kmx git

Commit	Date	Message
aa9db616	2019-04-15T17:55:47	x86 SIMD: Check for CPUID leaf 07H before using According to Intel's manual [1], "If a value entered for CPUID.EAX is higher than the maximum input value for basic or extended function for that processor then the data for the highest basic information leaf is returned." Right now, libjpeg-turbo doesn't first check that leaf 07H is supported before attempting to use it, so the ostensible AVX2 bit (Bit 05) of the CPUID result might actually be Bit 05 from a lower leaf. That bit might be set, even if the CPU doesn't support AVX2. This commit modifies the x86 and x86-64 SIMD feature detection code so that it first checks whether CPUID leaf 07H is supported before attempting to use it to check for AVX2 instruction support. DRC: This commit should fix https://bugzilla.mozilla.org/show_bug.cgi?id=1520760 However, I have not personally been able to reproduce that issue, despite using a Nehalem (pre-AVX2) CPU on which the maximum CPUID leaf has been limited via a BIOS setting. Closes #348 [1] "Intel® 64 and IA-32 Architectures Software Developer's Manual, Volume 2 (2A, 2B, 2C & 2D): Instruction Set Reference, A-Z", https://software.intel.com/sites/default/files/managed/a4/60/325383-sdm-vol-2abcd.pdf, page 3-192.
2b05d47b	2019-04-15T13:38:15	ChangeLog.md: Document 33011754
a4aa30d9	2019-02-13T22:03:31	ChangeLog.md: "floating-point"="floating point"
1c2d3cfa	2019-01-30T12:43:45	MMI: Fix comp. perf. issue w/ unaligned image rows Using ldc1 with a non-64-bit-aligned memory location causes as much as a 10x slow-down in overall compression performance.
2d0b675a	2019-01-25T16:46:02	Build: Fix install of static build w/ VStudio IDE Unfortunately, this hack is necessary because: - install(TARGETS, ...) doesn't support the RENAME option. - We can't modify OUTPUT_NAME for the "-static" targets without breaking the regression tests. - ${CMAKE_CFG_INTDIR} doesn't seem to work properly in an install() command. Refer to #307
1ee87a9e	2019-01-21T16:25:02	djpeg: Fix PPM output regression w/ color quant. Regression caused by aa7459050d7a50e1d8a99488902d41fbc118a50f Fix based on: https://github.com/sinic/libjpeg-turbo/commit/03fbacb8ebf1fffc3f2d2db26ddf4db8b1f6aa7b Closes #310
479501b0	2019-01-21T13:57:55	TurboJPEG: Decompress 4:4:4 JPEGs with unusual SFs Normally, 4:4:4 JPEGs have horizontal x vertical luminance & chrominance sampling factors of 1x1. However, it is technically legal to create 4:4:4 JPEGs with sampling factors of 2x1, 1x2, 3x1, or 1x3, since the sums of the products of those sampling factors are still <= 10. The libjpeg API correctly decodes such images, so the TurboJPEG API should as well. Fixes #323
1ff90822	2019-01-01T21:08:27	TJBench: Fix FPE when decompressing 0-width JPEG Fixes #319
f8cca819	2019-01-01T20:32:40	wrbmp.c: Don't allow quantization w/ non-RGB CS If cinfo->quantize_colors == 1, then jpeg_calc_output_dimensions() will set cinfo->output_components to 1, and if cinfo->out_color_space is not RGB (or extended RGB), hilarity will ensue. Fixes #305
3d9c64e9	2019-01-01T18:57:36	tjLoadImage(): Fix int overflow/segfault w/big BMP Fixes #304
c868e41b	2019-01-01T14:26:48	Build: Fix regr. that nuked RPATH in Mac/iOS build Caused by 950580eb0c020598a4c6c8aa46c86e31062e1ddc. Since the code that sets CMAKE_INSTALL_RPATH now depends on ENABLE_SHARED, that code needed to be moved to after the point at which ENABLE_SHARED is defined.
950580eb	2018-11-12T11:22:07	Build: Fix install error with fully static build Closes #273
d00d7d8c	2018-10-05T16:13:07	cjpeg: Fix OOB read caused by malformed 8-bit TGA ... in which one or more of the color indices is out of range for the number of palette entries. Fix partly borrowed from jpeg-9c. Fixes #295
aaffc14f	2018-09-30T11:56:08	Clarify that Win7 SP0 crash was a regression
d5f281b7	2018-09-28T15:46:35	SIMD: Fix c000001d exception on Win 7 w/o SP1 Apparently Windows 7 without SP1 has O/S support for XSAVE but not for YMM registers, and this exposed a bug in our usage of xgetbv. The test instruction will set ZF only if none of the bits match between the two operarands, so in effect, we were enabling AVX2 instructions if the O/S supported XSAVE and the CPU supported AVX2 but the O/S only supported XMM registers. This bug was not exposed on, for instance, Windows XP or RHEL 5 because those O/S's do not support XSAVE. Fixes #288
3bef88f6	2018-09-04T17:33:12	Fix MIPS DSPr2 build when using soft float ABI (for instance, when passing -msoft-float to the compiler) The instructions used by jsimd_quantize_float_dspr2() and jsimd_convsamp_float_dspr2() don't work with the soft float ABI, so disable those functions when soft float is enabled. Based on: https://github.com/libjpeg-turbo/libjpeg-turbo/pull/272/commits/129a739bfabe1568d078eb2719691a76db128185 Closes #272
2260b66e	2018-08-31T12:55:33	jconfig.h: restore Autotools compatibility (regression introduced with the CMake-based Un*x build system) Refer to change log for more details. Based on: https://github.com/libjpeg-turbo/libjpeg-turbo/pull/275/commits/d992d12bc7631c29ab4adc42a7c5b4273fe2d56e Closes #275
a6289526	2018-07-24T18:36:51	Fix JPEG spec references per ISO/ITU-T suggestions - When referring to specific clauses, annexes, tables, and figures, a "timed reference" (a reference that includes the year) must be used in order to avoid confusion. - "CCITT" = "ITU-T" - Replace ambiguous "JPEG spec" with the specific document number.
9ab569e6	2018-07-20T18:04:15	Fix int overflow when decompr. corrupt prog. JPEG No discernible performance regression Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9447 Credit to OSS Fuzz Closes #259
9c78a04d	2018-07-20T17:21:36	cjpeg: Fix OOB read caused by malformed 8-bit BMP ... in which one or more of the color indices is out of range for the number of palette entries. Fix partly borrowed from jpeg-9c. This commit also adopts Guido's JERR_PPM_OUTOFRANGE enum value in lieu of our project-specific JERR_PPM_TOOLARGE enum value. Fixes #258
6d8caa9f	2018-06-29T12:45:57	Build: Detect whether compiler supports DSPr2 This is basically the same test that was performed in acinclude.m4 in the old autotools-based build system. It was not ported to the CMake-based build system because I previously had no way of testing a non-DSPr2 build environment. Fixes #248
398c1e9a	2018-06-16T18:31:35	Fix jpeg_skip_scanlines() segfault w/merged upsamp Fixes NULL pointer reference when decompressing 4:2:2 or 4:2:0 JPEG images with cinfo.do_fancy_upsampling = FALSE. Closes #244
26f10929	2018-06-24T17:31:15	Fix infinite loop in partial image decompression ... caused by using certain specific combinations of jpeg_skip_scanlines() and jpeg_read_scanlines() calls with progressive, vertically-subsampled JPEG images. Fixes #237
43e84cff	2018-06-12T20:27:00	tjLoadImage(): Fix FPE triggered by malformed BMP In rdbmp.c, it is necessary to guard against 32-bit overflow/wraparound when allocating the row buffer, because since BMP files have 32-bit width and height fields, the value of biWidth can be up to 4294967295. Specifically, if biWidth is 1073741824 and cinfo->input_components = 4, then the samplesperrow argument in alloc_sarray() would wrap around to 0, and a division by zero error would occur at line 458 in jmemmgr.c. If biWidth is set to a higher value, then samplesperrow would wrap around to a small number, which would likely cause a buffer overflow (this has not been tested or verified.)
696e754e	2018-06-12T18:49:37	TurboJPEG: Handle JERR_BMP,JERR_PPM error codes ... in tjLoadImage()/tjSaveImage(). These error codes require an add-on message table, and if it isn't initialized, then format_message() produces "Bogus message code XXXX" instead.
909a8cfc	2018-06-12T16:08:26	Fix CVE-2018-11813 Refer to change log for details. Fixes #242
2401e4d1	2018-04-26T18:01:52	TurboJPEG: Handle CMYK JPEGs w/ subsampled M, Y Arguably it doesn't make much sense for non-chroma components to be subsampled (which is why this type of image was overlooked in cd7c3e6672cce3779450c6dd10d0d70b0c2278b2-- I didn't realize it was a thing), but certain Adobe applications apparently generate these images. Fixes #236
d66dc70d	2018-03-22T17:15:53	ChangeLog.md: bump revision to prepare for beta
c0ca354e	2018-03-22T16:04:29	Label this release 2.0 instead of 1.6 This also pulls the formatting changes from 19c791cdac6df84418c66eb9d67cfa9703bc2461 into the TurboJPEG C API docs.
2e90ccac	2018-03-22T15:56:09	ChangeLog.md: clarification regarding AVX2
