $
+# $NetBSD: buildlink3.mk,v 1.10 2021/09/28 09:59:24 nia Exp $
 
 BUILDLINK_TREE+=       libraw
 
@@ -11,7 +11,7 @@
 
 pkgbase := libraw
 .include "../../mk/pkg-build-options.mk"
-.if !empty(PKG_BUILD_OPTIONS.libraw:Mjasper)
+.if ${PKG_BUILD_OPTIONS.libraw:Mjasper}
 .  include "../../graphics/jasper/buildlink3.mk"
 .endif
 .include "../../graphics/lcms2/buildlink3.mk"
diff -r eeb005ce58bc -r 0d20dc358b8a graphics/libraw/distinfo
--- a/graphics/libraw/distinfo  Tue Sep 28 09:21:40 2021 +0000
+++ b/graphics/libraw/distinfo  Tue Sep 28 09:59:24 2021 +0000
@@ -1,10 +1,7 @@
-$NetBSD: distinfo,v 1.27 2021/09/19 18:46:50 nia Exp $
+$NetBSD: distinfo,v 1.28 2021/09/28 09:59:24 nia Exp $
 
-SHA1 (LibRaw-0.19.5.tar.gz) = c151995b6f17a0ccef7fbc1dcb982f0ccb04d934
-RMD160 (LibRaw-0.19.5.tar.gz) = 051642cfdf713e1d981a1790f4d872d89ff6f02a
-SHA512 (LibRaw-0.19.5.tar.gz) = 4560045f75e6d2ab0d1d8686075f3a0e26a5d7ce693b48508110a2c31d19055d58983c24852da0abb64fa90db5e20f24b87aa7537ed04d958c38c8b265a7e826
-Size (LibRaw-0.19.5.tar.gz) = 1303806 bytes
-SHA1 (patch-internal_libraw__x3f.cpp) = ec5d479a45d7fc25c884cc7259ad513857fa2711
-SHA1 (patch-libraw__r.pc.in) = e691f79c69c5530c93262c270fe7e2f5b1c959d9
-SHA1 (patch-libraw_libraw__const.h) = 91836dca7f9ba820417381bad53fe292b3e5f0ce
-SHA1 (patch-src_libraw__cxx.cpp) = fb2f16cb7a0798f499383bc06768ac0543049f66
+SHA1 (LibRaw-0.20.2.tar.gz) = 8143597d820167fb4f3a51c920e142e6f1386d01
+RMD160 (LibRaw-0.20.2.tar.gz) = 932abbfd49432ace0a2e2b4e4fbb07f140421de3
+SHA512 (LibRaw-0.20.2.tar.gz) = 96b1aaf09e2d46448d1b3619270c1f1c32e9bcbd866567cec67d5b1f889362f0fae3f3533ea9bf6a11a917be3b61ee6c9938bad09209d93453039ed04eaeae4a
+Size (LibRaw-0.20.2.tar.gz) = 1432141 bytes
+SHA1 (patch-libraw__r.pc.in) = 6ad890804132306c878657a31998f70d92f8b185
diff -r eeb005ce58bc -r 0d20dc358b8a graphics/libraw/patches/patch-internal_libraw__x3f.cpp
--- a/graphics/libraw/patches/patch-internal_libraw__x3f.cpp    Tue Sep 28 09:21:40 2021 +0000
+++ /dev/null   Thu Jan 01 00:00:00 1970 +0000
@@ -1,16 +0,0 @@
-$NetBSD: patch-internal_libraw__x3f.cpp,v 1.2 2018/04/14 03:45:56 markd Exp $
-
-undefine DS if sys/regset.h is pulled in on SunOS
-
---- internal/libraw_x3f.cpp.orig       2018-02-24 09:47:43.000000000 +0000
-+++ internal/libraw_x3f.cpp
-@@ -710,6 +710,9 @@ static x3f_huffman_t *new_huffman(x3f_hu
- /* --------------------------------------------------------------------- */
- /* Creating a new x3f structure from file                                */
- /* --------------------------------------------------------------------- */
-+#ifdef DS
-+#undef DS
-+#endif
- 
- /* extern */ x3f_t *x3f_new_from_file(LibRaw_abstract_datastream *infile)
- {
diff -r eeb005ce58bc -r 0d20dc358b8a graphics/libraw/patches/patch-libraw__r.pc.in
--- a/graphics/libraw/patches/patch-libraw__r.pc.in     Tue Sep 28 09:21:40 2021 +0000
+++ b/graphics/libraw/patches/patch-libraw__r.pc.in     Tue Sep 28 09:59:24 2021 +0000
@@ -1,8 +1,8 @@
-$NetBSD: patch-libraw__r.pc.in,v 1.2 2015/07/18 10:40:20 adam Exp $
+$NetBSD: patch-libraw__r.pc.in,v 1.3 2021/09/28 09:59:24 nia Exp $
 
 Avoid libstdc++.
 
