Skip to content

Latest commit

 

History

History
969 lines (898 loc) · 106 KB

CHANGELOG.md

File metadata and controls

969 lines (898 loc) · 106 KB

Changelog

v2.5.2 (2024-02-28)

Full Changelog

Closed issues:

  • API breakage in 2.5.1 / openjpeg version no longer detected (openjpeg.h no longer includes opj_config.h) #1514

Merged pull requests:

  • openjpeg.h: make sure to include opj_config.h (fixes #1514) #1515 (rouault)

v2.5.1 (2024-02-26)

Full Changelog

Closed issues:

  • Exist a undefined-behavior issue in file src/lib/openjp2/dwt.c:2124 #1505
  • Potential double-free vulnerability in j2k.c #1498
  • opj_compress -I / -mct 0 should conflict each others #1485
  • Exist a undefined-behavior issue in file src/lib/openjp2/tcd.c:2327 #1480
  • OOM in opj_decompress #1476
  • v2.5.0 cannot be built successfully on aarch64 CentOS machine #1475
  • [ Heap Overflow ] opj_decompress #1473
  • Possible bug reading JP2 as grayscale when should be in color #1464
  • Crashes due to internal bad memory references when using reduce on a truncated file. #1459
  • No error.h (non standard compliant) #1453
  • JP2 File incorrectly decompressed to noise #1447
  • UB in tcd.c opj_tcd_dc_level_shift_decode - pointer arithmetic on NULL pointer #1445
  • UB in ht_dec.c opj_t1_ht_decode_cblk - memcpy invoked on NULL pointer #1444
  • Integer Overflow in src/lib/openjp2/image.c #1438
  • Integer-overflow · opj_t1_encode_cblk #1432
  • OSX m1 v2.5.0 build fail #1430
  • Pixel value could be changed by 0-4 after compression and decompression #1429
  • Cannot determine library version at compile time #1428
  • ARM builds on Windows unsupported with Version 2.5.0 #1422
  • opj_decompress heap overflow Denial of Service issue #1413
  • Color chanel swapping for some JPEG2000 pictures #1382
  • Heap-buffer-overflow in color.c:379:42 in sycc420_to_rgb #1347
  • No colorspace information after opj_read_header #570

Merged pull requests:

  • opj_t2_read_packet_header(): avoid unsigned integer overflow #1511 (rouault)
  • opj_dwt_decode_tile(): avoid potential UndefinedBehaviorSanitizer 'applying zero offset to null pointer' (fixes #1505) #1510 (rouault)
  • opj_decompress: fix off-by-one read heap-buffer-overflow in sycc420_to_rgb() when x0 and y0 are odd (CVE-2021-3575, fixes #1347) #1509 (rouault)
  • Always install pkgconfig files #1507 (kmilos)
  • CMake: drop support for cmake < 3.5 #1503 (domin144)
  • Fix compiler error on Windows #1502 (scaramallion)
  • opj_tcd_dc_level_shift_decode(): avoid increment nullptr (fixes #1480) #1496 (rouault)
  • Fix CI #1495 (rouault)
  • suppress warning during build using clang #1494 (tomoaki0705)
  • Add cmake version file #1493 (domin144)
  • fix ht_dec.c:1215 #1492 (headshog)
  • Integer Overflow at j2k.c:11114 #1491 (headshog)
  • Integer Overflow at j2k.c:3962 #1490 (headshog)
  • Fixed typos #1486 (radarhere)
  • Require stdint.h & inttypes.h #1484 (mayeut)
  • fix: use opj_uint_ceildiv instead of opj_int_ceildiv when necessary #1482 (mayeut)
  • ht_dec.c: Improve MSVC arm64 popcount performance #1479 (PeterJohnson)
  • opj_jp2_read_header(): move setting color_space here instead in opj_jp2_decode()/get_tile() (fixes #570) #1463 (rouault)
  • CMake: error out on warnings for strict/missing prototypes. #1462 (sebras)
  • Fix CI #1461 (rouault)
  • opj_t2_skip_packet_data(): avoid out-of-bounds reads on truncated images in non-strict mode (fixes #1459) #1460 (rouault)
  • Fix #1424 #1456 (autoantwort)
  • openjp2/j2k: replace sprintf calls with snprintf #1450 (markmentovai)
  • Fix incorrect decoding of image with large number of progression levels #1448 (rouault)
  • Fix Heap-buffer-overflow READ in opj_jp2_apply_pclr #1441 (sashashura)
  • Significant speed-up rate allocation by rate/distoratio ratio #1440 (rouault)
  • Make OpenJPEGConfig.cmake relocatable with CMake > 3.0 #1439 (arichardson)
  • Replace the assert in mel_init to an if statement to address an issue with fuzzing. #1436 (aous72)
  • opj_t1_encode_cblk(): avoid undefined behaviour on fuzzed input (fixes #1432) #1433 (rouault)
  • Build: fix linking of executables on some systems where TIFF/LCMS2 static libraries are not in system directories (fixes #1430) #1431 (rouault)
  • Fix opj_t1_allocate_buffers malloc size error #1426 (zodf0055980)
  • Switch to GNUInstallDirs [v2] #1424 (laumann)
  • Fix windows arm builds #1423 (Neumann-A)
  • pkgconfig: Define OPJ_STATIC for static linking with pkgconf #1421 (Biswa96)

v2.5.0 (2022-05-13)

Full Changelog

Merged pull requests:

Closed issues:

