Commit Graph

2880 Commits

Author SHA1 Message Date
James Zern
f6d15cb747 bump version to 1.4.0
libwebp{,decoder} - 1.4.0
libwebp libtool - 8.9.1
libwebpdecoder libtool - 4.9.1

mux - 1.4.0
libtool - 4.0.1

demux - 1.4.0
libtool - 2.15.0

sharpyuv - 0.4.0
libtool - 1.0.1

Bug: webp:627
Change-Id: I9a61d83ee92809de1c2501d1b4fb68aa38f98850
2024-04-01 15:37:40 -07:00
James Zern
3c0011bbd1 WebPMuxGetChunk: add an assert
assert idx != IDX_LAST_CHUNK to quiet a static analysis warning
(reported by Coverity):
  overrun-local: Overrunning array kChunks of 11 12-byte elements at
    element index 11 (byte offset 143) using index idx (which evaluates
    to 11).

Change-Id: I85ae159e338d5670c007f76277ffe94e7a1dcafc
2024-03-21 18:32:55 -07:00
James Zern
00abc0007c muxread,MuxGet: add an assert
assert idx != IDX_LAST_CHUNK to quiet a static analysis warning
(reported by Coverity):
  Indexing array kChunks of size 11 with idx.

Change-Id: I5e54b5c09d23c26abbd1a7919b6f828b35fe4f75
2024-03-20 12:36:37 -07:00
Vincent Rabaud
7fac6c1bf2 Merge "Copy C code to not have multiplication overflow" into main 2024-03-07 12:14:57 +00:00
Vincent Rabaud
501d9274a7 Copy C code to not have multiplication overflow
Change-Id: I9375170ce1217921a334c5b93dc3e0084f976688
2024-03-07 09:22:20 +01:00
James Zern
661c1b6641 Merge "windows exports: use dllexport attribute, instead of visibility." into main 2024-03-06 23:54:57 +00:00
Ozkan Sezer
8487860a8c windows exports: use dllexport attribute, instead of visibility.
With older toolchains, at the least, visibility attributes don't
work and all symbols are exported along with lots of unsupported
warnings.

Change-Id: I6ffe220b7589a6bda00f42c17ead35592de7cc5a
2024-03-07 01:14:37 +03:00
James Zern
8ea678b990 webp/mux.h: data lifetime note w/copy_data=0
The data mostly must persist until a call to Assemble() is made. If the
data is discarded and subsequent calls are made the behavior is
undefined.

Change-Id: I64b39034ae4663e9ca25b85040b6068d09dfac04
2024-03-06 11:11:24 -08:00
natewood
45f995a37e Expose functions for managing non-image chunks on WebPAnimEncoder
Change-Id: Ie6376267eee6df3517417b6cadafcdf6112bd854
2024-02-27 16:55:24 -08:00
James Zern
4723db65bc cosmetics: s/SANITY_CHECK/DCHECK/
'sanity' is not an inclusive term. This is a debug check so DCHECK
better shows the intent.

https://source.android.com/docs/setup/contribute/respectful-code

Change-Id: I4cdad3ef9ddf0404d26e46b8430e3ad1d715c5b2
2024-02-16 11:57:16 -08:00
James Zern
f4b9bc9ea1 clear -Wextra-semi-stmt warnings
This is available with clang. Clears warnings of the form:
  warning: empty expression statement has no effect; remove unnecessary
    ';' to silence this warning [-Wextra-semi-stmt]

As a side-effect it also clear a few -Wpedantic warnings with gcc:
  warning: ISO C does not allow extra ';' outside of a function
    [-Wpedantic]

Change-Id: I9295c767aad475c68b1fbbdff855b0d6650a25f5
2024-02-15 18:55:22 -08:00
Vincent Rabaud
89c5b91746 Merge "BuildHuffmanTable check sorted[] array bounds before writing" into main 2023-11-22 15:45:18 +00:00
Vincent Rabaud
34c8074915 Remove alpha encoding pessimization.
This was created to have outputs readable with libwebp 0.4.x
Jelly-Bean and Kit-Kat are not supported anymore:
https://android-developers.googleblog.com/2021/07/google-play-services-discontinuing-jelly-bean.html
https://android-developers.googleblog.com/2023/07/google-play-services-discontinuing-updates-for-kitkat.html

