libwebp-0.5.2

- 12/13/2016: version 0.5.2
   This is a binary compatible release.
   This release covers CVE-2016-8888 and CVE-2016-9085.
   * further security related hardening in the tools; fixes to
     gif2webp/AnimEncoder (issues #310, #314, #316, #322), cwebp/libwebp (issue
     #312)
   * full libwebp (encoder & decoder) iOS framework; libwebpdecoder
     WebP.framework renamed to WebPDecoder.framework (issue #307)
   * CMake support for Android Studio (2.2)
   * miscellaneous build related fixes (issue #306, #313)
   * miscellaneous documentation improvements (issue #225)
   * minor lossy encoder fixes and improvements
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABAgAGBQJYWfopAAoJEPnD1r24Iytd0gAQALhTSEjJVmKfHxyPNDduc3kn
 QeiVaVwPiOS/a266+ZnWHzCvkR3zgqZxNlyKzRty378gM8/P7r2dMCmfdnVFbF4O
 a7M1lld9yYldNpAxvHDnY9u2RzmRfVD1yYu27gv77uT7gR2IybQ81FHi1pn56tFA
 2g4yHdrC2tXud22ZUb9Bgqe7YW06gWND4EmeJgxF38S98gdrtJla5rmlUcuEhbIl
 SHpkbEgJX4nZxWggyCJ61/OxeEwwWBtI3kpSLkEqmCVSnFb7WBC7pITq59n8hg2U
 SaYCfWGRJ/oQQvxUxuPYYtzq26dYOxd2vT9S1mcE1be9jMGxKp9vgE8jNflvtza1
 wTPUajaPUjsTLAvFikQRo+34W9QxOKp9jCX9Be0V4wvBClfM13toBgKolzPGGUuo
 zlcZ0/GgzwfQ+sD7bs/p/7ToiH+GejBUK7FUR8ZB7EHZrDynszSzEevx5SUzPWV3
 1q4TyD5eclUOjb4S2yplcKp0kwkwtOA5ETboPzA+b8TQnfTFM3GP7fMoYvORbSZp
 39/H5hi1bjlOE4m3mp3qqfR2DMWZlla7YNZiuuTEeY3ztrlqeakC2ma1Fhi6ZmbG
 TrqmAaDTueRizry4E7Fr9sBw0mee14v/xcTFcDcSI1BRFclFc1KAw0ObzdaN2iEt
 L5tjlqzH0XEH4fl5OnD3
 =x+Y3
 -----END PGP SIGNATURE-----

Merge tag 'v0.5.2'

libwebp-0.5.2
- 12/13/2016: version 0.5.2
  This is a binary compatible release.
  This release covers CVE-2016-8888 and CVE-2016-9085.
  * further security related hardening in the tools; fixes to
    gif2webp/AnimEncoder (issues #310, #314, #316, #322), cwebp/libwebp (issue
    #312)
  * full libwebp (encoder & decoder) iOS framework; libwebpdecoder
    WebP.framework renamed to WebPDecoder.framework (issue #307)
  * CMake support for Android Studio (2.2)
  * miscellaneous build related fixes (issue #306, #313)
  * miscellaneous documentation improvements (issue #225)
  * minor lossy encoder fixes and improvements

* tag 'v0.5.2': (54 commits)
  update ChangeLog
  anim_util: quiet implicit conv warnings in 32-bit
  jpegdec: correct ContextFill signature
  Remove some errors when compiling the code as C++.
  vwebp: clear canvas during resize w/o animation
  tiffdec: restore libtiff 3.9.x compatibility
  update NEWS
  AnimEncoder: avoid freeing uninitialized memory pointer.
  WebPAnimEncoder: If 'minimize_size' and 'allow_mixed' on, try lossy + lossless.
  fix a potential overflow with MALLOC_LIMIT
  bump version to 0.5.2
  update AUTHORS & .mailmap
  iosbuild.sh: add WebPDecoder.framework + encoder
  AnimEncoder: Correctly skip a frame when sub-rectangle is empty.
  Fix assertions in WebPRescalerExportRow()
  fix a typo in WebPPictureYUVAToARGB's doc
  systematically call WebPDemuxReleaseIterator() on dec->prev_iter_
  doc: use two's complement explicitly for uint8->int8 conversion
  Anim_encoder: correctly handle enc->prev_candidate_undecided_
  WebPPictureDistortion(): free() -> WebPSafeFree()
  ...