---- libraw_r.pc.in.orig        2013-05-17 22:56:40.000000000 +0000
+--- libraw_r.pc.in.orig        2020-10-15 05:06:07.000000000 +0000
 +++ libraw_r.pc.in
 @@ -7,5 +7,5 @@ Name: libraw
  Description: Raw image decoder library (thread-safe)
@@ -10,4 +10,4 @@
  Version: @PACKAGE_VERSION@
 -Libs: -L${libdir} -lraw_r -lstdc++@PC_OPENMP@
 +Libs: -L${libdir} -lraw_r @PC_OPENMP@
- Cflags: -I${includedir}/libraw
+ Cflags: -I${includedir}/libraw -I${includedir}
diff -r eeb005ce58bc -r 0d20dc358b8a graphics/libraw/patches/patch-libraw_libraw__const.h
--- a/graphics/libraw/patches/patch-libraw_libraw__const.h      Tue Sep 28 09:21:40 2021 +0000
+++ /dev/null   Thu Jan 01 00:00:00 1970 +0000
@@ -1,18 +0,0 @@
-$NetBSD: patch-libraw_libraw__const.h,v 1.1 2021/09/19 18:46:50 nia Exp $
-
-Thumbnail size range check (CVE-2020-15503)
-
---- libraw/libraw_const.h.orig 2019-08-20 17:34:30.000000000 +0000
-+++ libraw/libraw_const.h
-@@ -24,6 +24,11 @@ it under the terms of the one of two lic
- #define LIBRAW_MAX_ALLOC_MB 2048L
- #endif
- 
-+/* limit thumbnail size, default is 512Mb*/
-+#ifndef LIBRAW_MAX_THUMBNAIL_MB
-+#define LIBRAW_MAX_THUMBNAIL_MB 512L
-+#endif
-+
- /* Change to non-zero to allow (broken) CRW (and other) files metadata 
-    loop prevention */
- #ifndef LIBRAW_METADATA_LOOP_PREVENTION
diff -r eeb005ce58bc -r 0d20dc358b8a graphics/libraw/patches/patch-src_libraw__cxx.cpp
--- a/graphics/libraw/patches/patch-src_libraw__cxx.cpp Tue Sep 28 09:21:40 2021 +0000
+++ /dev/null   Thu Jan 01 00:00:00 1970 +0000
@@ -1,130 +0,0 @@
-$NetBSD: patch-src_libraw__cxx.cpp,v 1.2 2021/09/19 18:46:50 nia Exp $
-
-- Thumbnail size range check (CVE-2020-15503)
-- undefine DS if sys/regset.h is pulled in on SunOS                               
-
---- src/libraw_cxx.cpp.orig    2019-08-20 17:34:30.000000000 +0000
-+++ src/libraw_cxx.cpp
-@@ -3712,6 +3712,20 @@ libraw_processed_image_t *LibRaw::dcraw_
-     return NULL;
-   }
- 
-+  if (T.tlength < 64u)
-+  {
-+      if (errcode)
-+          *errcode = EINVAL;
-+      return NULL;
-+  }
-+
-+  if (INT64(T.tlength) > 1024ULL * 1024ULL * LIBRAW_MAX_THUMBNAIL_MB)
-+  {
-+      if (errcode)
-+          *errcode = LIBRAW_TOO_BIG;
-+      return NULL;
-+  }
-+
-   if (T.tformat == LIBRAW_THUMBNAIL_BITMAP)
-   {
-     libraw_processed_image_t *ret = (libraw_processed_image_t *)::malloc(sizeof(libraw_processed_image_t) + T.tlength);
-@@ -3976,6 +3990,12 @@ void LibRaw::kodak_thumb_loader()
-   if (ID.toffset + est_datasize > ID.input->size() + THUMB_READ_BEYOND)
-     throw LIBRAW_EXCEPTION_IO_EOF;
- 
-+  if(INT64(T.theight) * INT64(T.twidth) > 1024ULL * 1024ULL * LIBRAW_MAX_THUMBNAIL_MB)
-+      throw LIBRAW_EXCEPTION_IO_CORRUPT;
-+
-+  if (INT64(T.theight) * INT64(T.twidth) < 64ULL)
-+      throw LIBRAW_EXCEPTION_IO_CORRUPT;
-+
-   // some kodak cameras
-   ushort s_height = S.height, s_width = S.width, s_iwidth = S.iwidth, s_iheight = S.iheight;
-   ushort s_flags = libraw_internal_data.unpacker_data.load_flags;
-@@ -4237,6 +4257,25 @@ int LibRaw::unpack_thumb(void)
-   CHECK_ORDER_LOW(LIBRAW_PROGRESS_IDENTIFY);