5b177b3c	2018-03-22T11:36:43	C/SSE2 optimization of encode_mcu_AC_first() This commit adds C and SSE2 optimizations for the encode_mcu_AC_first() function used in progressive Huffman encoding. The image used for testing can be retrieved from this page: https://blog.cloudflare.com/doubling-the-speed-of-jpegtran All timings done on `Intel(R) Core(TM) i7-4870HQ CPU @ 2.50GHz` clang version is `Apple LLVM version 9.0.0 (clang-900.0.39.2)` gcc-5 version is `gcc-5 (Homebrew GCC 5.5.0) 5.5.0` gcc-7 version is `gcc-7 (Homebrew GCC 7.2.0) 7.2.0` Here are the results in comparison to libjpeg-turbo@293263c using `time ./jpegtran -outfile /dev/null -progressive -optimise -copy none print_poster_0025.jpg` C clang x86_64: +19% gcc-5 x86_64: +80% gcc-7 x86_64: +57% clang i386: +5% gcc-5 i386: +59% gcc-7 i386: +51% SSE2 clang x86_64: +79% gcc-5 x86_64: +158% gcc-7 x86_64: +122% clang i386: +71% gcc-5 i386: +134% gcc-7 i386: +135% Discussion in libjpeg-turbo/libjpeg-turbo#46
84fbd4f1	2018-03-17T00:27:49	Merge branch 'master' into dev
c7430097	2018-03-06T22:10:14	Fix build with older MinGW releases Some MinGW implementations need stdint.h in order to define SIZE_MAX. Regression caused by a09ba29a55b9a43d346421210d94370065eeaf53 and not fully fixed by a0047bdea4d11dfeefb9ea797865b1a2ea0a665e. Closes #220
33ce0b5e	2018-03-01T10:38:17	Loongson MMI SIMD extensions Based on: https://github.com/zhuchen1911/libjpeg-turbo/commit/42aff4497bdaca3258279cafc74511e3c25454b8 Closes #158
367a8386	2018-02-26T19:41:59	Make SIMD syms private for x86[-64]/Mach-O builds ... if building with YASM. NASM doesn't currently support the necessary directives. Closes #212
b6909ab3	2018-02-24T00:02:27	Make SIMD symbols private for MIPS ELF builds Closes #210
9cdec16c	2018-02-23T13:58:24	32-bit AVX2 implementation of slow int inverse DCT
4e240795	2018-02-13T16:34:21	Merge branch 'master' into dev
d4859558	2018-02-13T16:14:03	Fix dithering bug in merged 4:2:0/RGB565 algorithm d0 should always be used for the first row, and d1 should always be used for the second row. Addresses concerns raised in #95, #81.
bd544e28	2017-12-16T09:34:28	Merge branch 'master' into dev
0e2bca07	2017-12-15T20:37:02	jdarith.c: Fix two signed integer overflows I guess I have to fix these, or Google Autofuzz is going to keep bugging me about them. Fixes #171 Fixes #197 Fixes #198
afdd7999	2017-12-06T12:20:24	Merge branch 'master' into dev + acknowledge 1.5.3 release
c308d434	2017-12-06T11:59:04	jpeg_crop_scanlines: Handle gray images w/ samp!=1 Since the sampling factor has no meaning for single-component images, the decompressor ignores it, and jpeg_crop_scanlines() should as well. Fixes #195
773040f9	2017-12-05T15:27:34	Fix lib state when skipping to end of 1-scan image If jpeg_skip_scanlines() is used to skip to the end of a single-scan image, then we need to change the library state such that subsequent calls to jpeg_consume_input() will return JPEG_REACHED_EOI rather than JPEG_SUSPENDED. (NOTE: not necessary for multi-scan images, since the scans are processed prior to any call to jpeg_skip_scanlines().) Unless I miss my guess, using jpeg_skip_scanlines() in this manner will prevent any markers at the end of the JPEG image from being read, but I don't think there is any way around that without actually reading the data, which would defeat the purpose of jpeg_skip_scanlines(). Fixes #194
8c40ac8a	2017-11-16T18:46:01	Add TurboJPEG C example and clean up Java example Also rename example.c --> example.txt and add a disclaimer to that file so people will stop trying to compile it.
dc4b9002	2017-11-16T20:43:12	TurboJPEG: Add alpha offset array/method Also, set the red/green/blue offsets for TJPF_GRAY to -1 rather than 0. It was undefined behavior for an application to use those arrays/methods with TJPF_GRAY anyhow, and this makes it easier for applications to programmatically detect whether a given pixel format has red, green, and blue components.
aa745905	2017-11-16T18:09:07	TurboJPEG C API: Add BMP/PPM load/save functions The main justification for this is to provide new libjpeg-turbo users with a quick & easy way of developing a complete JPEG compression/decompression program without requiring them to build libjpeg-turbo from source (which was necessary in order to use the project-private bmp API) or to use external libraries. These new functions build upon significant enhancements to rdbmp.c, wrbmp.c, rdppm.c, and wrppm.c which allow those engines to convert directly between the native pixel format of the file and a pixel format ("colorspace" in libjpeg parlance) specified by the calling program. rdbmp.c and wrbmp.c have also been modified such that the calling program can choose to read or write image rows in the native (bottom-up) order of the file format, thus eliminating the need to use an inversion array. tjLoadImage() and tjSaveImage() leverage these new underlying features in order to significantly improve upon the performance of the old bmp API. Because these new functions cannot work without the libjpeg-turbo colorspace extensions, the libjpeg-compatible code in turbojpeg.c has been removed. That code was only there to serve as an example of how to use the TurboJPEG API on top of libjpeg, but more specific, buildable examples now exist in the https://github.com/libjpeg-turbo/ijg repository.
4893e5d8	2017-11-17T19:00:53	Merge branch 'master' into dev
19b393b6	2017-11-17T18:45:08	TJExample: Fix array index OOB w/ 4:1:1 JPEG input
5fce2e94	2017-11-14T15:30:06	tjbench.exe: Fix decompression access violation The program crashed when a JPEG image was passed on the command line, because we were mixing our metaphors vis-a-vis malloc()/free() and tjAlloc()/tjFree() (malloc()/free() uses the tjbench.exe heap, whereas tjAlloc()/tjFree() uses the turbojpeg.dll heap.)
907dd683	2017-11-13T21:46:07	ChangeLog.md: buglet
5bc43c78	2017-11-13T21:01:53	Further partial image decompression fixes - Referring to 073b0e88a192adebbb479ee2456beb089d8b5de7 and #185, the reason why BMP and RLE didn't (and won't) work with partial image decompression is that the output engines for both formats maintain a whole-image buffer, which is used to reverse the order of scanlines. However, it was straightforward to add -crop support for GIF and Targa, which is useful for testing partial image decompression along with color quantization. - Such testing reproduced a bug reported by Mozilla (refer to PR #182) whereby jpeg_skip_scanlines() would segfault if color quantization was enabled. To fix this issue, read_and_discard_scanlines() now sets up a dummy quantize function in the same manner that it sets up a dummy color conversion function. Closes #182
f3ad13e3	2017-11-13T16:00:35	TJBench/TJUnitTest: Don't ignore mistyped args
073b0e88	2017-11-08T21:01:57	djpeg -crop: Exit gracefully with non-PPM formats ... and document that only PPM/PGM output images are supported with the -crop option for the moment. I investigated the possibility of supporting -crop with -bmp, but even after resetting the buffer dimensions, I still kept getting virtual array access errors. It seems that doing this the "right way" would require creating a re-initialization function for each image format's destination manager. I'm disinclined to do that right now, given that this feature was Google's baby (developed as a prerequisite for including libjpeg-turbo in Android), and the -crop option in djpeg is intended only as an example of how to use the partial image decompression API. Real-world applications would need to handle this in their own destination managers. It would probably be possible to make this work with Targa by employing a similar hack to the one we used with PPM, but Targa isn't popular enough to bother. Fixes #185
7106ffe5	2017-09-02T04:20:03	Merge branch 'master' into dev
d0bac69a	2017-09-02T03:40:46	Java: Fix TJUnitTest on big endian platforms It is necessary for the C code to be aware of the machine's endianness, which is why the TurboJPEG Java wrapper sets a different pixel format for integer BufferedImages depending on ByteOrder.nativeOrder(). However, it isn't necessary to handle endianness in pure Java code such as TJUnitTest (d'oh!) This was a product of porting the C version of TJUnitTest too literally, and of insufficient testing (historically, the big endian systems I had available for testing didn't have Java.)
c0f3512d	2017-08-31T20:57:19	Merge branch 'master' into dev
32120054	2017-08-14T10:54:27	Java: Fix NullPointerException in YUVImage planes == null is a valid argument to setBuf() if alloc == true, so we need to make sure that planes is non-null before validating its length. We also need to allocate one dimension of the planes array if it's null. Fixes #168
e5c1613c	2017-07-07T15:15:19	x86: Fix "short jump is out of range" w/ NASM<2.04
dadebcd7	2017-06-28T11:43:08	TurboJPEG: Add "copy none", progressive xform opts Allow progressive entropy coding to be enabled on a transform-by-transform basis, and implement a new transform option for disabling the copying of markers. Closes #153
dedce66e	2017-06-28T15:30:41	Merge branch 'master' into dev
1db1ce45	2017-06-27T14:22:39	TJBench: Improve consistency of results Given that libjpeg-turbo can often process hundreds of megapixels/second on modern hardware, the default of one warmup iteration was essentially meaningless. Furthermore, the -warmup option was a bit clunky, since it required some foreknowledge of how fast the benchmarks were going to execute. This commit introduces a 1-second warmup interval for each benchmark by default, and the -warmup option has been retasked to control the length of that interval.