Change-Id: I16bcf54af41ce8fad98d4fbc8aa1df58f338fc23
This commit is contained in:
James Zern 2016-12-20 20:14:55 -08:00
commit f04eb37603
15 changed files with 82 additions and 13 deletions

View File

@ -9,3 +9,4 @@ Vikas Arora <vikasa@google.com>
<vrabaud@google.com> <vincent.rabaud@gmail.com> <vrabaud@google.com> <vincent.rabaud@gmail.com>
Tamar Levy <tamar.levy@intel.com> Tamar Levy <tamar.levy@intel.com>
<qrczak@google.com> <qrczak> <qrczak@google.com> <qrczak>
Hui Su <huisu@google.com>

View File

@ -2,6 +2,7 @@ Contributors:
- Charles Munger (clm at google dot com) - Charles Munger (clm at google dot com)
- Christian Duvivier (cduvivier at google dot com) - Christian Duvivier (cduvivier at google dot com)
- Djordje Pesut (djordje dot pesut at imgtec dot com) - Djordje Pesut (djordje dot pesut at imgtec dot com)
- Hui Su (huisu at google dot com)
- James Zern (jzern at google dot com) - James Zern (jzern at google dot com)
- Jan Engelhardt (jengelh at medozas dot de) - Jan Engelhardt (jengelh at medozas dot de)
- Johann (johann dot koenig at duck dot com) - Johann (johann dot koenig at duck dot com)

View File

@ -1,3 +1,57 @@
aa7744c anim_util: quiet implicit conv warnings in 32-bit
d912027 jpegdec: correct ContextFill signature
24eb394 Remove some errors when compiling the code as C++.
a4a8e5f vwebp: clear canvas during resize w/o animation
31ca2a8 tiffdec: restore libtiff 3.9.x compatibility
b2f77b5 update NEWS
5ab6d9d AnimEncoder: avoid freeing uninitialized memory pointer.
f29bf58 WebPAnimEncoder: If 'minimize_size' and 'allow_mixed' on, try lossy + lossless.
df780e0 fix a potential overflow with MALLOC_LIMIT
218460c bump version to 0.5.2
de7d654 update AUTHORS & .mailmap
74a12b1 iosbuild.sh: add WebPDecoder.framework + encoder
be7dcc0 AnimEncoder: Correctly skip a frame when sub-rectangle is empty.
4088583 Fix assertions in WebPRescalerExportRow()
8f38c72 fix a typo in WebPPictureYUVAToARGB's doc
33ca93f systematically call WebPDemuxReleaseIterator() on dec->prev_iter_
76e1907 doc: use two's complement explicitly for uint8->int8 conversion
f91ba96 Anim_encoder: correctly handle enc->prev_candidate_undecided_
25d74e6 WebPPictureDistortion(): free() -> WebPSafeFree()
03f1c00 mux/Makefile.am: add missing -lm
58410cd fix bug in RefineUsingDistortion()
e168af8 fix filtering auto-adjustment
ed9dec4 fix doc and code snippet for WebPINewDecoder() doc
3c49178 prevent 32b overflow for very large canvas_width / height
9595f29 fix anim_util.c compilation when HAVE_GIF is not defined.
7ec9552 Make gif transparent color to be transparent black
9871335 Add a CMake option for WEBP_SWAP_16BIT_CSP.
0ae3222 Fix missing cpu-features for Android.
ab4c805 cpu.cmake: improve webp_check_compiler_flag output
eec5fa3 Provide support for CMake on Android studio 2.2.
004d569 Split the main CMake file.
4fe5d58 Android.mk: use -fvisibility=hidden
bd63a31 vwebp: ensure setenv() is available in stdlib.h
363a568 vwebp: handle window resizing properly
a0d2753 lower WEBP_MAX_ALLOCABLE_MEMORY default
31fe11a fix infinite loop in case of PARTITION0 overflow
532215d Change the rule of picking UV mode in MBAnalyzeBestUVMode()
9c75dbd cwebp.1: improve some grammar
af2e05c vwebp: Clear previous frame when a key triggers a redraw
26ffa29 Add descriptions of default configuration in help info.
7416280 Fix an unsigned integer overflow error in enc/cost.h
13cf1d2 Do token recording and counting in a single loop
eb9a4b9 Reset segment id if we decide not to update segment map
42ebe3b configure: fix NEON flag detection under gcc 6
83cbfa0 Import: use relative pointer offsets
a1ade40 PreprocessARGB: use relative pointer offsets
fd4d090 ConvertWRGBToYUV: use relative pointer offsets
9daad45 ImportYUVAFromRGBA: use relative pointer offsets
c284780 imageio_util: add ImgIoUtilCheckSizeArgumentsOverflow
e375080 gifdec,Remap: avoid out of bounds colormap read
c222a05 additional fix for stride type as size_t
bb23361 fix potential overflow when width * height * 4 >= (1<<32)
883d41f gif2webp: fix crash with NULL extension data
3d97bb7 update ChangeLog (tag: v0.5.1, origin/0.5.1, 0.5.1)
deb54d9 Clarify the expected 'config' lifespan in WebPIDecode() deb54d9 Clarify the expected 'config' lifespan in WebPIDecode()
c7e2d24 update ChangeLog (tag: v0.5.1-rc5) c7e2d24 update ChangeLog (tag: v0.5.1-rc5)
c7eb06f Fix corner case in CostManagerInit. c7eb06f Fix corner case in CostManagerInit.