Change-Id: I0b9ff3091412ce12eb50da301d7dacace9b54cc3
2023-11-14 14:18:12 +01:00
Vincent Rabaud
13d9c30b2b Add a WEBP_NODISCARD
Change-Id: Ice66f2aa6358474d728fb19c571edc86ed139a49
2023-11-10 13:57:07 +01:00
Jonathan Grant
0b56dedc98 BuildHuffmanTable check sorted[] array bounds before writing
Change-Id: I6a83f414e86311121451e9da26004dfc3ac9b21f
2023-10-27 00:17:27 +01:00
Arthur Eubanks
307071f144 Remove medium/large code model-specific inline asm
Initially added to workaround gcc implementation issues that clang
does not have. (gcc hardcodes rbx as the PIC register, clang uses a
virtual register)

Change-Id: I1a3277abf02b1ff437b4aea4d28f4cb1c0176b80
2023-10-24 09:48:12 +02:00
Vincent Rabaud
d2cb2d8cfc Dereference after NULL check.
Change-Id: Ia592affff075b2e00c150b89febcf676c7dcbbd2
2023-10-11 14:21:54 +02:00
Vincent Rabaud
35e197bdb7 Never send VP8_STATUS_SUSPENDED back in non-incremental.
Add the incremental_ member to the internal VP8Decoder,
to mimic VP8LDecoder

Change-Id: I34842e473bb566f51c18fe42afda63e66c0185b6
2023-09-19 10:28:02 +02:00
Masahiro Hanada
dce8397fec Fix next is invalid pointer when WebPSafeMalloc fails
When WebPSafeMalloc fails on VP8LHuffmanTablesAllocate,
next is not initialized to NULL.
VP8LHuffmanTablesDeallocate uses next to know the following nodes.
A patch fixes this issue.

Change-Id: I144ae84cd97e5bca227018ef1afa95361267902c
2023-09-15 13:59:30 +02:00
Vincent Rabaud
c1ffd9ac75 Merge "vp8l_enc: fix non-C90 code" into main 2023-09-15 06:45:52 +00:00
Vincent Rabaud
a3965948e0 Merge changes If628bb93,Ic79f6309,I45f0db23 into main
* changes:
  Update lossless spec for two simple codes.
  Fix non-C90 code.
  Fix static analyzer warnings.
2023-09-15 06:44:42 +00:00
James Zern
f80e9b7e4c vp8l_enc: fix non-C90 code
Change-Id: I14b5288c1b9392dcb64db09b9852f1d7d47b3200
2023-09-14 16:21:04 -07:00
Vincent Rabaud
ac17ffffcb Fix non-C90 code.
Thank you OpenCV: https://github.com/opencv/opencv/blob/
1e54e5657927996e86b155d89f51c7b5a73461d2/3rdparty/libwebp/
CMakeLists.txt#L24