aba6ae59	2017-06-27T13:24:08	TurboJPEG: Opt. enable progressive entropy coding Fulfills part of the feature request in #153. Also paves the way for SIMD-accelerated progressive Huffman coding (refer to #46.)
d4092f6b	2017-06-27T10:54:21	TurboJPEG: Improve error handling - Provide a new C API function and TJException method that allows calling programs to query the severity of a compression/decompression/ transform error. - Provide a new flag that instructs the library to immediately stop compressing/decompressing/transforming if a warning is encountered. Fixes #151
b9ab64d8	2017-05-11T21:02:29	TurboJPEG: Thread-safe error message retrieval Introduce a new C API function (tjGetErrorStr2()) that can be used to retrieve compression/decompression/transform error messages in a thread-safe (i.e. instance-specific) manner. Retrieving error messages from global functions is still thread-unsafe. Addresses a concern expressed in #151.
2ac4e9d9	2017-06-26T21:58:32	Merge branch 'master' into dev
da2a27ef	2017-03-18T16:15:14	Honor max_memory_to_use/JPEGMEM/-maxmemory This re-introduces a feature of the obsolete system-specific libjpeg memory managers-- namely the ability to limit the amount of main memory used by the library during decompression or multi-pass compression. This is mainly beneficial for two reasons: - Works around a 2 GB limit in libFuzzer - Allows security-sensitive applications to set a memory limit for the JPEG decoder so as to work around the progressive JPEG exploit (LJT-01-004) described here: http://www.libjpeg-turbo.org/pmwiki/uploads/About/TwoIssueswiththeJPEGStandard.pdf This commit also removes obsolete documentation regarding the MS-DOS memory manager (which itself was removed long ago) and changes the documentation of the -maxmemory switch and JPEGMEM environment variable to reflect the fact that backing stores are never used in libjpeg-turbo. Inspired by: https://github.com/caolanm/libjpeg-turbo/commit/066fee2e7d6834f24838bc1896aa38ca77209e3c Closes #143
d4c41fe0	2017-03-18T12:56:36	TurboJPEG: Fix potential memory leaks Referring to https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=746, it seems that the values of local buffer pointers in TurboJPEG API functions aren't always preserved if longjmp() returns control to a point prior to the allocation of the local buffers. This is known to be an issue with GCC 4.x and clang with -O1 and higher optimization levels but not with GCC 5.x and later. It is unknown why GCC 5.x and 6.x do not suffer from the issue, but possibly the local buffer pointers are not allocated on the stack when using those more recent compilers. In any case, this commit modifies the TurboJPEG API library code such that the jump buffer is always updated after any local buffer pointers are allocated but before any subsequent libjpeg API functions are called.
44b2399a	2017-01-19T15:18:57	libjpeg API: Support reading/writing ICC profiles This commit does the following: -- Merges the two glueware functions (read_icc_profile() and write_icc_profile()) from iccjpeg.c, which is contained in downstream projects such as LCMS, Ghostscript, Mozilla, etc. These functions were originally intended for inclusion in libjpeg, but Tom Lane left the IJG before that could be accomplished. Since then, programs and libraries that needed to embed/extract ICC profiles in JPEG files had to include their own local copy of iccjpeg.c, which is suboptimal. -- The new functions were prefixed with jpeg_ and split into separate files for the compressor and decompressor, per the existing libjpeg coding standards. -- jpeg_write_icc_profile() was made slightly more fault-tolerant. It will now trigger a libjpeg error if it is called before jpeg_start_compress() or if it is passed NULL arguments. -- jpeg_read_icc_profile() was made slightly more fault-tolerant. It will now trigger a libjpeg error if it is called before jpeg_read_header() or if it is passed NULL arguments. It will also now trigger libjpeg warnings if the ICC profile data is corrupt. -- The code comments have been wordsmithed. -- Note that the one-line setup_read_icc_profile() function was not included. Instead, libjpeg.txt now documents the need to call jpeg_save_markers(cinfo, JPEG_APP0 + 2, 0xFFFF) prior to calling jpeg_read_header(), if jpeg_read_icc_profile() is to be used. -- Adds documentation for the new functions to libjpeg.txt. -- Adds an -icc switch to cjpeg and jpegtran that allows those programs to embed an ICC profile in the JPEG files they generate. -- Adds an -icc switch to djpeg that allows that program to extract an ICC profile from a JPEG file while decompressing. -- Adds appropriate unit tests for all of the above. -- Bumps the SO_AGE of the libjpeg API library to indicate the presence of new API functions. Note that the licensing information was obtained from: https://github.com/mm2/Little-CMS/issues/37#issuecomment-66450180
d34d2559	2017-01-19T19:05:21	Merge branch 'master' into dev
a0b7de9a	2017-01-19T18:51:41	Always tweak EXIF w/h tags w/ lossless transforms ... even if using libjpeg v6b emulation. Previously adjust_exif_parameters() was only called with libjpeg v7/v8 emulation, but due to a bug (which this commit also fixes), it only worked properly with libjpeg v8 emulation.
22527955	2017-01-19T17:50:59	Fix error w/ lossless crop & libjpeg v7 emulation The JPEG_LIB_VERSION #ifdef in jtransform_adjust_parameters() was incorrect, which caused a "Bogus virtual array access" error when attempting to use the lossless crop feature. Introduced in c04bd3cc97f44fd9030de1e141754c8775d4e5a5. This also adds libjpeg v7 API/ABI emulation to the Travis CI tests.
eb38b61b	2017-01-19T16:44:10	Include jpeg_skip/crop_scanlines() in jpeg7.dll ... when the in-memory source/destination managers are included. Oversight in 306e1d2d778cf5a4d2a22ac847a31722b9fc2845 and 3ab68cf563f6edc2608c085f5c8b2d5d5c61157e.
8a9b042b	2016-12-10T09:35:30	Merge branch 'master' into dev
786b6493	2016-12-05T12:39:49	Reorg AltiVec detection code + advertise that full AltiVec SIMD acceleration is now available on OpenBSD. The relevant compilers probably all support C99 or GNU's variation of C90 that allows variables to be declared anywhere, but our policy is to conform to the C90 standard, if for no other reason than that it improves code readability.
82bf7f58	2016-12-01T18:23:32	Fix md5cmp on AmigaOS 4 (PowerPC big-endian) + Document AmigaOS support in the change log. Based on: https://github.com/chris-y/libjpeg-turbo/commit/b4f3b757970cd9dd448af9d2713b6bcdd9929147 Closes #119
6abd3916	2016-11-15T08:47:43	Unified CMake-based build system See #56 for discussion. Fixes #21, Fixes #29, Fixes #37, Closes #56, Fixes #58, Closes #73 Obviates #82 See also: https://sourceforge.net/p/libjpeg-turbo/feature-requests/5/ https://sourceforge.net/p/libjpeg-turbo/patches/5/
0ff7da71	2016-11-16T15:55:12	Advertise the new AVX2 SIMD extensions (our story so far ...)
74e4c793	2016-11-16T15:08:16	TJBench: Fix regression/-nowrite always enabled Introduced by eb59b6e72d8098a1f7b8c7e0c710b32eb6f5dc45
7bfb22af	2016-09-26T17:59:14	Fix broken MIPS build Regression introduced by 9055fb408dcb585ce9392d395e16630d51002152 Fixes #104
dfefba77	2016-09-22T14:19:29	Fix broken build with NDK platforms < android-21 Regression introduced by a09ba29a55b9a43d346421210d94370065eeaf53 Fixes #103
cb88e5da	2016-09-20T21:06:24	ARM64 NEON: Fix another ABI conformance issue Based on https://github.com/mayeut/libjpeg-turbo/commit/98a5a9dc899aa9265858a3cbe0a96289a31a1322 with wordsmithing by DRC. In the AArch64 ABI, as in many others, it's forbidden to read/store data below the stack pointer. Some SIMD functions were doing just that (stack pointer misuse) when trying to preserve callee-saved registers, and this resulted in those registers being restored with incorrect contents under certain circumstances. This patch fixes that behavior, and callee-saved registers are now stored above the stack pointer throughout the function call. The patch also removes register saving in places where it is unnecessary for this ABI, or it makes use of unused scratch regiters instead of callee-saved registers. Fixes #97. Closes #101. Refer also to https://bugzilla.redhat.com/show_bug.cgi?id=1368569