  • integer constant is too large for 'long' type #61
  • Openjpeg3D lossy compression not working #501
  • mj2: Array overflow #485
  • OPJ fails to decode image that KDU manages correctly #419
  • yuvtoimage() bug in v1 and v2 for 16-Bit: please apply ASAP #384
  • JP3D: Fix CVE-2013-4289 CVE-2013-4290 #298
  • MJ2 libraries are installed in lib #204
  • MJ2: realloc is misused and may leak memory #168
  • MJ2 wrapper not functional #143
  • JPWL is broken in trunk #137
  • MJ2 files not using OPENJPEG API correctly #53
  • Maximum bit depth supported by the OpenJPEG implementation of JP3D #9
  • does openjpeg support either visually lossless or numerically lossless jpeg2000 compression? #1406
  • extract jpeg2000 tile without decompression #1405
  • openjpeg doesn't install a relocatable shared lib on macOS #1404
  • pull request - the cinema industry awaits! #1400
  • Integer overflows in j2K #1399
  • why lossly compression performance worse than jpeg when compress png? #1393
  • cect #1389
  • the docs don't describe bpp and prec in opj_image_comp very well #1379
  • converting .png to .jp2 by opj_compress is different from the original image #1378
  • Comparison result is always the same #1372
  • Exist a issues of freeing uninitialized pointer in src/bin/jp2/opj_decompress.c,that will cause a segfault #1368
  • [TEST NOT RUNNING]: bigendian test #1355
  • opj_decompress 2.4.0 built with library 2.3.0. #1352
  • New library htjpeg2000 #1351
  • Integer Overflow in num_images #1338
  • All IMF Profile Selections Result in PART1 #1337
  • grayscale image #1334
  • error C2169: 'lrintf': intrinsic function, cannot be defined #1333
  • Generate lower-case extension #1332
  • color of reconstructed png file much darker #1330
  • CVE-2019-6988, CVE-2018-20846 and CVE-2018-16376 #1328
  • opj 2.4.0: opj_free missing in opj3d #1327
  • Not able to compress volumetric data #1326
  • HTML documents are not installed in specified place #1322
  • Can't find openjpeg.h when cross-compile. #1320
  • OpenJPEG is available with EasyConfig #1319
  • Building Test Programs #1318
  • Builds are not reproducible #1275
  • strange behaviour of opj_jp3d_compress/decompress utility #1274
  • Potential heap-based buffer overflow in function t2_encode_packet in src/lib/openmj2/t2.c and src/lib/openjp3d/t2.c #1272
  • Function tgatoimage in src/bin/jpwl/convert.c need to check that the file is big enough to avoid excessive memory allocations #1271
  • memory & cpu are exhausted when converting jp2 file into png #1250
  • Cannot compress PGX into JP3D despite following the directions? #1134
  • sscanf buffer overflow in opj_jp3d_compress.c #1130
  • integer underflow may lead to writing garbage #1089
  • sscanf buffer overflow #1087
  • strcpy overflows #1086
  • sprintf buffer overflows #1084
  • strcpy buffer overflow #1083
  • integer overflow in malloc() #1082
  • out of bounds writes #1078
  • out of bounds writes #1077
  • divide by zero, perhaps multiplication overflow #1076
  • missing format string parameter #1075
  • leaks from cppcheck in lib folder #1038
  • How to initialize DEBUG_PROFILE in color.c? #958
  • JP3D sample files #865
  • BIG_ENDIAN bug in jpwl.c #839
  • OpenJPEG fails to decode partial j2c where kdu succeeds #715
  • building mj2 binaries fails #652
  • openmj2\mj2.c: Out of bounds #646
  • bin\mj2\opj_mj2_decompress.c 101 wrong check / leak #608

v2.4.0 (2020-12-28)

Full Changelog

Closed issues:

  • OPENJPEG_INSTALL_DOC_DIR does not control a destination directory where HTML docs would be installed. #1309
  • Heap-buffer-overflow in lib/openjp2/pi.c:312 #1302
  • Heap-buffer-overflow in lib/openjp2/t2.c:973 #1299
  • Heap-buffer-overflow in lib/openjp2/pi.c:623 #1293
  • Global-buffer-overflow in lib/openjp2/dwt.c:1980 #1286
  • Heap-buffer-overflow in lib/openjp2/tcd.c:2417 #1284
  • Heap-buffer-overflow in lib/openjp2/mqc.c:499 #1283
  • Openjpeg could not encode 32bit RGB float image #1281
  • Openjpeg could not encode 32bit RGB float image #1280
  • ISO/IEC 15444-1:2019 (E) compared with 'cio.h' #1277
  • Test-suite failure due to hash mismatch #1264
  • Heap use-after-free #1261
  • Memory leak when failing to allocate object... #1259
  • Memory leak of Tier 1 handle when OpenJPEG fails to set it as TLS... #1257
  • Any plan to build release for CVE-2020-8112/CVE-2020-6851 #1247
  • failing to convert 16-bit file: opj_t2_encode_packet(): only 5251 bytes remaining in output buffer. 5621 needed. #1243
  • CMake+VS2017 Compile OK, thirdparty Compile OK, but thirdparty not install #1239
  • New release to solve CVE-2019-6988 ? #1238
  • Many tests fail to pass after the update of libtiff to version 4.1.0 #1233
  • Another heap buffer overflow in libopenjp2 #1231
  • Heap buffer overflow in libopenjp2 #1228
  • Endianness of binary volume (JP3D) #1224
  • New release to resolve CVE-2019-12973 #1222
  • how to set the block size,like 128,256 ? #1216
  • compress YUV files to motion jpeg2000 standard #1213
  • Repair/update Java wrapper, and include in release #1208
  • abc #1206
  • Slow decoding #1202
  • Installation question #1201
  • Typo in test_decode_area - *ptilew is assigned instead of *ptileh #1195
  • Creating a J2K file with one POC is broken #1191
  • Make fails on Arch Linux #1174
  • Heap buffer overflow in opj_t1_clbl_decode_processor() triggered with Ghostscript #1158
  • opj_stream_get_number_byte_left: Assertion `p_stream->m_byte_offset >= 0' failed. #1151
  • The fuzzer ignores too many inputs #1079
  • out of bounds read #1068

Merged pull requests:

  • Change defined WIN32 #1310 (Jamaika1)
  • docs: fix simple typo, producted -> produced #1308 (timgates42)
  • Set ${OPENJPEG_INSTALL_DOC_DIR} to DESTINATION of HTMLs #1307 (lemniscati)
  • Use INC_DIR for OPENJPEG_INCLUDE_DIRS (fixes uclouvain#1174) #1306 (matthew-sharp)
  • pi.c: avoid out of bounds access with POC (fixes #1302) #1304 (rouault)
  • Encoder: grow again buffer size #1303 (zodf0055980)
  • opj_j2k_write_sod(): avoid potential heap buffer overflow (fixes #1299) (probably master only) #1301 (rouault)
  • pi.c: avoid out of bounds access with POC (refs https://github.com/uclouvain/openjpeg/issues/1293\#issuecomment-737122836\) #1300 (rouault)
  • opj_t2_encode_packet(): avoid out of bound access of #1297, but likely not the proper fix #1298 (rouault)
  • opj_t2_encode_packet(): avoid out of bound access of #1294, but likely not the proper fix #1296 (rouault)
  • opj_j2k_setup_encoder(): validate POC compno0 and compno1 (fixes #1293) #1295 (rouault)
  • Encoder: avoid global buffer overflow on irreversible conversion when… #1292 (rouault)
  • Decoding: deal with some SPOT6 images that have tiles with a single tile-part with TPsot == 0 and TNsot == 0, and with missing EOC #1291 (rouault)
  • Free p_tcd_marker_info to avoid memory leak #1288 (zodf0055980)
  • Encoder: grow again buffer size #1287 (zodf0055980)
  • Encoder: avoid uint32 overflow when allocating memory for codestream buffer (fixes #1243) #1276 (rouault)
  • Java compatibility from 1.5 to 1.6 #1263 (jiapei100)
  • opj_decompress: fix double-free on input directory with mix of valid and invalid images #1262 (rouault)
  • openjp2: Plug image leak when failing to allocate codestream index. #1260 (sebras)
  • openjp2: Plug memory leak when setting data as TLS fails. #1258 (sebras)
  • openjp2: Error out if failing to create Tier 1 handle. #1256 (sebras)
  • Testing for invalid values of width, height, numcomps #1254 (szukw000)
  • Single-threaded performance improvements in forward DWT for 5-3 and 9-7 (and other improvements) #1253 (rouault)
  • Add support for multithreading in encoder #1248 (rouault)
  • Add support for generation of PLT markers in encoder #1246 (rouault)
  • Fix warnings about signed/unsigned casts in pi.c #1244 (rouault)
  • opj_decompress: add sanity checks to avoid segfault in case of decoding error #1240 (rouault)
  • ignore wrong icc #1236 (szukw000)
  • Implement writing of IMF profiles #1235 (rouault)
  • tests: add alternate checksums for libtiff 4.1 #1234 (rouault)
  • opj_tcd_init_tile(): avoid integer overflow #1232 (rouault)
  • tests/fuzzers: link fuzz binaries using $LIB_FUZZING_ENGINE. #1230 (Dor1s)
  • opj_j2k_update_image_dimensions(): reject images whose coordinates are beyond INT_MAX (fixes #1228) #1229 (rouault)
  • Fix resource leaks #1226 (dodys)
  • abi-check.sh: fix false positive ABI error, and display output error log #1218 (rouault)
  • pi.c: avoid integer overflow, resulting in later invalid access to memory in opj_t2_decode_packets() #1217 (rouault)
  • Add check to validate SGcod/SPcoc/SPcod parameter values. #1211 (sebras)
  • Fix buffer overflow reading an image file less than four characters #1196 (robert-ancell)
  • compression: emit POC marker when only one single POC is requested (f… #1192 (rouault)
  • Fix several potential vulnerabilities #1185 (Young-X)
  • openjp2/j2k: Report error if all wanted components are not decoded. #1164 (sebras)

v2.3.1 (2019-04-02)

Full Changelog

Closed issues:

  • v2.2.0 regression for decoding images where TNsot == 0 #1120
  • Int overflow in jp3d #1162
  • Heap buffer overflow in opj_j2k_update_image_data() triggered with Ghostscript #1157
  • LINUX install doesn't work when building shared libraries is disabled #1155
  • OPENJPEG null ptr dereference in openjpeg-2.3.0/src/bin/jp2/convert.c:2243 #1152
  • How to drop certain subbands/layers in DWT #1147
  • where is the MQ-Coder ouput stream in t2.c? #1146
  • OpenJPEG 2.3 (and 2.2?) multi component image fails to decode with KDU v7.10 #1132
  • Missing checks for header_info.height and header_info.width in function pnmtoimage in src/bin/jpwl/convert.c, which can lead to heap buffer overflow #1126
  • Assertion Failure in jp2.c #1125
  • Division-by-zero vulnerabilities in the function pi_next_pcrl, pi_next_cprl and pi_next_rpcl in src/lib/openjp3d/pi.c #1123
  • Precinct switch (-c) doesn't right-shift last record to remaining resolution levels #1117
  • Sample: encode J2K a data using streams??? #1114
  • HIGH THROUGHPUT JPEG 2000 (HTJ2K) #1112
  • How to build openjpeg for arm linux? #1108
  • crash #1106
  • JP2000 returning OPJ_CLRSPC_UNKNOWN color space #1103
  • Compilation successful but install unsuccessful: Calling executables throws libraries missing error #1102
  • fprintf format string requires 1 parameter but only 0 are given #1093
  • fprintf format string requires 1 parameter but only 0 are given #1092
  • sprintf buffer overflow #1088
  • sprintf buffer overflow #1085
  • Infinite loop when reading jp2 #1081
  • missing format string parameter #1074
  • Excessive Iteration in opj_t1_encode_cblks (src/lib/openjp2/t1.c) #1059
  • Out-of-bound left shift in opj_j2k_setup_encoder (src/lib/openjp2/j2k.c) #1057
  • Encode image on Unsplash #1054
  • Integer overflow in opj_t1_encode_cblks (src/lib/openjp2/t1.c) #1053
  • Signed Integer Overflow - 68065512 #1048
  • Similar vulnerable functions related to CVE-2017-14041 #1044
  • [ERROR] COD marker already read. No more than one COD marker per tile. #1043
  • failing to install latest version of openjpeg from source #1041
  • Trouble compressing large raw image #1032
  • Download and installed code from 2.3 archive. Installing 2.2? #1030
  • missing fclose #1029
  • NULL Pointer Access in function imagetopnm of convert.c(jp2):1289 #860
  • NULL Pointer Access in function imagetopnm of convert.c:2226(jp2) #859
  • Heap Buffer Overflow in function imagetotga of convert.c(jp2):942 #858