Change-Id: Ic79f6309951f96c380e44b3167c1a36aae6d8903
2023-09-14 22:43:45 +02:00
Vincent Rabaud
433c7dca11 Fix static analyzer warnings.
Change-Id: I45f0db2310b1188809963af93240e3d438f807b8
2023-09-14 22:43:45 +02:00
James Zern
5fac76cf8d libwebp-1.3.2
- 9/13/2023: version 1.3.2
   This is a binary compatible release.
   * security fix for lossless decoder (chromium: #1479274, CVE-2023-4863)
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCgAdFiEEaw5rcJdt4wPt8vYB+cPWvbgjK10FAmUCZrcACgkQ+cPWvbgj
 K12xQBAAoR6PIMHsttDUvgrCmgM19HbDVYmN3fK1VSL2yhT2Nj71hloIBQ46j+pJ
 aLyOhLX92yvvDEORDvm12LO7e7VwbPxc66Lwh5q0AjgsliMD1sR0yFJHVnZTOrJ/
 ndF0G1dNkrwYYYLWPIDtxrfr2eyB0+el8zjUCkWuKn5WSeaiV3FNfjHmNjQsgf1K
 dyy4DHcmZb5N2eJ6OvsiGvp7JwOjTpoHmYB2TbqfzqbV3Wq/aWgLsuGffpcNiEgP
 i/GCTapAFTdYW7StqXUGWML0IV3E3CrcBYjlWJqR499/DTfX1jrNcyWbuR0iaM9e
 yKlYS4PeylB6xdyEGVNM+8j3Trt3YYxvTGO/ydh9D4CtjaJPzlLfs2646AaV6TFW
 34t9mUDm1ZqQP8yJNqpSF00iwH0LA5/dKTd9Xr/MSifB/nvF3aqQjEDHLeTgD6pS
 D0Kf6OkhBtRuDbw7bTMwTGOZ5Z/VLG9JFni9JPt/KylBANUXQAI8vn0jjZRmpAki
 ketic0AgoDtH1TmPA+AzbiPWxKuFHfH3CpoECsgbpJjuMjbJ7EuXDfiG6cUIqTrD
 Lk+r1jgkCTWikB0KnGxDaNnDx+U0iatH4XfuAqp0o3pEHdgH0p4Gk3Kb8oraSZNv
 Y9AM9TaUaGPZxdyXfyR8glvHSu3li15DF1l1Ewml9qSxuqs/4Ls=
 =Rv7k
 -----END PGP SIGNATURE-----

Merge tag 'v1.3.2'

libwebp-1.3.2

- 9/13/2023: version 1.3.2
  This is a binary compatible release.
  * security fix for lossless decoder (chromium: #1479274, CVE-2023-4863)

* tag 'v1.3.2':
  update ChangeLog
  update NEWS
  bump version to 1.3.2
  Fix OOB write in BuildHuffmanTable.

Bug: webp:620
Change-Id: I094a4fe6ab4f3f8ada6fb662ba9cc6ec0f3bdd87
2023-09-13 19:08:16 -07:00
James Zern
63234c4296 bump version to 1.3.2
libwebp{,decoder} - 1.3.2
libwebp libtool - 8.8.1
libwebpdecoder libtool - 4.8.1

mux - 1.3.2
libtool - 3.13.0

demux - 1.3.2
libtool - 2.14.0

sharpyuv - 0.2.1 (no change)
libtool - 0.1.0 (no change)

Bug: webp:620
Change-Id: I9a61d83ee92809de1c2501d1b4fb68aa38f98850
2023-09-13 13:24:49 -07:00
Vincent Rabaud
a35ea50de4 Add a fuzzer for ReadHuffmanCodes
Change-Id: If8c30aaa87c34007ae455a03daa7b3c0f22fc8c3
2023-09-12 23:41:29 +02:00
Vincent Rabaud
95ea5226c8 Fix invalid incremental decoding check.
The first condition is only necessary if we have not read enough
(enough being defined by src_last, not src_end which is the end
of the image).
The second condition now fits the comment below: "if not
incremental, and we are past the end of buffer".

BUG=oss-fuzz:62136

Change-Id: I0700f67c62db8e1c02c2e429a069a71e606a5e4f
2023-09-12 09:22:53 +02:00
Vincent Rabaud
2af26267cd Fix OOB write in BuildHuffmanTable.
First, BuildHuffmanTable is called to check if the data is valid.
If it is and the table is not big enough, more memory is allocated.

This will make sure that valid (but unoptimized because of unbalanced
codes) streams are still decodable.

Bug: chromium:1479274
Change-Id: I31c36dbf3aa78d35ecf38706b50464fd3d375741
(cherry picked from commit 902bc91903)
2023-09-07 15:14:39 -07:00
Vincent Rabaud
902bc91903 Fix OOB write in BuildHuffmanTable.
First, BuildHuffmanTable is called to check if the data is valid.
If it is and the table is not big enough, more memory is allocated.

This will make sure that valid (but unoptimized because of unbalanced
codes) streams are still decodable.

