dany/libwebp
1
0
Fork 0
mirror of https://github.com/webmproject/libwebp.git synced 2026-04-09 14:22:31 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity
5,135 Commits 36 Branches 68 Tags
0c9546f7efc61eac7f79ae115c3f99c91c21c443
Commit Graph

5135 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Vincent Rabaud
0c9546f7ef Expand the muxer fuzzer. 
And fix a few bugs it already found.

Bug: 497882857

Change-Id: I4af63d7e7fece0686dac931d54a5e855353aaa3a
 2026-04-01 13:25:56 +02:00
Vincent Rabaud
b8814a57f0 Add a fuzzer for ReadAnimatedImage 
Bug: 496629074
Change-Id: Ie984f0eab67e8e6eda44abeedf9c13aa213dd340
 2026-03-30 10:52:48 +02:00
Vincent Rabaud
a7441f5630 Merge "Fix some harmless potential overflows." into main 2026-03-28 05:09:20 -07:00
Vincent Rabaud
d9bf5734bb Fix some harmless potential overflows. 
Change-Id: Iebf78971f43b795d90e05316540ce00ba79443dc
 2026-03-27 22:09:00 +01:00
James Zern
08bc1239bd README.md: update bug tracker link 
Use a direct link to the creation page to avoid WebP bugs being filed
under the top-level WebM component when the 'Create Issue' button is
used.

Change-Id: Ibe5990e5a1c7cb6bcf159850fb3bceadbbfc16f1
 2026-03-27 09:24:33 -07:00
Vincent Rabaud
5755839a47 Limit the amount of RAM allocated for Huffman trees 
This will help excessive memory allocation for images not encoded
by libwebp.

BUG: 494764367
Change-Id: I95fc345df541d8b134e455c8c33a496f46746655
 2026-03-24 10:38:24 +01:00
Vincent Rabaud
d25c11493a Remove unreachable condition 
Change-Id: I9149d1574f72e6ecb532300712660abb29d0d027
 2026-03-16 15:33:09 +01:00
Vincent Rabaud
561325651c Fix PNM decoder in case of missing tags 
Change-Id: I6a760ff02d94f6af969d483e3f3e2731ad7eb41e
 2026-03-15 20:20:50 +01:00
Vincent Rabaud
f342dfc175 Reduce the number of pixels in crunch mode for the fuzzer 
BUG: oss-fuzz:482603188
Change-Id: Iab8c2eb9d00efa06fa148642c86b6a4f99a5a791
 2026-02-09 10:32:39 +01:00
James Zern
d29e00aa70 anim_decode: fix overflow in ZeroFillFrameRect 
This function was missed in 1c364400 (prevent 32b overflow for very
large canvas_width / height) when related functions were updated.

Bug: 481737032
Change-Id: If55cc0490e5ed4f3fc3da07d9b4a5cd921a107ee
 2026-02-05 13:07:59 -08:00
Vincent Rabaud
45102247a8 Use proper image dependency targets now that CMake >= 3.16 
This removes some include_directories that can create confusion on
OSX.

BUG: 470992419

Change-Id: I213c8b0482be6bce845852773557f92821e897d3
 2025-12-24 15:10:53 +01:00
Vincent Rabaud
d52b9ee34d Be consistent with the includes in non-src folders. 
BUG: 470992419

Change-Id: I55618205da7dcfe17d96a7c3ee69d924a63d1acf
 2025-12-23 16:54:48 +01:00
Vincent Rabaud
9b78419750 Fix potential memory leak for big rescaling 
That only happens when the rescaling buffer from WebPRescalerInit
does not fit in a size_t, so on 32-bit or less.

Change-Id: I18a79106d0c47f7ddf130099dde0fec6f2a2301d
 2025-12-23 10:59:13 +01:00
Vincent Rabaud
d078f7d201 Fix fuzzer when one scaled dimension is 0 
BUG: 470038406

Change-Id: If64f841bde21ca80822d6c4e0f228b7d00f326d7
 2025-12-19 09:58:16 +00:00
Vincent Rabaud
a9f3b447ae Merge "Get code to compile with older VS with partial AVX2 support." into main 2025-12-12 04:24:11 -08:00
James Zern
d67d73bf5a idec_dec.c: add missing WEBP_SELF_ASSIGN 
Fixes coverity / static analysis warning:
Assigning "dec->alpha_data_size" to itself has no effect.

Missed in:
b81f4620 Fix -fbounds-safety errors in `dec`.