Merged pull requests:

  • abi-check.sh: fix broken download URL #1188 (rouault)
  • opj_t1_encode_cblks: fix UBSAN signed integer overflow #1187 (rouault)
  • convertbmp: detect invalid file dimensions early (CVE-2018-6616) #1172 (hlef)
  • color_apply_icc_profile: avoid potential heap buffer overflow #1170 (rouault)
  • Fix multiple potential vulnerabilities and bugs #1168 (Young-X)
  • Fix several memory and resource leaks #1163 (nforro)
  • Fix some potential overflow issues #1161 (stweil)
  • jp3d/jpwl convert: fix write stack buffer overflow #1160 (hlef)
  • Int overflow fixed #1159 (ichlubna)
  • Update knownfailures- files given current configurations #1149 (rouault)
  • CVE-2018-5785: fix issues with zero bitmasks #1148 (hlef)
  • openjp2/jp2: Fix two format strings #1143 (stweil)
  • Changes in pnmtoimage if image data are missing #1141 (szukw000)
  • Relative path to header files is hardcoded in OpenJPEGConfig.cmake.in file #1140 (bukatlib)
  • Cast on uint ceildiv #1136 (reverson)
  • Add -DBUILD_PKGCONFIG_FILES to install instructions #1133 (robe2)
  • Fix some typos in code comments and documentation #1128 (stweil)
  • Fix regression in reading files with TNsot == 0 (refs #1120) #1121 (rouault)
  • Use local type declaration for POSIX standard type only for MS compiler #1119 (stweil)
  • Fix Mac builds #1104 (rouault)
  • jp3d: Replace sprintf() by snprintf() in volumetobin() #1101 (kbabioch)
  • opj_mj2_extract: Rename output_location to output_prefix #1096 (kbabioch)
  • mj2: Add missing variable to format string in fprintf() invocation in meta_out.c #1094 (kbabioch)
  • Convert files to UTF-8 encoding #1090 (stweil)
  • fix unchecked integer multiplication overflow #1080 (setharnold)
  • Fixed typos #1062 (radarhere)
  • Note that seek uses SEEK_SET behavior. #1055 (ideasman42)
  • Some Doxygen tags are removed #1050 (szukw000)
  • Fix resource leak (CID 179466) #1047 (stweil)
  • Changed cmake version test to allow for cmake 2.8.11.x #1042 (radarhere)
  • Add missing fclose() statement in error condition. #1037 (gfiumara)

v2.3.0 (2017-10-04)

Full Changelog

Implemented enhancements:

  • Sub-tile decoding: only decode precincts and codeblocks that intersect the window specified in opj_set_decode_area() #990 (rouault)
  • Sub-tile decoding: only apply IDWT on areas that participate to the window of interest #1001 (rouault)
  • Sub-tile decoding: memory use reduction and perf improvements #1010 (rouault)
  • Add capability to decode only a subset of all components of an image. #1022 (rouault)

Fixed bugs:

  • Setting x offset of decode region to -1 causes opj_decompress to go into infinite loop #736
  • Problem decoding multiple tiles with get_decoded_tile when cmap/pclr/cdef boxes are present in jp2 file #484
  • set reduce_factor_may_fail #474
  • opj_compress.exe, command line parser, infinite loop #469
  • Various memory access issues found via fuzzing #448
  • Multiple warnings when building OpenJPEG (trunk) #442
  • Bulk fuzz-testing report #427
  • remove all printf from openjpeg / use proper function pointer for logging #371
  • minor changes, clean-up #349
  • image->numcomps > 4 #333
  • Improve support for region of interest #39
  • Public function to tell kernel type used (5x3 vs 9x7) #3
  • elf binary in source package ? #1026
  • opj_cio_open #1025
  • Building with Visual Studio 2015 #1023
  • tcd.cpp>:1617:33: error: assigning to 'OPJ_INT32 *' (aka 'int *') from incompatible type 'void *' #1021
  • j2k.cpp > comparison of address of 'p_j2k->m_cp.tcps[0].m_data' not equal to a null pointer is always true #1020
  • Openjpeg 2.2.0 always build shared library even though -DBUILD_SHARED_LIBS:bool=off #1019
  • missing fclose #1018
  • Use opj_image_data_free instead of opj_free for image->comps[].data #1014
  • malloc poison on some compilers - cross compiling #1013
  • Add OPJ_VERSION_MAJOR, OPJ_VERSION_MINOR, OPJ_VERSION_MICRO macros in openjpeg.h #1011
  • Encode: do not perform rate control for single-tile lossless #1009
  • opj_set_decoded_resolution_factor(): bad interaction with opj_set_decode_area() and/or opj_decode() #1006
  • memory allocation failure with .pgx file #999
  • Unable to fuzz with raw image as input #998
  • stack-based buffer overflow write in pgxtoimage (/convert.c) #997
  • freeze with a crafted bmp #996
  • invalid memory write in tgatoimage (convert.c) #995
  • static build on Windows fails #994
  • another heap-based buffer overflow in opj_t2_encode_packet (t2.c) #993
  • heap-based buffer overflow in opj_t2_encode_packet (t2.c) #992
  • heap-based buffer overflow in opj_write_bytes_LE (cio.c) (unfixed #985) #991
  • heap overflow in opj_compress #988
  • heap overflow in opj_decompress #987
  • heap-based buffer overflow in opj_bio_byteout (bio.c) #986
  • heap-based buffer overflow in opj_write_bytes_LE (cio.c) #985
  • memory allocation failure in opj_aligned_alloc_n (opj_malloc.c) #983
  • heap-base buffer overflow in opj_mqc_flush (mqc.c) #982
  • Decode fails for JP2s with ICC profile #981
  • Unit tests failing on Ubuntu 17.04 #916
  • Encoder crashes on small images #901
  • openjpeg-1.5.3 fails to compile #830
  • opj_compress crops image (win) or creates a jp2 which cannot be decompressed (lin) #716
  • -d flag is silently ignored when decoding a single tile #693
  • transition away from dev-utils #628
  • update instructions to build with Visual Studio and 64-Bit Visual C++ Toolset. #1028 (quangnh89)
  • Add missing newline at end of file #1024 (stweil)
  • merge master into coverity_scan to update coverity results #1008 (detonin)
  • Use more const qualifiers #984 (stweil)
  • Changes in converttif.c for PPC64 #980 (szukw000)

v2.2.0 (2017-08-10)