077e5bb4	2016-09-08T21:49:02	Fix out-of-bounds write in partial decomp. feature Reported by Clang UBSan (refer to https://bugzilla.mozilla.org/show_bug.cgi?id=1301252 for test image.) This appears to be a legitimate bug introduced by 3ab68cf563f6edc2608c085f5c8b2d5d5c61157e. Any component array, such as first_MCU_col and last_MCU_col, should always be able to accommodate MAX_COMPONENTS values. The aforementioned test image had 8 components, which was not enough to make the out-of-bounds write bust out of the jpeg_decomp_master struct (and fortunately the memory after last_MCU_col is an integer used as a boolean, so stomping on it will do nothing other than change the decoder state.) I crafted another special image that has 10 components (the maximum allowable), but that was apparently not enough to bust out of the allocated memory, either. Thus, it is posited that the security threat posed by this bug is either extremely minimal or non-existent.
a1dd3568	2016-09-08T21:29:58	Silence additional UBSan warnings NOTE: The jdhuff.c/jdphuff.c warnings should have already been silenced by 8e9cef2e6f5156c4b055a04a8f979b7291fc6b7a, but apparently I need to be REALLY clear that I'm trying to do pointer arithmetic rather than dereference an array. Grrr... Refer to: https://bugzilla.mozilla.org/show_bug.cgi?id=1301250 https://bugzilla.mozilla.org/show_bug.cgi?id=1301256
a09ba29a	2016-09-07T16:40:10	Fix unsigned int overflow in libjpeg memory mgr. When attempting to decode a malformed JPEG image (refer to https://bugzilla.mozilla.org/show_bug.cgi?id=1295044) with dimensions 61472 x 32800, the maximum_space variable within the realize_virt_arrays() function will exceed the maximum value of a 32-bit integer and will wrap around. The memory manager subsequently fails with an "Insufficient memory" error (case 4, in alloc_large()), so this commit simply causes that error to be triggered earlier, before UBSan has a chance to complain. Note that this issue did not ever represent an exploitable security threat, because the POSIX-based memory manager that we use doesn't ever do anything meaningful with the value of maximum_space. jpeg_mem_available() simply sets avail_mem = maximum_space, so the subsequent behavior of the memory manager is the same regardless of whether maximum_space is correct or not. This commit simply removes a UBSan warning in order to make it easier to detect actual security issues.
8ce2c911	2016-08-01T11:22:24	TurboJPEG: Decomp. 4:2:2/4:4:0 JPEGs w/unusual SFs Normally, 4:2:2 JPEGs have horizontal x vertical luminance,chrominance sampling factors of 2x1,1x1, and 4:4:0 JPEGs have horizontal x vertical luminance,chrominance sampling factors of 1x2,1x1. However, it is technically legal to create 4:2:2 JPEGs with sampling factors of 2x2,1x2 and 4:4:0 JPEGs with sampling factors of 2x2,2x1, since the sums of the products of those sampling factors (2x2 + 1x2 + 1x2 and 2x2 + 2x1 + 2x1) are still <= 10. The libjpeg API correctly decodes such images, so the TurboJPEG API should as well. Fixes #92
7723d7f7	2016-07-13T20:39:11	Use plain upsampling if merged isn't accelerated Currently, this only affects ARM, since it is the only platform that accelerates YCbCr-to-RGB conversion but not merged upsampling. Even if "plain" upsampling isn't accelerated, the combination of accelerated color conversion + unaccelerated plain upsampling is still faster than the unaccelerated merged upsampling algorithms. Closes #81
628c168c	2016-07-10T19:01:51	Implement h1v2 fancy upsampling This allows fancy upsampling to be used when decompressing 4:2:2 images that have been losslessly rotated or transposed. (docs and comments added by DRC) Based on https://github.com/pornel/libjpeg-turbo/commit/f63aca945debde07e7c6476a1f667b71728c3d44 Closes #89
1120ff29	2016-07-13T12:15:02	Fix AArch64 ABI conformance issue in SIMD code In the AArch64 ABI, the high (unused) DWORD of a 32-bit argument's register is undefined, so it was incorrect to use 64-bit instructions to transfer a JDIMENSION argument in the 64-bit NEON SIMD functions. The code worked thus far only because the existing compiler optimizers weren't smart enough to do anything else with the register in question, so the upper 32 bits happened to be all zeroes. The latest builds of Clang/LLVM have a smarter optimizer, and under certain circumstances, it will attempt to load-combine adjacent 32-bit integers from one of the libjpeg structures into a single 64-bit integer and pass that 64-bit integer as a 32-bit argument to one of the SIMD functions (which is allowed by the ABI, since the upper 32 bits of the 32-bit argument's register are undefined.) This caused the libjpeg-turbo regression tests to crash. This patch tries to use the Wn registers whenever possible. Otherwise, it uses a zero-extend instruction to avoid using the upper 32 bits of the 64-bit registers, which are not guaranteed to be valid for 32-bit arguments. Based on https://github.com/sebpop/libjpeg-turbo/commit/1fbae13021eb98f6fffdfaf8678fcdb00b0b04d9 Closes #91. Refer also to android-ndk/ndk#110 and https://llvm.org/bugs/show_bug.cgi?id=28393
6e9d43e0	2016-07-06T16:58:28	Linux/PPC: Only enable AltiVec if CPU supports it This eliminates "illegal instruction" errors when running libjpeg-turbo under Linux on PowerPC chips that lack AltiVec support (e.g. the old 7XX/G3 models but also the newer e5500 series.)
9055fb40	2016-07-07T13:10:30	ARM/MIPS: Change the behavior of JSIMD_FORCE* The JSIMD_FORCE* environment variables previously meant "force the use of this instruction set if it is available but others are available as well", but that did nothing on ARM platforms, since there is only ever one instruction set available. Since the ARM and MIPS CPU feature detection code is less than bulletproof, and since there is only one SIMD instruction set (currently) supported on those platforms, it makes sense for the JSIMD_FORCE* environment variables on those platforms to actually force the use of the SIMD instruction set, thus bypassing the CPU feature detection code. This addresses a concern raised in #88 whereby parsing /proc/cpuinfo didn't work within a QEMU environment. This at least provides a workaround, allowing users to force-enable or force-disable SIMD instructions for ARM and MIPS builds of libjpeg-turbo.
68cf83db	2016-05-10T21:04:02	Don't allow opaque source/dest mgrs to be swapped Calling jpeg_stdio_dest() followed by jpeg_mem_dest(), or jpeg_mem_src() followed by jpeg_stdio_src(), is dangerous, because the existing opaque structure would not be big enough to accommodate the new source/dest manager. This issue was non-obvious to libjpeg-turbo consumers, since it was only documented in code comments. Furthermore, the issue could also occur if the source/dest manager was allocated by the calling program, but it was not allocated with enough space to accommodate the opaque stdio or memory source/dest manager structs. The safest thing to do is to throw an error if one of these functions is called when there is already a source/dest manager assigned to the object and it was allocated elsewhere. Closes #78, #79
5e576386	2016-05-02T12:31:51	ARMv7 SIMD: Fix clang compatibility By design, clang only supports Unified Assembler Language (and not pre-UAL syntax): https://llvm.org/bugs/show_bug.cgi?id=23507 http://infocenter.arm.com/help/index.jsp?topic=/com.arm.doc.dui0473c/BABJIHGJ.html Thus, clang only supports the strbeq instruction and not streqb, but unfortunately some versions of GCC only support streqb. Go, go Gadget #ifdef... Based on https://github.com/mattsarett/libjpeg-turbo/commit/a82e63aac63f8fa3 95fa4caad4de6859623ee2e2 Closes #75
1959e28b	2016-04-21T10:22:36	Increase severity of tjDecompressToYUV2() bug desc Actually, what happened was that the longjmp() call within my_error_exit() acted on the previous value of myerr->setjmp_buffer, which was probably set in a previous TurboJPEG function, such as tjInitDecompress(). Thus, when a libjpeg error was triggered within the body of tjDecompressToYUV2(), the PC jumped to the error handler of the previous TurboJPEG function, and this usually caused stack corruption in the calling program (because the signature and return type of the previous TurboJPEG function probably wasn't the same.)
dec79952	2016-04-20T11:27:42	Catch libjpeg errors in tjDecompressToYUV2() Even though tjDecompressToYUV2() is mostly just a wrapper for tjDecompressToYUVPlanes(), tjDecompressToYUV2() still calls jpeg_read_header(), so it needs to properly set up the libjpeg error handler prior to making this call. Otherwise, under very esoteric (and arguably incorrect) use cases, a program can call tjDecompressToYUV2() without first checking the JPEG header using tjDecompressHeader3(), and if the header is corrupt, tjDecompressToYUV2() will abort without triggering an error. Fixes #72
1a3aebd8	2016-03-31T10:02:44	Merge branch '1.4.x'
b2817f52	2016-03-16T07:18:30	Merge branch '1.4.x'
1385f8b2	2016-03-14T13:32:00	ChangeLog.md: Improve readability of plain text
a839a7a9	2016-03-13T16:24:48	Markdown version of ChangeLog.txt This will make it easier to crib ChangeLog information into release notes, since both SourceForge and GitHub support MD.
3f56bd59	2016-03-13T12:36:06	Rename ChangeLog.txt ... in preparation for creating a MarkDown version (Git will not preserve history unless you rename the file prior to modifying it.)

