Commit Graph

4546 Commits

Author SHA1 Message Date
James Zern
4edea4a695 Init{RGB,YUV}Rescaler: fix a few more int overflows
promote out_width to size_t before multiplying

src/dec/io_dec.c:301:30: runtime error: signed integer overflow: 2 *
1224167500 cannot be represented in type 'int'
  #0 0x55fd9e8de2bd in InitYUVRescaler src/dec/io_dec.c:301:30
  #1 0x55fd9e8de2bd in CustomSetup src/dec/io_dec.c:571:54

Bug: chromium:1196850
Change-Id: I70d0aac1b5eef163a3f353b721fb9ab561e02040
2021-06-14 12:22:28 -07:00
James Zern
c9e26bdb35 rescaler_utils: set max valid scaled w/h to INT_MAX/2
this will avoid the potential for some integer overflows in rescaler
calculations

Bug: chromium:1196850
Change-Id: Iaa09f5d6b888b39aaeb2154d470279620362d6eb
2021-06-14 12:22:28 -07:00
James Zern
28d488e6f1 utils.h: add SizeOverflow()
this normalizes the 'size != (size_t)size' checks in the libraries.

Change-Id: I1e8ccd0d3697266f23911ecf0f7a546f011befde
2021-06-14 12:22:28 -07:00
James Zern
695bdaa2f6 Export/EmitRescaledRowsRGBA: fix pointer offset int overflow
in Export increment the dst pointer, but in EmitRescaledRowsRGBA use
64-bit math as the number of output lines is variable and may still
overflow when incrementing.

Bug: chromium:1196850
Change-Id: I5c65b875894ee9da0fef1e24d27e507171800c4a
2021-06-14 12:22:21 -07:00
jzern@google.com
685d073ee1 Init{RGB,YUV}Rescaler: fix int overflows in multiplication
with large sizes the intermediate calculations may exceed 32-bits

src/dec/io_dec.c:491:17: runtime error: signed integer overflow: 3 *
788529152 cannot be represented in type 'int'
  #0 0x557a3ad972b2 in InitRGBRescaler src/dec/io_dec.c:491:17
  #1 0x557a3ad972b2 in CustomSetup src/dec/io_dec.c:563:29

Bug: chromium:1196850
Change-Id: Iaf2e8a6de9481dfea31dcd7fccb2d4eca767bddf
2021-06-10 15:26:44 -07:00
jzern@google.com
d38bd0dda0 WebPFlipBuffer: fix integer overflow
with large scale values the offset to the end of the buffer may exceed
32-bits range.

src/dec/buffer_dec.c:158:39: runtime error: signed integer overflow: 2 *
1275068416 cannot be represented in type 'int'
  #0 0x56444802bea5 in WebPFlipBuffer src/dec/buffer_dec.c:158:39

Bug: chromium:1196850
Change-Id: I08c8b69ada5d5dd3e9bf2b9006dffa0c5f2103a5
2021-06-10 15:26:34 -07:00
James Zern
109ff0f100 utils: allow MALLOC_LIMIT to indicate a max
in addition to checking the environment for "MALLOC_LIMIT"; the
environment will still take precedence.
this is in preparation for adding extreme config value coverage to
advanced_api_fuzzer

Bug: chromium:1196850
Change-Id: Ibe22f5e39e030a422fd6e383269bde35252d3fae
2021-06-07 18:59:39 -07:00
James Zern
a2fce86744 WebPRescalerImportRowExpand_C: promote some vals before multiply
avoids integer overflow in extreme cases:
src/dsp/rescaler.c:45:32: runtime error: signed integer overflow: 129 *
16777215 cannot be represented in type 'int'
    #0 0x556bde3538e3 in WebPRescalerImportRowExpand_C src/dsp/rescaler.c:45:32
    #1 0x556bde357465 in RescalerImportRowExpand_SSE2 src/dsp/rescaler_sse2.c:56:5
    ...