13
NEWS
View File

@ -1,3 +1,16 @@
- 12/13/2016: version 0.5.2
This is a binary compatible release.
This release covers CVE-2016-8888 and CVE-2016-9085.
* further security related hardening in the tools; fixes to
gif2webp/AnimEncoder (issues #310, #314, #316, #322), cwebp/libwebp (issue
#312)
* full libwebp (encoder & decoder) iOS framework; libwebpdecoder
WebP.framework renamed to WebPDecoder.framework (issue #307)
* CMake support for Android Studio (2.2)
* miscellaneous build related fixes (issue #306, #313)
* miscellaneous documentation improvements (issue #225)
* minor lossy encoder fixes and improvements
- 6/14/2016: version 0.5.1 - 6/14/2016: version 0.5.1
This is a binary compatible release. This is a binary compatible release.
* miscellaneous bug fixes (issues #280, #289) * miscellaneous bug fixes (issues #280, #289)

2
README
View File

@ -4,7 +4,7 @@
\__\__/\____/\_____/__/ ____ ___ \__\__/\____/\_____/__/ ____ ___
/ _/ / \ \ / _ \/ _/ / _/ / \ \ / _ \/ _/
/ \_/ / / \ \ __/ \__ / \_/ / / \ \ __/ \__
\____/____/\_____/_____/____/v0.5.1 \____/____/\_____/_____/____/v0.5.2
Description: Description:
============ ============

View File

@ -1,7 +1,7 @@
 __ __ ____ ____ ____ __ __ _ __ __  __ __ ____ ____ ____ __ __ _ __ __
/ \\/ \/ _ \/ _ \/ _ \/ \ \/ \___/_ / _\ / \\/ \/ _ \/ _ \/ _ \/ \ \/ \___/_ / _\
\ / __/ _ \ __/ / / (_/ /__ \ / __/ _ \ __/ / / (_/ /__
\__\__/\_____/_____/__/ \__//_/\_____/__/___/v0.3.1 \__\__/\_____/_____/__/ \__//_/\_____/__/___/v0.3.2
Description: Description:

View File

@ -1,4 +1,4 @@
AC_INIT([libwebp], [0.5.1], AC_INIT([libwebp], [0.5.2],
[https://bugs.chromium.org/p/webp],, [https://bugs.chromium.org/p/webp],,
[http://developers.google.com/speed/webp]) [http://developers.google.com/speed/webp])
AC_CANONICAL_HOST AC_CANONICAL_HOST

View File

@ -156,9 +156,9 @@ int ReadTIFF(const uint8_t* const data, size_t data_size,
} }
// _Tiffmalloc uses a signed type for size. // _Tiffmalloc uses a signed type for size.
alloc_size = (int64_t)((uint64_t)width * height * sizeof(*raster)); alloc_size = (int64_t)((uint64_t)width * height * sizeof(*raster));
if (alloc_size < 0 || alloc_size != (tmsize_t)alloc_size) goto End; if (alloc_size < 0 || alloc_size != (tsize_t)alloc_size) goto End;
raster = (uint32*)_TIFFmalloc((tmsize_t)alloc_size); raster = (uint32*)_TIFFmalloc((tsize_t)alloc_size);
if (raster != NULL) { if (raster != NULL) {
if (TIFFReadRGBAImageOriented(tif, width, height, raster, if (TIFFReadRGBAImageOriented(tif, width, height, raster,
ORIENTATION_TOPLEFT, 1)) { ORIENTATION_TOPLEFT, 1)) {