aa9db616

2019-04-15T17:55:47

x86 SIMD: Check for CPUID leaf 07H before using According to Intel's manual [1], "If a value entered for CPUID.EAX is higher than the maximum input value for basic or extended function for that processor then the data for the highest basic information leaf is returned." Right now, libjpeg-turbo doesn't first check that leaf 07H is supported before attempting to use it, so the ostensible AVX2 bit (Bit 05) of the CPUID result might actually be Bit 05 from a lower leaf. That bit might be set, even if the CPU doesn't support AVX2. This commit modifies the x86 and x86-64 SIMD feature detection code so that it first checks whether CPUID leaf 07H is supported before attempting to use it to check for AVX2 instruction support. DRC: This commit should fix https://bugzilla.mozilla.org/show_bug.cgi?id=1520760 However, I have not personally been able to reproduce that issue, despite using a Nehalem (pre-AVX2) CPU on which the maximum CPUID leaf has been limited via a BIOS setting. Closes #348 [1] "Intel® 64 and IA-32 Architectures Software Developer's Manual, Volume 2 (2A, 2B, 2C & 2D): Instruction Set Reference, A-Z", https://software.intel.com/sites/default/files/managed/a4/60/325383-sdm-vol-2abcd.pdf, page 3-192.

2b05d47b

2019-04-15T13:38:15

ChangeLog.md: Document 33011754

a4aa30d9

2019-02-13T22:03:31

ChangeLog.md: "floating-point"="floating point"

1c2d3cfa

2019-01-30T12:43:45

MMI: Fix comp. perf. issue w/ unaligned image rows Using ldc1 with a non-64-bit-aligned memory location causes as much as a 10x slow-down in overall compression performance.