Change-Id: I0aa447dff47f1687bf1ef358a9d53f893b64bf68
 2025-12-09 12:18:25 -08:00
Vincent Rabaud
d7af7dd7cb Get code to compile with older VS with partial AVX2 support. 
This is inspired by
https://aomedia.googlesource.com/aom/+/b2f80f721fe87547e3bae73be550e3d75ba478ad/aom_ports/msvc.h#57
This was reported on https://github.com/opencv/opencv/pull/28139

Change-Id: Iad38d842ef1647fc1a578a851b3593281855e30e
 2025-12-09 13:25:50 +01:00
Vincent Rabaud
934b7d7448 Merge "Clarify dc[k]^ range" into main 2025-12-02 12:22:21 -08:00
James Zern
2d5c82155a Merge "Fix -fbounds-safety errors in dec." into main 2025-12-02 09:51:09 -08:00
Vincent Rabaud
507c372276 Clarify dc[k]^ range 
Change-Id: If748958c8dd4f82bbef974aa4f40a4d0a758d10b
 2025-12-02 18:05:43 +01:00
Vincent Rabaud
4c7aaa92e4 More fuzzer fixes 
- allow for malloc to return 0.
- do not go through big resizing

BUG: oss-fuzz:4667732529577984, oss-fuzz:6595689259008000
Change-Id: I56892bbba2fbcf5d1ceede2b56ea34612f8d13ac
 2025-12-02 13:54:25 +01:00
Arman Hasanzadeh
b81f462050 Fix -fbounds-safety errors in dec. 
This change adds -fbounds-safety annotations to several pointers in the
`dec` directory. These annotations resolve errors and warnings that
arose from interactions with annotated functions in `utils`.

Bug: 465196207
Change-Id: I89554b85b19cd068c619c3ed2a31c36eb93d552a
 2025-12-01 15:02:47 -08:00
Vincent Rabaud
f776da44f4 Make uint32_t multiplication explicitly uint64_t 
There cannot be any overflow in practice, this is to quiet some
analyzer.

Change-Id: Ib76fc13aa27b72063ba6032f659987f47bb57117
 2025-12-01 12:59:27 +01:00
Vincent Rabaud
4fc426c461 Force bash for fuzz tests 
Change-Id: I73777b3285354d26a65b70665967d6f82d6a4db4
 2025-11-28 09:52:32 +01:00
Vincent Rabaud
770ca097e7 Remove the other -rss_limit_mb= used by oss-fuzz 
Change-Id: I21689d30c2665138d38ec13ff71a209e46ca3fea
 2025-11-27 10:02:32 +01:00
Vincent Rabaud
488f26bc16 Do not have OOM be fuzzer errors 
BUG: 463791651, 463746806, 463795905

Change-Id: Ie2272ec1f27ae3140306a9c91abec2bb4c9d42d9
 2025-11-26 14:52:11 +01:00
Vincent Rabaud
3532891de4 Fix potential overflow in imageio 
BUG: 836597550
Change-Id: I7c00f4cb831142113e6c27e632f989e8cd84ef76
 2025-11-25 12:42:39 +01:00
Vincent Rabaud
a3dddea9b5 Prevent some overflow during MBAnalyze 
kThreshold * m2 can be 17 * (16*(16*255)^2) in the worst case.

Change-Id: Id9d82a7f2f933273bb04e7df37aaf724b3a69f43
 2025-11-24 16:17:58 +01:00
Vincent Rabaud
5465220b03 Add arbitrary data for the encoding fuzzers 
Change-Id: Ia264e0edf742630f45d22670f5e1ead140036046
 2025-11-24 16:16:18 +01:00
Vincent Rabaud
4ebf0b0ac8 Properly validate picture dimensions for overflow 
Change-Id: I42735f6c651d0bb768b9c727209a7b5fe991b456
 2025-11-21 09:08:15 +01:00
James Zern
df24b5632e Merge "VP8ApplyNearLossless: skip alloc for small images" into main 2025-11-18 11:52:34 -08:00
James Zern
3697df15d7 Merge "io_dec,CustomSetup: rm unnecessary 'is_alpha' check" into main 2025-11-18 11:52:24 -08:00
Vincent Rabaud
acedec6860 Update the emscripten instructions 
More info at:
https://wiki.libsdl.org/SDL2/README-emscripten#building-sdlemscripten

Change-Id: Iaec18c6f540d0753ef07327f4a7ecde7d86cea12
 2025-11-18 19:09:01 +01:00
Andrzej Hunt
41c2a8d2f5 VP8ApplyNearLossless: skip alloc for small images 
Change-Id: I193513c1fbbc5fab571014d3cfd3319d671d8949
 2025-11-17 15:12:06 +00:00
James Zern
05934f93b9 io_dec,CustomSetup: rm unnecessary 'is_alpha' check 
`WebPIoInitFromOptions()` doesn't distinguish between `MODE_YUV` and
`MODE_YUVA`, only RGB vs YUV. Removing this check also removes a
confusing mix up between `MODE_YUV` and `MODE_YUVA` in the conditional.