Full Changelog

Implemented enhancements:

  • Memory consumption reduction at decoding side #968 (rouault)
  • T1 & DWT multithreading decoding optimizations #786 (rouault)
  • Tier1 decoder speed optimizations #783 (rouault)
  • Inverse DWT 5x3: lift implementation / SSE accelerated version #953
  • install static libraries #969 (jeroen)
  • IDWT 5x3 single-pass lifting and SSE2/AVX2 implementation #957 (rouault)
  • build both shared and static library #954 (jeroen)
  • T1 flag optimizations (#172) #945 (rouault)
  • CMake: add stronger warnings for openjp2 lib/bin by default, and error out on declaration-after-statement #936 (rouault)
  • Quiet mode for opj_decompress via -quiet long parameter. #928 (RussellMcOrmond)
  • Implement predictive termination check #800 (rouault)

Fixed bugs:

  • Several issues spotted by Google OSS Fuzz - see here
  • Missing fclose #976
  • Heap buffer overflow read in openjpeg imagetopnm #970
  • opj_decompress opj_j2k_update_image_data() Segment falut #948
  • Generic Crash in 1.5.0 #941
  • Segmentation Faults #940
  • Assertions thrown #939
  • Floating Point Errors #938
  • Division by zero crash #937
  • malformed jp2 can cause heap-buffer-overflow #909
  • NULL dereference can cause by malformed file #908
  • Out of bound read in opj_j2k_add_mct #907
  • Check bpno_plus_one in opj_t1_decode_cblk #903
  • Undefined-shift in opj_j2k_read_siz #902
  • opj_compress v2.1.2 can create images opj_decompress cannot read #891
  • Improper usage of opj_int_ceildiv can cause overflows #889
  • Undefined shift in opj_get_all_encoding_parameters #885
  • Denial of service (crash) due to use-after-free when decoding an illegal JPEG2000 image file v2.1.2 (2017-04 #880
  • Denial of service (crash) when decoding an illegal JPEG2000 image file v2.1.2 (2017-03) #879
  • bug png 2 j2k #868
  • Inconsistent compression using cinema settings on folder of non-compliant image #864
  • Openjpeg-2.1.2 Heap Buffer Overflow Vulnerability due to Insufficient check #862
  • Heap Buffer Overflow in function pnmtoimage of convert.c #861
  • CVE-2016-9112 FPE(Floating Point Exception) in lib/openjp2/pi.c:523 #855
  • CVE-2016-5139, CVE-2016-5152, CVE-2016-5158, CVE-2016-5159 #854
  • Undefined Reference error #853
  • opj_compress with lossy compression results in strange pixel values #851
  • CVE-2016-1626 and CVE-2016-1628 #850
  • Out-of-Bounds Write in opj_mqc_byteout of mqc.c #835
  • WARNING in tgt_create tree->numnodes == 0, no tree created. #794
  • Potential overflow when precision is larger than 32 #781
  • division-by-zero in function opj_pi_next_rpcl of pi.c (line 366) #780
  • division-by-zero in function opj_pi_next_rpcl of pi.c (line 363) #779
  • division-by-zero in function opj_pi_next_pcrl of pi.c (line 447) #778
  • division-by-zero in function opj_pi_next_pcrl of pi.c (line 444) #777
  • Encoding the following file with 32x32 tiling produces jp2 image with artifact #737
  • division-by-zero (SIGFPE) error in opj_pi_next_cprl function (line 526 of pi.c) #732
  • division-by-zero (SIGFPE) error in opj_pi_next_cprl function (line 523 of pi.c) #731
  • OpenJpeg 2.1 and 1.4 fails to decompress this file correctly #721
  • MQ Encode :uninitialized memory access when first pass does not output any bytes #709
  • Out-of-bounds read in opj_j2k_update_image_data and opj_tgt_reset function #704
  • Remove opj_aligned_malloc / opj_aligned_realloc / opj_aligned_free? #689
  • There is an issue with rendering some type of jpeg file. Please ref the link. #672
  • Null Dereference in tcd_malloc_decode_tile #657
  • ETS-C1P0-p0_12.j2k-compare2ref & NR-C1P0-p0_12.j2k-compare2base failing under windows #655
  • Memory leak #631
  • Test 481 reports error in valgrind memcheck #612
  • reserved identifier violation #587
  • Buffer overflow when compressing some 16 bits images of the test suite #539
  • Heap-buffer-overflow in opj_dwt_decode_1 #480
  • Automated fuzz testing #468
  • Expected to find EPH marker #425
  • read: segment too long (6182) with max (35872) for codeblock 0 (p=19, b=2, r=5, c=1) #284
  • building 64bit version has lots of warnings #244
  • Wrong encoding of small tiles with high level number #239
  • Errors raised in pi.c by VS11 analyzer #190
  • Undocumented optimization found in v2 branch of openjpeg #183
  • T1 optimisations jpeg2000 #172
  • Remove OPJ_NOSANITIZE in opj_bio_read() and opj_bio_write() (#761) #955 (rouault)
  • Fix bypass pterm termall and lossless decomposition issue (#891, #892) #949 (rouault)
  • Escape quotes to ensure README renders on GitHub correctly #914 (alexwlchan)
  • Remove spurious .R macros from manpages #899 (jwilk)
  • Remove warnings related to empty tag-trees. #893 (rouault)

Maintenance-related tasks:

  • Submit OpenJPEG to oss-fuzz #965
  • Updates for Doxygen to suppress warnings #849
  • Remove useless knownfailures (since LAZY encoding is fixed) #964 (rouault)
  • Enable AVX2 at runtime on Travis-CI and AppVeyor #963 (rouault)
  • Tests: test opj_compress in VSC mode (related to #172) #935 (rouault)
  • Reformat: apply reformattin on .h files (#128) #926 (rouault)
  • Add mechanisms to reformat and check code style, and reformat whole codebase (#128) #919 (rouault)
  • Add profiling of CPU and memory usage (#912) #918 (rouault)
  • Add performance benchmarking scripts #917 (rouault)
  • Fix retrieval of jpylyzer in AppVeyor #915 (rouault)

v2.1.2 (2016-09-28)

Full Changelog

Closed issues:

  • null ptr dereference in convert.c:1331 #843
  • Out-of-Bounds Read in function bmp24toimage of convertbmp.c #833
  • Disable automatic compilation of t1_generate_luts in CMakeLists.txt #831
  • CVE-2016-7163 Integer overflow in opj_pi_create_decode #826
  • Security Advisory for OpenJPEG #810
  • Add dashboard with static lib #804
  • hidden visibility for the static library / building with -DOPJ_STATIC against shared lib #802
  • Optimization when building library from source #799
  • unsigned int16 on Solaris 11.2/sparc #796
  • appveyor #793
  • FFMpeg will not link to 2.1.1 release built as shared library #766
  • API change since v2: opj_event_mgr_t not available #754
  • openjpeg.h needs dependencies #673
  • "master" does not build on ubuntu #658
  • Package 'openjp2', required by 'libopenjpip', not found #594

Merged pull requests:

v2.1.1 (2016-07-05)

Full Changelog

Implemented enhancements:

  • opj_malloc replacement #625
  • backport "-p" and "-force-rgb" options in 1.5 #606
  • Use travis-ci matrix build #581
  • Add Coverity Scan analysis #580
  • Unnecessary rate distortion calculations #479
  • Add images from various security issues to test suite #415
  • Coding speed for 9/7 on 32bits platforms (x86/ARM) can be improved with a quick fix #220

Fixed bugs:

  • Out-of-Bounds Access in function opj_tgt_reset of tgt.c #775
  • Heap Buffer Overflow in function color_cmyk_to_rgb of color.c #774
  • division-by-zero (SIGFPE) error in opj_tcd_init_tile function (line 730 of tcd.c) #733
  • Out-Of-Bounds Read in sycc422_to_rgb function #726
  • Heap Corruption in opj_free function #725
  • Out-Of-Bounds Read in opj_tcd_free_tile function #724
  • Cannot handle box of undefined size #653
  • Compilation fails without platform-supplied aligned malloc #642
  • HP compiler warns about redeclaration of static function #640
  • Implementation-defined behavior of malloc causes different behavior on Linux and AIX #635
  • Build on AIX fails because "opj_includes.h" is included after system headers #633
  • Compiling with SSE2 on Linux 32-bit causes crashes in OpenJPEG #624
  • Build on AIX fails because of "restrict" pointers #620
  • bug in new tif conversion code #609
  • bin/jp2/convert.c line 1085 Resource leak #607
  • bin/jp2/convert.c memory leak #601
  • Resource leak in opj_j2k_create_cstr_index in case of failure #599
  • Resource leak in opj_j2k_encode in case of failure #598
  • Resource leak in opj_j2k_decode_one_tile in case of failure #597
  • Resource Leak #573
  • opj_compress fails to compress lossless on gcc/x86 (-m32) #571
  • Use-after-free in opj_j2k_write_mco #563
  • openjpeg-master-2015-07-30 failed to compile on LINUX #556
  • PNG images are always read as RGB(A) images #536
  • g4_colr.j2c not handled properly #532
  • Bigendian: opj_compress + opj_decompress fails #518
  • Suspicious code in j2k.c #517
  • Decode times almost double(!!) on Visual Studio 2013, 2015 #505
  • opj_data/input/nonregression/issue226.j2k #500
  • opj_setup_encoder always returns true #497
  • Double free in j2k_read_ppm_v3 parsing ((presumably invalid) image. #496
  • Invalid write in opj_j2k_update_image_data #495
  • Undefined printf format specifier %ud used in code #494
  • Potential double free on malloc failure in opj_j2k_copy_default_tcp_and_create_tcp() #492
  • Do not link with -ffast-math #488
  • Heap-buffer-overflow in opj_dwt_decode #486
  • opj_dump fails on Windows 7, 64 bits #482
  • SIGSEGV in opj_j2k_update_image_data via pdfium_test #481
  • Heap-buffer-overflow in opj_j2k_tcp_destroy #477
  • Invalid image causes write past end of heap buffer #476
  • Assertion `l_res->x0 >= 0' fails when parsing invalid images #475
  • Bug on opj_write_bytes_BE function #472
  • Refactor j2k_read_ppm_v3 function #470
  • compression: strange precinct dimensions #466
  • (:- Console message in opj_decompress -:) #465
  • opj_decompress fails to decompress any files #463
  • bio->ct is unnecessarily set to zero in opj_bio_flush method #461
  • Maximal unsigned short is 65535, not 65536 #460
  • OpenJpeg fails to encode components with different precision properly #459
  • component precision upscaling isn't correct in opj_decompress #458
  • Multiple precision components won't get encoded to jp2 if 1 component is unsigned 1 bit #457
  • Incorrect code in ../bin/jp2/convert.c, function rawtoimage_common(...) #456
  • [OpenJPEG-trunk] opj_stream_get_number_byte_left throws assert #455
  • NR-DEC-kodak_2layers_lrcp.j2c-31-decode-md5 fails randomly when running tests in parallel #454
  • compare_raw_files doesn't report an error on invalid arguments / missing input files #453
  • Forward discrete wavelet transform: implement periodic symmetric extension at boundaries #452
  • Bug in tiff reading method in convert.c #449
  • Image in pdf don't display #447
  • Multiple issues causing opj_decompress to segfault #446
  • opj_compress: 40% of encode time is spent freeing data #445
  • Multiple warnings when configuring OpenJPEG on MacOS with CMake 3.x (trunk) #443
  • valgrind memleak found #437
  • global-buffer-overflow src/lib/openjp2/t1.c:1146 opj_t1_getwmsedec #436
  • Warning introduced on trunk r2923 & r2924 #435
  • heap-buffer-overflow in opj_t1_decode_cblks #432
  • Heap-buffer-overflow in opj_tcd_init_decode_tile #431
  • Heap-buffer-overflow in opj_j2k_tcp_destroy #430
  • Heap-buffer-overflow in opj_jp2_apply_pclr #429
  • issue412 revisited #428
  • Image distorted (sides look cankered) #423
  • openjpeg-2.x-trunk-r2918 is broken in color.c #422
  • Heap-buffer-overflow in opj_tcd_init_decode_tile #420
  • Heap-use-after-free in opj_t1_decode_cblks #418
  • UNKNOWN in opj_read_bytes_LE #417
  • Transparency problem #416
  • Image with per channel alpha (cdef) does not decode properly #414
  • OpenJPEG crashes with attached image #413
  • Palette image with cdef fails to decompress #412
  • Invalid member values from opj_read_header or opj_decode ? #411
  • MD5 Checksum hangs under valgrind on MacOS X #410
  • Heap-buffer-overflow in opj_tcd_get_decoded_tile_size #408
  • C++ style comments in trunk/src/lib/openjp2/j2k.c #407
  • Backport bugfixes from trunk to 2.1 branch #405
  • Heap-buffer-overflow in parse_cmdline_encoder #403
  • Heap-buffer-overflow in opj_v4dwt_interleave_h #400
  • Heap-buffer-overflow in opj_dwt_decode #399
  • Heap-use-after-free in opj_t1_decode_cblks #398
  • Heap-buffer-overflow in opj_jp2_apply_cdef #397
  • Heap-buffer-overflow in opj_t2_read_packet_header #396
  • Heap-buffer-overflow in opj_t2_read_packet_header #395
  • Heap-buffer-overflow in opj_dwt_decode_1 #394
  • Heap-double-free in j2k_read_ppm_v3 #393
  • Security hole in j2k.c #392
  • Security: double-free in opj_tcd_code_block_dec_deallocate #391
  • check for negative-size params in code #390
  • Heap-buffer-overflow in opj_t2_read_packet_header #389
  • Heap overflow in OpenJpeg 1.5.2 #388
  • openjpip.so.6 file too short #387
  • Corrupted JP3D file #386
  • variable assigned to itself #383
  • Null pointer dereferencing #382
  • bad use of case statement #381
  • Release 2.1 as a Ubuntu package #380
  • Bug in libopenjpwl.pc #374
  • inconsistent tile numbering in decode output message #370
  • error in code block calculations #369
  • r2872 fails to compile due to "attempt to use poisoned malloc" error in j2k.c #368
  • OSX build gives libopenjp2.6.dylib with not-absolute install name id #367
  • opj_decompress gives error but successfully decompress in OPJ 2.1 #366
  • pngtoimage() and imagetopng() have wrong byte order for 16-Bit image #365
  • PDF crash in chrome - part2 (due to attachment limit) #364
  • PDF crash in chrome - part1 #363
  • PDF crash in chrome - part0 #362
  • Compilation fails on Windows with mingw32 gcc4.8 #361
  • security issue #360
  • improve memory management #359
  • how to compress a yuv420 raw data using opj_compress #357
  • Some memory allocation are not checked #355
  • Static library symbols shall be marked as hidden #354
  • opj_compress rejects valid bmp files #353
  • opj_compress crashes when number of resolutions is set to zero #352
  • Compilation error under Visual Studio 2003 #351
  • opj_compress description example error [Low priority] #350
  • opj_write_bytes_BE is wrong in trunk #345
  • PART1ONLY option in release.sh doesn't work properly #332
  • openjpeg crash error #330
  • openjpeg decompress error #329
  • openjpeg decompress issue #326
  • limited tif support #322
  • asoc value of 65536 is allowed #321
  • opj_skip_from_file error #314
  • Heavy quota usage in openjpeg #309
  • Verify -help actually match letter #307
  • g3_colr.j2c not handled #288
  • reopen/fix issue 165 #280
  • kakadu conformance tests #279
  • missing break after case statement in opj_dwt_decode_real #274
  • Run Coverity on trunk #270
  • NR-ENC-random-issue-0005.tif-12-encode #259
  • Use new add_test signature to handle cross compilation #258
  • Loss decoding quality in 2.0.0 #254
  • Decompress that worked in 1.5.1 fails in 2.0 #252
  • Expected endianness with raw input is not documented leading to SEGFAULT #251
  • OpenJPEG writes to stderr #246
  • Inconsistent logging of tile index #245
  • patch for openjpeg-trunk-r2347 and BIG_ENDIAN #242
  • CMAP: MTYP == 0 (direct use) not handled properly #235
  • Black Pixel #233
  • opj_compress runtime error after fresh Linux install due to apparent failure to execute ldconfig #219
  • openjp2 debug works, release build does not #217
  • openjpeg-branch15-r2299 and openjpeg-trunk-r2299 fail to decode a JP2 file #212
  • openjpeg-trunk issue with Win7 #201
  • undefined reference to `opj_version' #200
  • In tgt.c we used fprintf not the openjpeg message reporter #184
  • Windows binaries not working under WinXP #176
  • add ability to use intel ipp (performance primitive) within OpenJPEG #164
  • Migration guide v2 #160
  • Cannot decompress JPEG2000Aware3.18.7.3Win32_kdutranscode6.3.1.j2k #158
  • Cannot decompress JPEG2000Aware3.18.7.3Win32.j2k #157
  • [email protected] has disappeared #153
  • OpenJPEG 1.5.0 crashes on a ridiculously big file... #151
  • opj_image vs free #146
  • Windows .dll file invalid #140
  • Problem with second layer of a 2 layer coded LRCP (with precincts) #135
  • version 1.4 crashes when opening PDF file with JPEG2000 images #133
  • Setup a win64 dashboard #132
  • J2KP4files/codestreams_profile0/p0_13.j2k question jpeg2000 #131
  • Out of memory: Kill process 11204 (opj_server) score 917 or sacrifice child #123
  • FILE* in opj API is unsafe #120
  • third-party lib order #119
  • openjpeg-1.5.0-Darwin-powerpc.dmg is huge ! #113
  • misleading info in JP2 box lead to wrong number of components #110
  • Image_to_j2k says that j2k files is generated but no file is on the HDD #109
  • Error in openjpegV1.4 on compiling image_to_j2k: crash on reading bmp file #108
  • Update to abi-compliance-checker 1.96 #106
  • Decode error on the attached JPEG...works in KDU and with JASPER...please help! #101
  • Mac binaries v1.4 is broken #95
  • jp2_read_boxhdr() has size bug in version 1 #92
  • Support for Java JAI Imageio #90
  • encoding test failing #86
  • source archive on demand #85
  • CMakeLists.txt and Makefile.am for JPIP are buggy #84
  • pclr-cmap-cdef #82
  • Error when compiling openjpeg_v1_4_sources_r697 #79
  • J2K codec issue on Windows Mobile #77
  • image_to_j2k.exe crashes on large .bmp file #75
  • fatal error C1900 building the project on windows #65
  • same option but different size #54
  • Missing openjpegConfigure.h #38
  • Not an issue in openjpeg, but ... #37
  • OpenJPEG-1.3.0 pclr, cmap and cdef #27
  • realloc maybe too big (t2.c) #26
  • libopenjpeg/opj_malloc.h breaks on FreeBSD/Darwin systems #20
  • image_to_j2k not outputting to win32 console properly #18
  • [OpenJPEG] OpenJPEG_v13: tiled image part 2 #17
  • JP2 Color Space modification by Matteo Italia #13
  • Patch submission ( exotic video formats, and a few things ) #12
  • 16 bits lossy compression #10
  • pnm file formats not accepting bitdepth greater than 8 bpp #8
  • Heap corruption in j2k encoder #5
  • JPWL crash in marker reallocation(+patch), segfault while decoding image with main header protection #4
  • a couple of small errors in libopenjpeg detected by coverity #1