2d0b675a

2019-01-25T16:46:02

Build: Fix install of static build w/ VStudio IDE Unfortunately, this hack is necessary because: - install(TARGETS, ...) doesn't support the RENAME option. - We can't modify OUTPUT_NAME for the "-static" targets without breaking the regression tests. - ${CMAKE_CFG_INTDIR} doesn't seem to work properly in an install() command. Refer to #307

1ee87a9e

2019-01-21T16:25:02

djpeg: Fix PPM output regression w/ color quant. Regression caused by aa7459050d7a50e1d8a99488902d41fbc118a50f Fix based on: https://github.com/sinic/libjpeg-turbo/commit/03fbacb8ebf1fffc3f2d2db26ddf4db8b1f6aa7b Closes #310

479501b0

2019-01-21T13:57:55

TurboJPEG: Decompress 4:4:4 JPEGs with unusual SFs Normally, 4:4:4 JPEGs have horizontal x vertical luminance & chrominance sampling factors of 1x1. However, it is technically legal to create 4:4:4 JPEGs with sampling factors of 2x1, 1x2, 3x1, or 1x3, since the sums of the products of those sampling factors are still <= 10. The libjpeg API correctly decodes such images, so the TurboJPEG API should as well. Fixes #323

1ff90822

2019-01-01T21:08:27

TJBench: Fix FPE when decompressing 0-width JPEG Fixes #319

f8cca819

2019-01-01T20:32:40

wrbmp.c: Don't allow quantization w/ non-RGB CS If cinfo->quantize_colors == 1, then jpeg_calc_output_dimensions() will set cinfo->output_components to 1, and if cinfo->out_color_space is not RGB (or extended RGB), hilarity will ensue. Fixes #305

3d9c64e9

2019-01-01T18:57:36

tjLoadImage(): Fix int overflow/segfault w/big BMP Fixes #304

c868e41b

2019-01-01T14:26:48

Build: Fix regr. that nuked RPATH in Mac/iOS build Caused by 950580eb0c020598a4c6c8aa46c86e31062e1ddc. Since the code that sets CMAKE_INSTALL_RPATH now depends on ENABLE_SHARED, that code needed to be moved to after the point at which ENABLE_SHARED is defined.

950580eb

2018-11-12T11:22:07

Build: Fix install error with fully static build Closes #273

d00d7d8c

2018-10-05T16:13:07

cjpeg: Fix OOB read caused by malformed 8-bit TGA ... in which one or more of the color indices is out of range for the number of palette entries. Fix partly borrowed from jpeg-9c. Fixes #295

aaffc14f

2018-09-30T11:56:08

Clarify that Win7 SP0 crash was a regression

d5f281b7

2018-09-28T15:46:35

SIMD: Fix c000001d exception on Win 7 w/o SP1 Apparently Windows 7 without SP1 has O/S support for XSAVE but not for YMM registers, and this exposed a bug in our usage of xgetbv. The test instruction will set ZF only if none of the bits match between the two operarands, so in effect, we were enabling AVX2 instructions if the O/S supported XSAVE and the CPU supported AVX2 but the O/S only supported XMM registers. This bug was not exposed on, for instance, Windows XP or RHEL 5 because those O/S's do not support XSAVE. Fixes #288

3bef88f6

2018-09-04T17:33:12

Fix MIPS DSPr2 build when using soft float ABI (for instance, when passing -msoft-float to the compiler) The instructions used by jsimd_quantize_float_dspr2() and jsimd_convsamp_float_dspr2() don't work with the soft float ABI, so disable those functions when soft float is enabled. Based on: https://github.com/libjpeg-turbo/libjpeg-turbo/pull/272/commits/129a739bfabe1568d078eb2719691a76db128185 Closes #272

2260b66e

2018-08-31T12:55:33

jconfig.h: restore Autotools compatibility (regression introduced with the CMake-based Un*x build system) Refer to change log for more details. Based on: https://github.com/libjpeg-turbo/libjpeg-turbo/pull/275/commits/d992d12bc7631c29ab4adc42a7c5b4273fe2d56e Closes #275

a6289526

2018-07-24T18:36:51

Fix JPEG spec references per ISO/ITU-T suggestions - When referring to specific clauses, annexes, tables, and figures, a "timed reference" (a reference that includes the year) must be used in order to avoid confusion. - "CCITT" = "ITU-T" - Replace ambiguous "JPEG spec" with the specific document number.

9ab569e6

2018-07-20T18:04:15

Fix int overflow when decompr. corrupt prog. JPEG No discernible performance regression Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9447 Credit to OSS Fuzz Closes #259

9c78a04d

2018-07-20T17:21:36

cjpeg: Fix OOB read caused by malformed 8-bit BMP ... in which one or more of the color indices is out of range for the number of palette entries. Fix partly borrowed from jpeg-9c. This commit also adopts Guido's JERR_PPM_OUTOFRANGE enum value in lieu of our project-specific JERR_PPM_TOOLARGE enum value. Fixes #258

6d8caa9f

2018-06-29T12:45:57

Build: Detect whether compiler supports DSPr2 This is basically the same test that was performed in acinclude.m4 in the old autotools-based build system. It was not ported to the CMake-based build system because I previously had no way of testing a non-DSPr2 build environment. Fixes #248

398c1e9a

2018-06-16T18:31:35

Fix jpeg_skip_scanlines() segfault w/merged upsamp Fixes NULL pointer reference when decompressing 4:2:2 or 4:2:0 JPEG images with cinfo.do_fancy_upsampling = FALSE. Closes #244

26f10929

2018-06-24T17:31:15

Fix infinite loop in partial image decompression ... caused by using certain specific combinations of jpeg_skip_scanlines() and jpeg_read_scanlines() calls with progressive, vertically-subsampled JPEG images. Fixes #237

43e84cff

2018-06-12T20:27:00

tjLoadImage(): Fix FPE triggered by malformed BMP In rdbmp.c, it is necessary to guard against 32-bit overflow/wraparound when allocating the row buffer, because since BMP files have 32-bit width and height fields, the value of biWidth can be up to 4294967295. Specifically, if biWidth is 1073741824 and cinfo->input_components = 4, then the samplesperrow argument in alloc_sarray() would wrap around to 0, and a division by zero error would occur at line 458 in jmemmgr.c. If biWidth is set to a higher value, then samplesperrow would wrap around to a small number, which would likely cause a buffer overflow (this has not been tested or verified.)

696e754e

2018-06-12T18:49:37

TurboJPEG: Handle JERR_BMP*,JERR_PPM* error codes ... in tjLoadImage()/tjSaveImage(). These error codes require an add-on message table, and if it isn't initialized, then format_message() produces "Bogus message code XXXX" instead.

909a8cfc

2018-06-12T16:08:26

Fix CVE-2018-11813 Refer to change log for details. Fixes #242

2401e4d1

2018-04-26T18:01:52

TurboJPEG: Handle CMYK JPEGs w/ subsampled M, Y Arguably it doesn't make much sense for non-chroma components to be subsampled (which is why this type of image was overlooked in cd7c3e6672cce3779450c6dd10d0d70b0c2278b2-- I didn't realize it was a thing), but certain Adobe applications apparently generate these images. Fixes #236

d66dc70d

2018-03-22T17:15:53

ChangeLog.md: bump revision to prepare for beta

c0ca354e

2018-03-22T16:04:29

Label this release 2.0 instead of 1.6 This also pulls the formatting changes from 19c791cdac6df84418c66eb9d67cfa9703bc2461 into the TurboJPEG C API docs.