Bug: chromium:1196850
Change-Id: I4f923807f106713e113f3eec62a1d1c346066345
2021-06-07 18:59:33 -07:00
James Zern
776983d427 AllocateBuffer: fix int multiplication overflow check
after the check using 64-bit math we used a signed integer in the
multiplication. previously unsigned integer max was tested.

fixes cases like:
src/dec/buffer_dec.c:108:16: runtime error: signed integer overflow:
944731466 * 4 cannot be represented in type 'int'
    #0 0x55e56187dc1d in AllocateBuffer src/dec/buffer_dec.c:108:16
    #1 0x55e56187dc1d in WebPAllocateDecBuffer src/dec/buffer_dec.c:216:12
    ...

Bug: chromium:1196850
Change-Id: I6e5b3e5d1d5b50b5c98c39bbf9813a63fedc5ca7
2021-06-07 18:59:24 -07:00
James Zern
315abbd60b Merge "Revert "Do not use a palette for one color images."" 2021-05-24 18:53:42 +00:00
James Zern
eae815d0d1 Merge changes Ica3bbf75,I82f82954
* changes:
  cosmetics: remove use of 'sanity' / 'master'
  WebPAnimEncoderNewInternal: remove some unnecessary inits
2021-05-24 18:53:20 +00:00
Zhi An Ng
afbca5a152 Require Emscripten 2.0.18
Change-Id: I04fe7041fcd82d08416c37a6e95c36acb70c39dc
2021-05-24 10:35:36 -07:00
James Zern
3320416b2e CMakeLists,emscripten: use EXPORTED_RUNTIME_METHODS
rather than EXTRA_EXPORTED_RUNTIME_METHODS. this was deprecated in
2.0.18.

quiets a warning:
emcc: warning: EXTRA_EXPORTED_RUNTIME_METHODS is deprecated, please use
EXPORTED_RUNTIME_METHODS instead [-Wdeprecated]

https://emscripten.org/docs/introducing_emscripten/release_notes.html?highlight=exported_runtime_methods

Change-Id: I3acf22339a64f39a342051841a147744f6af954a
2021-05-21 15:09:04 -07:00
Zhi An Ng
29145ed692 Update README instructions for using Emscripten
- Point to a newer URL
- Use emcmake and emmake (which will set the CMake project file)

Change-Id: I3341b9f8e741436bc5961fbc77586963f3241c7a
2021-05-21 11:47:01 -07:00
James Zern
1f5791398c cosmetics: remove use of 'sanity' / 'master'
replace with more inclusive terms or remove the comment entirely if the
meaning was already clear.

Bug: webp:507
Change-Id: Ica3bbf751ebf79f6668df6e6209af770248ff4ca
2021-05-21 10:38:40 -07:00
James Zern
29b6129c78 WebPAnimEncoderNewInternal: remove some unnecessary inits
enc is allocated with WebPSafeCalloc so there's no need to clear the
pointers afterward.
this has the side-effect of removing a non-inclusive term.

Bug: webp:507
Change-Id: I82f82954936638c4c15d33b2d6f0497a6a13571f
2021-05-21 10:31:50 -07:00
James Zern
b60869a18e Revert "Do not use a palette for one color images."
This reverts commit b6513fbaa8.

This change can produce files that can cause decode failures in some
versions of chrome and safari/ios/macos.

https://chromium-review.googlesource.com/c/chromium/src/+/2876279

The chrome fix will be available in M92. This change can be revisited
after it and the mac updates are more widely deployed.

Bug: b/186640109,b/188702956
Change-Id: I296b8fe88c6c48219e3edf532226c4f972f1605b
2021-05-21 10:26:37 -07:00
James Zern
6fb4cddc93 demux: move padded size calc post unpadded validation
though the max chunk/payload sizes were checked and would fail the
padded size was being calculated beforehand which could result in a
(harmless) unsigned int overflow warning.

Bug: webp:508
Change-Id: I4fa30ded2b027c1577b03049a2deeb7bf75e5472
2021-05-15 10:59:06 -07:00
James Zern
05b72d4205 vp8l_enc.c: normalize index types
fixes conversion warnings in visual studio after:
b1674240 Add modified Zeng's method to palette sorting.

src\enc\vp8l_enc.c(296) : warning C4244: '=' : conversion from 'const
uint16_t' to 'uint8_t', possible loss of data
src\enc\vp8l_enc.c(299) : warning C4244: '=' : conversion from 'const
uint16_t' to 'uint8_t', possible loss of data

Change-Id: I981b1ba4912edbbafbd49f1f5b1043bf12266920
2021-04-28 15:09:34 -07:00
Vincent Rabaud
b6513fbaa8 Do not use a palette for one color images.
1 color images now always take 30 bytes.