Bug: chromium:1479274
Change-Id: I31c36dbf3aa78d35ecf38706b50464fd3d375741
2023-09-07 21:16:03 +02:00
Vincent Rabaud
7ba44f80f3 Homogenize "__asm__ volatile" vs "asm volatile"
According to https://gcc.gnu.org/onlinedocs/gcc/extensions-to-the-c-language-family/how-to-use-inline-assembly-language-in-c-code.html

For the C language, the asm keyword is a GNU extension. When
writing C code that can be compiled with -ansi and the -std options
that select C dialects without GNU extensions, use __asm__ instead
of asm (see Alternate Keywords). For the C++ language, asm is a
standard keyword, but __asm__ can be used for code compiled with
-fno-asm.

Change-Id: I4af950e67c857c890290c1e3d9cc886da0748784
2023-09-06 17:15:05 +02:00
James Zern
943b932a7e Merge changes I6a4d0a04,Ibc37b91e into main
* changes:
  decode.h: wrap idec example in /* */
  decode.h: fix decode example
2023-08-18 00:38:04 +00:00
James Zern
1cc94f9521 decode.h: wrap idec example in /* */
This makes it easier to read and copy/paste, though this is just rough
pseudo-code. It also matches the formatting of the advanced decoder
example.

Change-Id: I6a4d0a04a12bfc1f1956ac965ff4869cefc4f3df
2023-08-15 19:11:50 -07:00
James Zern
63acdd1e06 decode.h: fix decode example
spotted by tsutsui123 at gmail

Bug: webp:615
Change-Id: Ibc37b91e85427b2424b698043a40cce98bae356d
Fixed: webp:615
2023-08-15 19:07:11 -07:00
James Zern
aac5c5d0df ReadHuffmanCode: rm redundant num code lengths check
4 bits are read ([0, 15]) with 4 added to the result. The check that the
result is not > NUM_CODE_LENGTH_CODES (19) is redundant. This makes the
check an assert for documentation purposes.

webp-lossless-bitstream-spec.txt is updated accordingly.

Bug: webp:611
Change-Id: Ie461017dc9de3da4cfe6856543d3dcf58f53a180
2023-08-14 18:07:17 -07:00
James Zern
c63c5df618 palette.c: fix msvc warnings
after:
1432ebba Refactor palette sorting computation.

fixes:
src\utils\palette.c(384): warning C4028: formal parameter 2 different
  from declaration
src\utils\palette.c(384): warning C4028: formal parameter 3 different
  from declaration
src\utils\palette.c(384): warning C4028: formal parameter 5 different
  from declaration

Change-Id: If29205f346e674108646045b7a3d90f078fed9b0
2023-07-28 09:07:11 -07:00
Vincent Rabaud
1432ebbadb Refactor palette sorting computation.
This will ease the integration of new methods.

Change-Id: Icec3eddaa4ab9030d28ccfe579eb6dc13ded2f02
2023-07-26 10:25:14 +02:00
James Zern
af7fbfd2d9 vp8l_dec,ReadTransform: improve error status reporting
ExpandColorMap() can fail due to a memory allocation failure.

Found by Nallocfuzz (https://github.com/catenacyber/nallocfuzz).

Change-Id: I868c5db2fee18e876f4aa3b63e744d7297d1a91b
2023-07-21 16:30:50 -07:00
James Zern
7d8e0896e9 vp8l_dec: add VP8LSetError()
similar to VP8SetError(); the first error set takes precedence

Change-Id: Id00eb134cac328f72142a2ec0909e72768a6be0e
2023-07-21 16:30:49 -07:00
James Zern
ee72299796 alpha_dec: add missing VP8SetError()
in AllocateAlphaPlane() and VP8DecompressAlphaRows().

Found by Nallocfuzz (https://github.com/catenacyber/nallocfuzz).

Change-Id: I39eb305abfe9f4d7915cce5d91e72917f482bc20
2023-07-18 16:25:29 -07:00
James Zern
47c0af8daf ReadHuffmanCodes: rm max_alphabet_size calc
This is unnecessary as green will have the largest value; the sizes are
currently: 256 + 24 + color_cache_size, 256, 40, in that order.