2e90ccac

2018-03-22T15:56:09

ChangeLog.md: clarification regarding AVX2

5b177b3c

2018-03-22T11:36:43

C/SSE2 optimization of encode_mcu_AC_first() This commit adds C and SSE2 optimizations for the encode_mcu_AC_first() function used in progressive Huffman encoding. The image used for testing can be retrieved from this page: https://blog.cloudflare.com/doubling-the-speed-of-jpegtran All timings done on `Intel(R) Core(TM) i7-4870HQ CPU @ 2.50GHz` clang version is `Apple LLVM version 9.0.0 (clang-900.0.39.2)` gcc-5 version is `gcc-5 (Homebrew GCC 5.5.0) 5.5.0` gcc-7 version is `gcc-7 (Homebrew GCC 7.2.0) 7.2.0` Here are the results in comparison to libjpeg-turbo@293263c using `time ./jpegtran -outfile /dev/null -progressive -optimise -copy none print_poster_0025.jpg` C clang x86_64: +19% gcc-5 x86_64: +80% gcc-7 x86_64: +57% clang i386: +5% gcc-5 i386: +59% gcc-7 i386: +51% SSE2 clang x86_64: +79% gcc-5 x86_64: +158% gcc-7 x86_64: +122% clang i386: +71% gcc-5 i386: +134% gcc-7 i386: +135% Discussion in libjpeg-turbo/libjpeg-turbo#46

84fbd4f1

2018-03-17T00:27:49

Merge branch 'master' into dev

c7430097

2018-03-06T22:10:14

Fix build with older MinGW releases Some MinGW implementations need stdint.h in order to define SIZE_MAX. Regression caused by a09ba29a55b9a43d346421210d94370065eeaf53 and not fully fixed by a0047bdea4d11dfeefb9ea797865b1a2ea0a665e. Closes #220

33ce0b5e

2018-03-01T10:38:17

Loongson MMI SIMD extensions Based on: https://github.com/zhuchen1911/libjpeg-turbo/commit/42aff4497bdaca3258279cafc74511e3c25454b8 Closes #158

367a8386

2018-02-26T19:41:59

Make SIMD syms private for x86[-64]/Mach-O builds ... if building with YASM. NASM doesn't currently support the necessary directives. Closes #212

b6909ab3

2018-02-24T00:02:27

Make SIMD symbols private for MIPS ELF builds Closes #210

9cdec16c

2018-02-23T13:58:24

32-bit AVX2 implementation of slow int inverse DCT

4e240795

2018-02-13T16:34:21

Merge branch 'master' into dev

d4859558

2018-02-13T16:14:03

Fix dithering bug in merged 4:2:0/RGB565 algorithm d0 should always be used for the first row, and d1 should always be used for the second row. Addresses concerns raised in #95, #81.

bd544e28

2017-12-16T09:34:28

Merge branch 'master' into dev

0e2bca07

2017-12-15T20:37:02

jdarith.c: Fix two signed integer overflows I guess I have to fix these, or Google Autofuzz is going to keep bugging me about them. Fixes #171 Fixes #197 Fixes #198

afdd7999

2017-12-06T12:20:24

Merge branch 'master' into dev + acknowledge 1.5.3 release

c308d434

2017-12-06T11:59:04

jpeg_crop_scanlines: Handle gray images w/ samp!=1 Since the sampling factor has no meaning for single-component images, the decompressor ignores it, and jpeg_crop_scanlines() should as well. Fixes #195

773040f9

2017-12-05T15:27:34

Fix lib state when skipping to end of 1-scan image If jpeg_skip_scanlines() is used to skip to the end of a single-scan image, then we need to change the library state such that subsequent calls to jpeg_consume_input() will return JPEG_REACHED_EOI rather than JPEG_SUSPENDED. (NOTE: not necessary for multi-scan images, since the scans are processed prior to any call to jpeg_skip_scanlines().) Unless I miss my guess, using jpeg_skip_scanlines() in this manner will prevent any markers at the end of the JPEG image from being read, but I don't think there is any way around that without actually reading the data, which would defeat the purpose of jpeg_skip_scanlines(). Fixes #194

8c40ac8a

2017-11-16T18:46:01

Add TurboJPEG C example and clean up Java example Also rename example.c --> example.txt and add a disclaimer to that file so people will stop trying to compile it.

dc4b9002

2017-11-16T20:43:12

TurboJPEG: Add alpha offset array/method Also, set the red/green/blue offsets for TJPF_GRAY to -1 rather than 0. It was undefined behavior for an application to use those arrays/methods with TJPF_GRAY anyhow, and this makes it easier for applications to programmatically detect whether a given pixel format has red, green, and blue components.

aa745905

2017-11-16T18:09:07

TurboJPEG C API: Add BMP/PPM load/save functions The main justification for this is to provide new libjpeg-turbo users with a quick & easy way of developing a complete JPEG compression/decompression program without requiring them to build libjpeg-turbo from source (which was necessary in order to use the project-private bmp API) or to use external libraries. These new functions build upon significant enhancements to rdbmp.c, wrbmp.c, rdppm.c, and wrppm.c which allow those engines to convert directly between the native pixel format of the file and a pixel format ("colorspace" in libjpeg parlance) specified by the calling program. rdbmp.c and wrbmp.c have also been modified such that the calling program can choose to read or write image rows in the native (bottom-up) order of the file format, thus eliminating the need to use an inversion array. tjLoadImage() and tjSaveImage() leverage these new underlying features in order to significantly improve upon the performance of the old bmp API. Because these new functions cannot work without the libjpeg-turbo colorspace extensions, the libjpeg-compatible code in turbojpeg.c has been removed. That code was only there to serve as an example of how to use the TurboJPEG API on top of libjpeg, but more specific, buildable examples now exist in the https://github.com/libjpeg-turbo/ijg repository.

4893e5d8

2017-11-17T19:00:53

Merge branch 'master' into dev

19b393b6

2017-11-17T18:45:08

TJExample: Fix array index OOB w/ 4:1:1 JPEG input

5fce2e94

2017-11-14T15:30:06

tjbench.exe: Fix decompression access violation The program crashed when a JPEG image was passed on the command line, because we were mixing our metaphors vis-a-vis malloc()/free() and tjAlloc()/tjFree() (malloc()/free() uses the tjbench.exe heap, whereas tjAlloc()/tjFree() uses the turbojpeg.dll heap.)

907dd683

2017-11-13T21:46:07

ChangeLog.md: buglet

5bc43c78

2017-11-13T21:01:53

Further partial image decompression fixes - Referring to 073b0e88a192adebbb479ee2456beb089d8b5de7 and #185, the reason why BMP and RLE didn't (and won't) work with partial image decompression is that the output engines for both formats maintain a whole-image buffer, which is used to reverse the order of scanlines. However, it was straightforward to add -crop support for GIF and Targa, which is useful for testing partial image decompression along with color quantization. - Such testing reproduced a bug reported by Mozilla (refer to PR #182) whereby jpeg_skip_scanlines() would segfault if color quantization was enabled. To fix this issue, read_and_discard_scanlines() now sets up a dummy quantize function in the same manner that it sets up a dummy color conversion function. Closes #182

f3ad13e3

2017-11-13T16:00:35

TJBench/TJUnitTest: Don't ignore mistyped args

073b0e88

2017-11-08T21:01:57

djpeg -crop: Exit gracefully with non-PPM formats ... and document that only PPM/PGM output images are supported with the -crop option for the moment. I investigated the possibility of supporting -crop with -bmp, but even after resetting the buffer dimensions, I still kept getting virtual array access errors. It seems that doing this the "right way" would require creating a re-initialization function for each image format's destination manager. I'm disinclined to do that right now, given that this feature was Google's baby (developed as a prerequisite for including libjpeg-turbo in Android), and the -crop option in djpeg is intended only as an example of how to use the partial image decompression API. Real-world applications would need to handle this in their own destination managers. It would probably be possible to make this work with Targa by employing a similar hack to the one we used with PPM, but Targa isn't popular enough to bother. Fixes #185

7106ffe5

2017-09-02T04:20:03

Merge branch 'master' into dev

d0bac69a

2017-09-02T03:40:46

Java: Fix TJUnitTest on big endian platforms It is necessary for the C code to be aware of the machine's endianness, which is why the TurboJPEG Java wrapper sets a different pixel format for integer BufferedImages depending on ByteOrder.nativeOrder(). However, it isn't necessary to handle endianness in pure Java code such as TJUnitTest (d'oh!) This was a product of porting the C version of TJUnitTest too literally, and of insufficient testing (historically, the big endian systems I had available for testing didn't have Java.)