Change-Id: Ifa86bc5320362c659672b3836160353d63576467
2021-04-28 13:14:28 +02:00
Vincent Rabaud
98bbe35b51 Fix multi-threading with palettes.
Change-Id: Ifa23378c1f9c489d5963b4928781e104a14eb01a
2021-04-27 16:54:03 +02:00
Vincent Rabaud
b1674240f9 Add modified Zeng's method to palette sorting.
Also add palette sorting to crunch configurations.

Change-Id: I010a8bf8f1921279db6e9c7209307d8d19a4d105
2021-04-27 13:11:18 +02:00
James Zern
88c90c4528 add CONTRIBUTING.md
this contains some of the basics for contributing patches to the
project. over time the instructions from
https://www.webmproject.org/code/contribute/submitting-patches/ can be
added here.

Change-Id: Ib5fcbc818c6feb87654517fdd7118f226c5cccc3
2021-04-23 18:35:44 -07:00
James Zern
6a9916d734 WebPRescalerInit: add missing int64_t promotion
large values of x_add and y_add may rollover an int causing a later
assertion to fail in WebPRescalerExportRow due to fxy_scale incorrectly
being set to 0.

fixes:
src/dsp/rescaler.c:178: void WebPRescalerExportRow(WebPRescaler *const):
Assertion `wrk->src_height == wrk->dst_height && wrk->x_add == 1'
failed.

Bug: chromium:1196480
Change-Id: I2c00f015d61a1257033d8edb1edd4d060d6878b7
2021-04-23 11:46:45 -07:00
James Zern
b6cf52d5b8 WebPIoInitFromOptions: treat use_scaling as a bool
this matches the description in WebPDecoderOptions and prevents a
mismatch between the user supplied options and the ones used by io.

Bug: chromium:1196773, chromium:1196775, chromium:1196480
Change-Id: I3603b806884cfc6969b093d06b7980b0cc13199b
2021-04-23 11:46:45 -07:00
James Zern
3b12b7f4b4 WebPIoInitFromOptions: treat use_cropping as a bool
this matches the description in WebPDecoderOptions and prevents a
mismatch between the user supplied options and the ones used by io.

Bug: chromium:1196480
Change-Id: Id464f999d737078078f9d21afe25b349317f5ab4
2021-04-23 11:46:45 -07:00
James Zern
595fa13f83 add WebPCheckCropDimensions()
and avoid integer overflow in test of x/width and y/height parameters
against the image width/height

Bug: chromium:1196778, chromium:1196777, chromium:1196480
Change-Id: I7b8f1f4dbebfe073b1ba260b8317979488655dcc
2021-04-23 11:46:45 -07:00
Vincent Rabaud
8fdaecb09d Disable cross-color when palette is used.
With palette+predictors, cross-color was forced (because of predictors).
No need for cross-color for palettes as R/B==0.
This saves 10 bytes per image that uses palette+predictors.

Change-Id: If2184d16cdabe1e8498009062284ad3e37ef1342
2021-04-23 17:43:36 +02:00
James Zern
8933bac212 WebPIoInitFromOptions: respect incoming bypass_filtering val
if bypass_filtering was set to 1 in the user provided options it
shouldn't be reset in the use_scaling pass even if the image satisfies
the scaling requirements.

Change-Id: I036029907886acb63748872d5f8763954a7c607b
2021-04-19 19:02:13 -07:00
James Zern
7d416ff085 webpdec,cosmetics: match error text to function call
WebPINewDecoder -> WebPIDecode

Change-Id: I5c17486ce2598a5dda687d7bc579daf7630c2133
2021-04-17 15:13:43 -07:00
Yannis Guyon
ec6cfeb51e Fix typo on WebPPictureAlloc() in README
Change-Id: I4435a6a2e53495e475f7f833b7d38b6a29ed73d1
2021-04-15 19:11:49 +02:00
James Zern
7e58a1a260 *.cmake: add license header
this syncs the files with CMakeLists.txt

Change-Id: I94d45ef61d33ee9e43973b5d4e85fab007941f67
2021-04-12 17:28:15 -07:00
James Zern
5651a6b2ed cmake: fix .so versioning
libtool uses -version-info current:revision:age, but the library created
is [c-a].a.r.