Change-Id: Ib9ce3292285a7b9c6089557b68a87184b68d17a5
2023-07-12 12:04:57 -07:00
James Zern
5c965e55dd vp8l_dec,cosmetics: add some /*param=*/ comments
Change-Id: I8912a5d8a8f550517e644e1af6b468b49505247f
2023-07-07 19:57:47 -07:00
Vincent Rabaud
eac3bd5c53 Have the palette code be in its own file.
Change-Id: I099a342effedd9f451c94d00a14aead27079e6cc
2023-07-06 22:09:24 +02:00
James Zern
4222b00679 libwebp-1.3.1
- 6/23/2023: version 1.3.1
   This is a binary compatible release.
   * security fixes for lossless encoder (#603, chromium: #1420107, #1455619,
     CVE-2023-1999)
   * improve error reporting through WebPPicture error codes
   * fix upsampling for RGB565 and RGBA4444 in NEON builds
   * img2webp: add -sharp_yuv & -near_lossless
   * Windows builds:
     - fix compatibility with clang-cl (#607)
     - improve Arm64 performance with cl.exe
     - add Arm64EC support
   * fix webp_js with emcc >= 3.1.27 (stack size change, #614)
   * CMake fixes (#592, #610, #612)
   * further updates to the container and lossless bitstream docs (#581, #611)
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCgAdFiEEaw5rcJdt4wPt8vYB+cPWvbgjK10FAmSc53oACgkQ+cPWvbgj
 K120Fg//f0JkK3oKnO8P4B5XSAK26/5845xBPU8D06UuUqhct+mjfF5kM1CFxxex
 49W4rT7RJCpgGlwmRFFgRB3a9j7cW4C+Kt5MAfM++vudVrxnpnX6o3rdVDQ60PEZ
 C4T5u2jio/HuZAkPWYwwmIAz1vfqTjYpi0D12hn7yoBoketGcISlMuTgmwfjyQKg
 bn3JcjcjKtERfXSH36aCtnGAXJdf0Ok2WJtwS4kAcZiMByi5wf0AdEK0pnhmE3Y6
 YFPc0/RM50RXITnsDxmLZVRqpsAYr4l3RZvHwDDWVFMELWBsGWNF/kgzWlZ3/KjO
 4CUPE+810P4oVGJuRZ8++0hMSD0L1qh17awElpqLoBlDXfS1fEIw5QodbmoJzi0H
 mhiLH7fIZlpjoZyWuwNCzlkhykRLO4cEIaxxq28p5eoC70LXsv77rWqomfAja/6/
 88BQz6wrxHr0k4MmdOa+G8B5sMOBRVXXeW4bP1XCVGUfk8FN2rz0vlhbHk8sx/6/
 jqW19Bk3t2QnUZschBi1GKHKa0KkefFhTezTm/CV4fPmT50Z4k/+TTjJ6snSxAAX
 oYabJDtVARLgPxOcN64Hbsy1t5L9pWGLTfwbYBTVipX4lmofL9SHhgyg6oYVnZd5
 qbCVdqpYOOrbXXT/AByOuzo3tuaLMd8Ytas0I5/HHnI6QCTthg0=
 =/atT
 -----END PGP SIGNATURE-----

Merge tag 'v1.3.1'

libwebp-1.3.1

- 6/23/2023: version 1.3.1
  This is a binary compatible release.
  * security fixes for lossless encoder (#603, chromium: #1420107, #1455619,
    CVE-2023-1999)
  * improve error reporting through WebPPicture error codes
  * fix upsampling for RGB565 and RGBA4444 in NEON builds
  * img2webp: add -sharp_yuv & -near_lossless
  * Windows builds:
    - fix compatibility with clang-cl (#607)
    - improve Arm64 performance with cl.exe
    - add Arm64EC support
  * fix webp_js with emcc >= 3.1.27 (stack size change, #614)
  * CMake fixes (#592, #610, #612)
  * further updates to the container and lossless bitstream docs (#581, #611)