Closed issues:

  • Shared library build broken on ubuntu #728
  • opj_includes.h shouldn't define \_\_attribute\_\_ #727
  • Possible website problems due to Jekyll upgrade #713
  • Stable Release? #712
  • Meta Issue : try to fix some of these critical bugs before thinking about optimizing the library #710
  • Tiled encoding broken for images with non power of 2 dimensions #702
  • install_name (still) not set on OS X #700
  • Add section in wiki describing where one can get test images #699
  • Make EvenManager into singleton #698
  • Remove old branches from repo #696
  • MQ Coder encode: Conditional jump or move depends on uninitialised value(s) #695
  • Can we add these files to our test suite ? #688
  • -t and -d command line flags for decode are not documented on OpenJPEG website #685
  • Decoding at the precinct level #676
  • Support unscaled 10 bit data for 2K cinema @ 48 FPS, as per DCI standard #671
  • Use parallel jobs in ctest #664
  • [Security]Multiple Memory error #663
  • lossy encoding a 16 bit TIF file : severe artifacts in decompressed image #660
  • opj_compress and opj_decompress : get_next_file method uses hard-coded unix path separator #630
  • Uninitialized variable #629
  • Use of enum variable for bit flags prevents compilation as C++ source #619
  • Serious problem with quantization during lossy encoding #615
  • Decompression does not work with sequential data source #613
  • potential overflow in opj_tcd_tile_t #605
  • Logical condition #596
  • file9.jp2 does not dump correctly on 1.5 #595
  • opj_compress man page is missing documentation of -jpip option #593
  • opj_compress fails to compress lossless on gcc/x86 (-m32) in 1.5 branch #591
  • Example: opj_compress -i image.j2k -o image.pgm #577
  • Mismatching delete #575
  • Compilation fails on Win7 #546
  • NR-JP2-file5.jp2-compare2base fails with third party libcms #540
  • CTest spits out an error at the end of the test run #516
  • opj_uint_adds() is questionable #515
  • Might consider renaming this method: #491
  • opj_compress run twice gives different fiile sizes for same file #490
  • Android Support #483
  • Add SSE2/SSE41 implementations for mct.c #451
  • Reduce encoder code block memory usage for non 64x64 code block sizes #444
  • valgrind "Uninitialized Memory Read" & "Uninitialized Memory Conditional" found #438
  • No way to debug opj_tcd_init_encode_tile or opj_tcd_init_decode_tile #433
  • Add option to call dsymutil on built binaries #409
  • Allow opj_compress and opj_decompress to read/write images over stdin/stdout #379
  • reduce memory significantly for single tile RGB encoding #375
  • Switch code repo to github and start using pull request workflow #373
  • This is a BigTIFF file. This format not supported #125
  • Add a test suite to check the convert functions #99
  • Add build config to the dashboard to verify the autotools build #88

Merged pull requests:

version.2.1 (2014-04-29)

List of fixed issues and enhancements unavailable, see NEWS or Full Changelog

version.2.0.1 (2014-04-22)

List of fixed issues and enhancements unavailable, see NEWS or Full Changelog

version.1.5.2 (2014-03-28)

List of fixed issues and enhancements unavailable, see NEWS or Full Changelog

version.2.0 (2014-03-28)

List of fixed issues and enhancements unavailable, see NEWS or Full Changelog

version.1.5.1 (2012-09-13)

List of fixed issues and enhancements unavailable, see NEWS or Full Changelog

version.1.5 (2012-02-07)

List of fixed issues and enhancements unavailable, see NEWS or Full Changelog

version.1.3 (2011-07-03)

List of fixed issues and enhancements unavailable, see NEWS or Full Changelog

version.1.4 (2011-07-03)

List of fixed issues and enhancements unavailable, see NEWS or Full Changelog

version.1.2 (2007-06-04)

List of fixed issues and enhancements unavailable, see NEWS or Full Changelog

version.1.1 (2007-01-31)

List of fixed issues and enhancements unavailable, see NEWS or Full Changelog

* This Change Log was automatically generated by github_changelog_generator