Change-Id: Icf081e156a818a3cd7579ad5ffe3b518d8532bdb
2021-04-07 13:51:22 -07:00
James Zern
25ae67b3de xcframeworkbuild.sh: add arm64 simulator target
this fixes simulator builds on an M1

Bug: webp:510
Change-Id: Ia2c81d33d9a85b432b17f22305b110ccc337b809
2021-03-15 15:25:44 -07:00
James Zern
5d4ee4c3c0 cosmetics: remove use of the term 'dummy'
this is replaced with more inclusive / informative text

Bug: webp:507
Change-Id: Ib77f0c79dd548601bf2bc3169985af4b5edf0a62
2021-03-15 11:39:06 -07:00
Ilya Kurdyukov
01b38ee19a faster CollectColorXXXTransforms_SSE41
3/4% faster overall.

Change-Id: If555c5530238ca0342b8d97b0d708b1bdc888d3f
2021-02-19 20:45:07 +01:00
Pascal Massimino
652aa34424 Merge "Use BitCtz for FastSLog2Slow_C" 2021-02-19 17:39:30 +00:00
Skal
0320e1e36f add the missing default BitsCtz() code
Change-Id: Iff3ea946a380837b9dfad58350173b68b45e1347
2021-02-19 17:04:35 +00:00
Ilya Kurdyukov
8886f620c0 Use BitCtz for FastSLog2Slow_C
Change-Id: Icc6068b8934e481e6f17efd30616392e68d504ad
2021-02-19 15:11:42 +01:00
Ilya Kurdyukov
fae416179e faster CombinedShannonEntropy_SSE2
optimized for sparse histograms

Change-Id: I54412f5f8fc53d2598964a5be91f6c54ece3f21b
2021-02-19 13:14:46 +01:00
Ilya Kurdyukov
5bd2704e30 Introduce the BitCtz() function.
* Use a WEBP_HAVE_SLOW_CLZ_CTZ flag when they are slow (LUT-based).

Change-Id: If707c121b8800438be404594a39bb123ef25b0f0
2021-02-19 11:52:05 +01:00
James Zern
fee642870e Merge "wicdec,icc: treat unsupported op as non-fatal" 2021-02-18 21:28:47 +00:00
James Zern
33ddb894b1 lossless_sse{2,41}: remove some unneeded includes
Change-Id: Icd2cffd32b39c6bf017eee353ac04a4b6d337a11
2021-02-18 10:54:09 -08:00
James Zern
b27ea8525a wicdec,icc: treat unsupported op as non-fatal
ICC extraction via GetColorContexts may fail due to the operation not
being supported with e.g., bitmaps.

Bug: webp:506
Change-Id: I587220e688ac90d77c84af21c9e7bc8bf178f3aa
2021-02-18 10:36:13 -08:00
Pascal Massimino
b78494a933 Merge "Fix undefined signed shift." 2021-02-18 16:51:17 +00:00
Vincent Rabaud
e79974cd6a Fix undefined signed shift.
Using the fix from SSE2.

Change-Id: Ie53d0163d97322da5a722c3e49f9d5f057ee1d91
2021-02-18 16:56:22 +01:00
Ilya Kurdyukov
a885339448 SSE4.1 versions of BGRA to RGB/BGR color-space conversions
Change-Id: Iacafd2f6402080b02fcbf75831e69c488f447454
2021-02-18 15:32:30 +01:00
Ilya Kurdyukov
a09a647241 SSE4.1 version of TransformColorInverse
Change-Id: I6ba5cb35917eef7a52152c4924eca205b4af7220
2021-02-18 12:42:39 +01:00
James Zern
401da22bd6 Merge "pngdec: check version before using png_get_chunk_malloc_max" 2021-02-11 00:44:19 +00:00
James Zern
2690782292 pngdec: check version before using png_get_chunk_malloc_max
png_get_chunk_malloc_max / png_set_chunk_malloc_max were added in 1.4.1.

Bug: webp:505, webp:497
Change-Id: Id4e0643a7734563fec7779f7943ec760da8d276d
2021-02-10 13:41:54 -08:00