-   CHECK_ORDER_BIT(LIBRAW_PROGRESS_THUMB_LOAD);
- 
-+#define THUMB_SIZE_CHECKT(A) \
-+  do { \
-+    if (INT64(A) > 1024ULL * 1024ULL * LIBRAW_MAX_THUMBNAIL_MB) throw LIBRAW_EXCEPTION_IO_CORRUPT; \
-+    if (INT64(A) > 0 &&  INT64(A) < 64ULL)        throw LIBRAW_EXCEPTION_IO_CORRUPT; \
-+  } while (0)
-+
-+#define THUMB_SIZE_CHECKTNZ(A) \
-+  do { \
-+    if (INT64(A) > 1024ULL * 1024ULL * LIBRAW_MAX_THUMBNAIL_MB) throw LIBRAW_EXCEPTION_IO_CORRUPT; \
-+    if (INT64(A) < 64ULL)        throw LIBRAW_EXCEPTION_IO_CORRUPT; \
-+  } while (0)
-+
-+
-+#define THUMB_SIZE_CHECKWH(W,H) \
-+  do { \
-+    if (INT64(W)*INT64(H) > 1024ULL * 1024ULL * LIBRAW_MAX_THUMBNAIL_MB) throw LIBRAW_EXCEPTION_IO_CORRUPT; \
-+    if (INT64(W)*INT64(H) < 64ULL)        throw LIBRAW_EXCEPTION_IO_CORRUPT; \
-+  } while (0)
-+
-   try
-   {
-     if (!libraw_internal_data.internal_data.input)
-@@ -4267,6 +4306,7 @@ int LibRaw::unpack_thumb(void)
- 
-         if (INT64(ID.toffset) + tsize > ID.input->size() + THUMB_READ_BEYOND)
-           throw LIBRAW_EXCEPTION_IO_EOF;
-+        THUMB_SIZE_CHECKT(tsize);
-       }
-       else
-       {
-@@ -4280,6 +4320,8 @@ int LibRaw::unpack_thumb(void)
-       ID.input->seek(ID.toffset, SEEK_SET);
-       if (write_thumb == &LibRaw::jpeg_thumb)
-       {
-+        THUMB_SIZE_CHECKTNZ(T.tlength);
-+
-         if (T.thumb)
-           free(T.thumb);
-         T.thumb = (char *)malloc(T.tlength);
-@@ -4326,6 +4368,7 @@ int LibRaw::unpack_thumb(void)
-       {
-         if (t_bytesps > 1)
-           throw LIBRAW_EXCEPTION_IO_CORRUPT; // 8-bit thumb, but parsed for more bits
-+      THUMB_SIZE_CHECKWH(T.twidth, T.theight);
-         int t_length = T.twidth * T.theight * t_colors;
- 
-         if (T.tlength && T.tlength < t_length) // try to find tiff ifd with needed offset
-@@ -4351,6 +4394,7 @@ int LibRaw::unpack_thumb(void)
-                 T.tcolors = 1;
-             }
-             T.tlength = total_size;
-+            THUMB_SIZE_CHECKTNZ(T.tlength);
-             if (T.thumb)
-               free(T.thumb);
-             T.thumb = (char *)malloc(T.tlength);
-@@ -4384,6 +4428,8 @@ int LibRaw::unpack_thumb(void)
-         if (T.thumb)
-           free(T.thumb);
- 
-+        THUMB_SIZE_CHECKTNZ(T.tlength);
-+
-         T.thumb = (char *)malloc(T.tlength);
-         if (!T.tcolors)
-           T.tcolors = t_colors;
-@@ -4404,6 +4450,10 @@ int LibRaw::unpack_thumb(void)
-         int i_length = T.twidth * T.theight * t_colors * 2;
-         if (!T.tlength)
-           T.tlength = o_length;
-+        THUMB_SIZE_CHECKTNZ(o_length);
-+        THUMB_SIZE_CHECKTNZ(i_length);
-+        THUMB_SIZE_CHECKTNZ(T.tlength);
-+
-         ushort *t_thumb = (ushort *)calloc(i_length, 1);
-         ID.input->read(t_thumb, 1, i_length);
-         if ((libraw_internal_data.unpacker_data.order == 0x4949) == (ntohs(0x1234) == 0x1234))
-@@ -6183,6 +6233,9 @@ void LibRaw::parse_x3f()
-   _x3f_data = x3f;
- 
-   x3f_header_t *H = NULL;
-+#ifdef DS
-+#undef DS
-+#endif
-   x3f_directory_section_t *DS = NULL;
- 
-   H = &x3f->header;



Home | Main Index | Thread Index | Old Index