Change-Id: Id46b21785433aded733ad914941398b0bd5d6b8f
 2025-11-11 16:18:13 -08:00
Vincent Rabaud
2760d87827 Do not index costs out of bounds. 
In practice, the value is never read.

Change-Id: Idb33dad2581e597bd5e5b5c9414ae2c34f3a8ef2
 2025-11-04 10:24:45 +01:00
Vincent Rabaud
2d16e4ac95 Use ptrdiff_t to avoid potential int overflow 
Change-Id: I2a32506ee2e987b6b5a20a3f472af21b946289c3
 2025-11-04 09:23:43 +01:00
Vincent Rabaud
2a755e7eec Set alpha to 0xff in ImportYUVAFromRGBA by default 
Change-Id: I09d69aff23d990bf171cc0afaec0fd60e3ba9365
 2025-10-30 11:40:58 +01:00
James Zern
d1e9c93961 Merge "Convert additional memcpy/memsets to unsafe variants" into main 2025-10-28 20:54:15 -07:00
Vincent Rabaud
160ad07632 Add a fuzzer for WebPDecoderConfig 
Change-Id: I156304ae361c5f18ec2705adec51dae51ff91f2e
 2025-10-28 11:28:23 +01:00
Vincent Rabaud
4efd97e825 Shorten sclip1 
The maximum range for sclip1 is at:
https://chromium.googlesource.com/webm/libwebp/+/refs/tags/v1.6.0/src/dsp/dec.c#521
where:

const int a = VP8ksclip1[3 * (q0 - p0) + VP8ksclip1[p1 - q1]];
3 * 255 + 127 = 892 and 3 * -255 - 128 = -893

Change-Id: I13f73c28fad4429c1ba69b87cd6f6c0e97f40771
 2025-10-28 10:09:02 +01:00
mxms
ea3f3f7c00 Convert additional memcpy/memsets to unsafe variants 
Bug: 432511225
Change-Id: I5ea1fcc2e4884985bec0b3a7618dd75dbd6c21f8
 2025-10-28 05:40:19 +00:00
Vincent Rabaud
3eb58b56d9 Fix clipping arrays 
Those arrays are only used for filtering

Change-Id: Ic609222b51ba8509fca5f1a3119213d3e78ca6ad
 2025-10-27 10:51:41 +01:00
mxms
ed05414168 Prepare decoder and demuxer for -fbounds-safety adoption 
Change memcpy|memset|memchr to unsafe variants

Add WEBP_ASSUME_UNSAFE_INDEXABLE_ABI to relevant files. I've also added
it to lossless.h, yuv.h, and decode.h as they're all imported by code in
dec, which will have -fbounds-safety annotations.

Bug: 432511225
Change-Id: I3011a0a56633b8437ead31607c7ac5f6311fa846
 2025-10-25 13:40:45 -07:00
James Zern
9f14c2605b Merge "Move non-abi breaking annotations into types.h" into main 2025-10-22 12:53:30 -07:00
mxms
0ee1a5f4b0 Move non-abi breaking annotations into types.h 
By moving non-abi breaking annotations into types.h, this enables us to
mark more of libwebp as unsafe to allow better interop with struct
members which default to __single.

Change-Id: I54b78f68581e41389538f7332989c04c2e02ccc7
Bug: webp:432511225
 2025-10-22 01:53:59 +00:00
James Zern
3066c7ea59 Merge changes I32b33cb9,I118aac97 into main 
* changes:
  tests/fuzzer: apply clang-format
  .clang-format: add DerivePointerAlignment: false
 2025-10-21 11:27:10 -07:00
Vincent Rabaud
23359a1039 Process rows properly in case of YUV cropping on odd lines. 
Bug: 447845730,447958064,448792425,449246999,449546226,449781448
Change-Id: Ie8a855b5410019ec1f618fa4d4705ae3984db444
 2025-10-10 11:03:26 +02:00
Vincent Rabaud
61791c774a Expand the 64-bit platforms for VP8LBitWriter 
The defines are the same as the ones in bit_reader_utils.h

Change-Id: I3782425baf7dfb861dcc39d7683fba5c15e33f84
 2025-10-10 09:22:25 +02:00
mxms
e40787da71 Add WEBP_UNSAFE_MEMCMP helper 
Memcmp is used in other parts of libwebp which we didn't see yet in
webputils. The places that use memcp use it as an expression, (i.e. if
(memcmp(...)), so explicitly do not wrap in do { } while (0) guard.

Change-Id: Ifa972640bae052717a1af02112c62dc197dfe0f1
 2025-10-09 16:38:41 +00:00