* tag 'v1.3.1':
  update ChangeLog
  update NEWS
  enc/*: normalize WebPEncodingSetError() calls
  enc/*: add missing WebPEncodingSetError() calls
  EncodeAlphaInternal: add missing error check
  vp8l_enc,WriteImage: add missing error check
  muxread,MuxImageParse: add missing error checks
  cmake,emscripten: explicitly set stack size
  WebPDecodeYUV: check u/v/stride/uv_stride ptrs
  Call png_get_channels() to see if image has alpha
  update ChangeLog
  update NEWS
  bump version to 1.3.1
  update AUTHORS
  update .mailmap

Bug: webp:608
Bug: b/281615350
Change-Id: Ic3e1956c92fef0ae22040bbc3e81b297c65008af
2023-06-28 19:34:13 -07:00
James Zern
6b1c722a5b lossless_common.h,cosmetics: fix a typo
Change-Id: I22d2f96fa1fd2e3c9f059c26996fb11d998159a9
2023-06-22 18:31:36 -07:00
James Zern
4339332038 enc/*: normalize WebPEncodingSetError() calls
return WebPEncodingSetError() directly where possible (it returns 0 /
failure for convenience).

Change-Id: I89a937778886c15ecbbe078af5b4c8c89ef0f9af
2023-06-21 16:43:00 -07:00
James Zern
287fdefe95 enc/*: add missing WebPEncodingSetError() calls
Users of the encoder (including anim_encode.c) and areas of the encoder
itself rely on the status returned via WebPPicture.

Change-Id: Id786176b8ac3b2329d1e41b9dacbb8dcc5d822e4
2023-06-21 16:43:00 -07:00
James Zern
c3bd7cff2e EncodeAlphaInternal: add missing error check
VP8LBitWriterFinish() may cause the VP8LBitWriter's buffer to be grown.
If that allocation fails, VP8LBitWriterNumBytes() will return a size
larger than the current allocation resulting in a heap overwrite of the
missing bytes.

==13==ERROR: AddressSanitizer: heap-buffer-overflow on address
0x61900005b880 at pc 0x00000049ffc1 bp 0x7fff144f5b40 sp 0x7fff144f5310
READ of size 1028 at 0x61900005b880 thread T0
    #0 0x49ffc0 in __asan_memcpy
    #1 0x695861 in VP8BitWriterAppend src/utils/bit_writer_utils.c:186:3
    #2 0x65acf9 in EncodeAlphaInternal src/enc/alpha_enc.c:169:14

Found by Nallocfuzz (https://github.com/catenacyber/nallocfuzz).

This is the same issue that was fixed in the non-alpha lossless path in:
d49cfbb3 vp8l_enc,WriteImage: add missing error check

Bug: chromium:1455619
Change-Id: I6bd10de213707d3d6b7ce3d0d2b3942af45d317f
2023-06-21 16:43:00 -07:00
Vincent Rabaud
64819c7cf3 Implement ExtractGreen_SSE2
Change-Id: I74f50e0c01603a640aa8cf7c9658d477e696ea8a
2023-06-19 13:31:46 +02:00
James Zern
d49cfbb348 vp8l_enc,WriteImage: add missing error check
VP8LBitWriterFinish() may cause the VP8LBitWriter's buffer to be grown.
If that allocation fails, VP8LBitWriterNumBytes() will return a size
larger than the current allocation resulting in a heap overwrite of the
missing bytes.

==3531848==ERROR: AddressSanitizer: heap-buffer-overflow on address
0x61d000000880 at pc 0x556eddfa1007 bp 0x7ffe434c7a90 sp 0x7ffe434c7260
READ of size 2052 at 0x61d000000880 thread T0
    #0 0x556eddfa1006 in __asan_memcpy
    #1 0x556eddfeeccf in WebPMemoryWrite src/enc/picture_enc.c:220:5
    #2 0x556ede0f9f87 in WriteImage src/enc/vp8l_enc.c:1454:8

Found by Nallocfuzz (https://github.com/catenacyber/nallocfuzz).

Change-Id: Ib1c9454c2c51849b0ba58c5347e6bd5b02a12fbe
2023-06-15 15:09:10 -07:00