View File

@ -35,7 +35,7 @@ libwebp_la_LIBADD += utils/libwebputils.la
# other than the ones listed on the command line, i.e., after linking, it will # other than the ones listed on the command line, i.e., after linking, it will
# not have unresolved symbols. Some platforms (Windows among them) require all # not have unresolved symbols. Some platforms (Windows among them) require all
# symbols in shared libraries to be resolved at library creation. # symbols in shared libraries to be resolved at library creation.
libwebp_la_LDFLAGS = -no-undefined -version-info 6:1:0 libwebp_la_LDFLAGS = -no-undefined -version-info 6:2:0
libwebpincludedir = $(includedir)/webp libwebpincludedir = $(includedir)/webp
pkgconfig_DATA = libwebp.pc pkgconfig_DATA = libwebp.pc
@ -47,7 +47,7 @@ if BUILD_LIBWEBPDECODER
libwebpdecoder_la_LIBADD += dsp/libwebpdspdecode.la libwebpdecoder_la_LIBADD += dsp/libwebpdspdecode.la
libwebpdecoder_la_LIBADD += utils/libwebputilsdecode.la libwebpdecoder_la_LIBADD += utils/libwebputilsdecode.la
libwebpdecoder_la_LDFLAGS = -no-undefined -version-info 2:1:0 libwebpdecoder_la_LDFLAGS = -no-undefined -version-info 2:2:0
pkgconfig_DATA += libwebpdecoder.pc pkgconfig_DATA += libwebpdecoder.pc
endif endif

View File

@ -32,7 +32,7 @@ extern "C" {
// version numbers // version numbers
#define DEC_MAJ_VERSION 0 #define DEC_MAJ_VERSION 0
#define DEC_MIN_VERSION 5 #define DEC_MIN_VERSION 5
#define DEC_REV_VERSION 1 #define DEC_REV_VERSION 2
// YUV-cache parameters. Cache is 32-bytes wide (= one cacheline). // YUV-cache parameters. Cache is 32-bytes wide (= one cacheline).
// Constraints are: We need to store one 16x16 block of luma samples (y), // Constraints are: We need to store one 16x16 block of luma samples (y),

View File

@ -9,6 +9,6 @@ libwebpdemuxinclude_HEADERS += ../webp/mux_types.h
libwebpdemuxinclude_HEADERS += ../webp/types.h libwebpdemuxinclude_HEADERS += ../webp/types.h
libwebpdemux_la_LIBADD = ../libwebp.la libwebpdemux_la_LIBADD = ../libwebp.la
libwebpdemux_la_LDFLAGS = -no-undefined -version-info 2:0:0 libwebpdemux_la_LDFLAGS = -no-undefined -version-info 2:1:0
libwebpdemuxincludedir = $(includedir)/webp libwebpdemuxincludedir = $(includedir)/webp
pkgconfig_DATA = libwebpdemux.pc pkgconfig_DATA = libwebpdemux.pc

View File

@ -25,7 +25,7 @@
#define DMUX_MAJ_VERSION 0 #define DMUX_MAJ_VERSION 0
#define DMUX_MIN_VERSION 3 #define DMUX_MIN_VERSION 3
#define DMUX_REV_VERSION 0 #define DMUX_REV_VERSION 1
typedef struct { typedef struct {
size_t start_; // start location of the data size_t start_; // start location of the data

View File

@ -32,7 +32,7 @@ extern "C" {
// version numbers // version numbers
#define ENC_MAJ_VERSION 0 #define ENC_MAJ_VERSION 0
#define ENC_MIN_VERSION 5 #define ENC_MIN_VERSION 5
#define ENC_REV_VERSION 1 #define ENC_REV_VERSION 2
enum { MAX_LF_LEVELS = 64, // Maximum loop filter level enum { MAX_LF_LEVELS = 64, // Maximum loop filter level
MAX_VARIABLE_LEVEL = 67, // last (inclusive) level with variable cost MAX_VARIABLE_LEVEL = 67, // last (inclusive) level with variable cost

View File

@ -14,6 +14,6 @@ libwebpmuxinclude_HEADERS += ../webp/mux_types.h
libwebpmuxinclude_HEADERS += ../webp/types.h libwebpmuxinclude_HEADERS += ../webp/types.h
libwebpmux_la_LIBADD = ../libwebp.la libwebpmux_la_LIBADD = ../libwebp.la
libwebpmux_la_LDFLAGS = -no-undefined -version-info 2:1:0 -lm libwebpmux_la_LDFLAGS = -no-undefined -version-info 2:2:0 -lm
libwebpmuxincludedir = $(includedir)/webp libwebpmuxincludedir = $(includedir)/webp
pkgconfig_DATA = libwebpmux.pc pkgconfig_DATA = libwebpmux.pc

View File

@ -28,7 +28,7 @@ extern "C" {
#define MUX_MAJ_VERSION 0 #define MUX_MAJ_VERSION 0
#define MUX_MIN_VERSION 3 #define MUX_MIN_VERSION 3
#define MUX_REV_VERSION 1 #define MUX_REV_VERSION 2
// Chunk object. // Chunk object.
typedef struct WebPChunk WebPChunk; typedef struct WebPChunk WebPChunk;