c0f3512d

2017-08-31T20:57:19

Merge branch 'master' into dev

32120054

2017-08-14T10:54:27

Java: Fix NullPointerException in YUVImage planes == null is a valid argument to setBuf() if alloc == true, so we need to make sure that planes is non-null before validating its length. We also need to allocate one dimension of the planes array if it's null. Fixes #168

e5c1613c

2017-07-07T15:15:19

x86: Fix "short jump is out of range" w/ NASM<2.04

dadebcd7

2017-06-28T11:43:08

TurboJPEG: Add "copy none", progressive xform opts Allow progressive entropy coding to be enabled on a transform-by-transform basis, and implement a new transform option for disabling the copying of markers. Closes #153

dedce66e

2017-06-28T15:30:41

Merge branch 'master' into dev

1db1ce45

2017-06-27T14:22:39

TJBench: Improve consistency of results Given that libjpeg-turbo can often process hundreds of megapixels/second on modern hardware, the default of one warmup iteration was essentially meaningless. Furthermore, the -warmup option was a bit clunky, since it required some foreknowledge of how fast the benchmarks were going to execute. This commit introduces a 1-second warmup interval for each benchmark by default, and the -warmup option has been retasked to control the length of that interval.

aba6ae59

2017-06-27T13:24:08

TurboJPEG: Opt. enable progressive entropy coding Fulfills part of the feature request in #153. Also paves the way for SIMD-accelerated progressive Huffman coding (refer to #46.)

d4092f6b

2017-06-27T10:54:21

TurboJPEG: Improve error handling - Provide a new C API function and TJException method that allows calling programs to query the severity of a compression/decompression/ transform error. - Provide a new flag that instructs the library to immediately stop compressing/decompressing/transforming if a warning is encountered. Fixes #151

b9ab64d8

2017-05-11T21:02:29

TurboJPEG: Thread-safe error message retrieval Introduce a new C API function (tjGetErrorStr2()) that can be used to retrieve compression/decompression/transform error messages in a thread-safe (i.e. instance-specific) manner. Retrieving error messages from global functions is still thread-unsafe. Addresses a concern expressed in #151.

2ac4e9d9

2017-06-26T21:58:32

Merge branch 'master' into dev

da2a27ef

2017-03-18T16:15:14

Honor max_memory_to_use/JPEGMEM/-maxmemory This re-introduces a feature of the obsolete system-specific libjpeg memory managers-- namely the ability to limit the amount of main memory used by the library during decompression or multi-pass compression. This is mainly beneficial for two reasons: - Works around a 2 GB limit in libFuzzer - Allows security-sensitive applications to set a memory limit for the JPEG decoder so as to work around the progressive JPEG exploit (LJT-01-004) described here: http://www.libjpeg-turbo.org/pmwiki/uploads/About/TwoIssueswiththeJPEGStandard.pdf This commit also removes obsolete documentation regarding the MS-DOS memory manager (which itself was removed long ago) and changes the documentation of the -maxmemory switch and JPEGMEM environment variable to reflect the fact that backing stores are never used in libjpeg-turbo. Inspired by: https://github.com/caolanm/libjpeg-turbo/commit/066fee2e7d6834f24838bc1896aa38ca77209e3c Closes #143

d4c41fe0

2017-03-18T12:56:36

TurboJPEG: Fix potential memory leaks Referring to https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=746, it seems that the values of local buffer pointers in TurboJPEG API functions aren't always preserved if longjmp() returns control to a point prior to the allocation of the local buffers. This is known to be an issue with GCC 4.x and clang with -O1 and higher optimization levels but not with GCC 5.x and later. It is unknown why GCC 5.x and 6.x do not suffer from the issue, but possibly the local buffer pointers are not allocated on the stack when using those more recent compilers. In any case, this commit modifies the TurboJPEG API library code such that the jump buffer is always updated after any local buffer pointers are allocated but before any subsequent libjpeg API functions are called.

44b2399a

2017-01-19T15:18:57

libjpeg API: Support reading/writing ICC profiles This commit does the following: -- Merges the two glueware functions (read_icc_profile() and write_icc_profile()) from iccjpeg.c, which is contained in downstream projects such as LCMS, Ghostscript, Mozilla, etc. These functions were originally intended for inclusion in libjpeg, but Tom Lane left the IJG before that could be accomplished. Since then, programs and libraries that needed to embed/extract ICC profiles in JPEG files had to include their own local copy of iccjpeg.c, which is suboptimal. -- The new functions were prefixed with jpeg_ and split into separate files for the compressor and decompressor, per the existing libjpeg coding standards. -- jpeg_write_icc_profile() was made slightly more fault-tolerant. It will now trigger a libjpeg error if it is called before jpeg_start_compress() or if it is passed NULL arguments. -- jpeg_read_icc_profile() was made slightly more fault-tolerant. It will now trigger a libjpeg error if it is called before jpeg_read_header() or if it is passed NULL arguments. It will also now trigger libjpeg warnings if the ICC profile data is corrupt. -- The code comments have been wordsmithed. -- Note that the one-line setup_read_icc_profile() function was not included. Instead, libjpeg.txt now documents the need to call jpeg_save_markers(cinfo, JPEG_APP0 + 2, 0xFFFF) prior to calling jpeg_read_header(), if jpeg_read_icc_profile() is to be used. -- Adds documentation for the new functions to libjpeg.txt. -- Adds an -icc switch to cjpeg and jpegtran that allows those programs to embed an ICC profile in the JPEG files they generate. -- Adds an -icc switch to djpeg that allows that program to extract an ICC profile from a JPEG file while decompressing. -- Adds appropriate unit tests for all of the above. -- Bumps the SO_AGE of the libjpeg API library to indicate the presence of new API functions. Note that the licensing information was obtained from: https://github.com/mm2/Little-CMS/issues/37#issuecomment-66450180

d34d2559

2017-01-19T19:05:21

Merge branch 'master' into dev

a0b7de9a

2017-01-19T18:51:41

Always tweak EXIF w/h tags w/ lossless transforms ... even if using libjpeg v6b emulation. Previously adjust_exif_parameters() was only called with libjpeg v7/v8 emulation, but due to a bug (which this commit also fixes), it only worked properly with libjpeg v8 emulation.

22527955

2017-01-19T17:50:59

Fix error w/ lossless crop & libjpeg v7 emulation The JPEG_LIB_VERSION #ifdef in jtransform_adjust_parameters() was incorrect, which caused a "Bogus virtual array access" error when attempting to use the lossless crop feature. Introduced in c04bd3cc97f44fd9030de1e141754c8775d4e5a5. This also adds libjpeg v7 API/ABI emulation to the Travis CI tests.

eb38b61b

2017-01-19T16:44:10

Include jpeg_skip/crop_scanlines() in jpeg7.dll ... when the in-memory source/destination managers are included. Oversight in 306e1d2d778cf5a4d2a22ac847a31722b9fc2845 and 3ab68cf563f6edc2608c085f5c8b2d5d5c61157e.

8a9b042b

2016-12-10T09:35:30

Merge branch 'master' into dev

786b6493

2016-12-05T12:39:49

Reorg AltiVec detection code + advertise that full AltiVec SIMD acceleration is now available on OpenBSD. The relevant compilers probably all support C99 or GNU's variation of C90 that allows variables to be declared anywhere, but our policy is to conform to the C90 standard, if for no other reason than that it improves code readability.

82bf7f58

2016-12-01T18:23:32

Fix md5cmp on AmigaOS 4 (PowerPC big-endian) + Document AmigaOS support in the change log. Based on: https://github.com/chris-y/libjpeg-turbo/commit/b4f3b757970cd9dd448af9d2713b6bcdd9929147 Closes #119

6abd3916

2016-11-15T08:47:43

Unified CMake-based build system See #56 for discussion. Fixes #21, Fixes #29, Fixes #37, Closes #56, Fixes #58, Closes #73 Obviates #82 See also: https://sourceforge.net/p/libjpeg-turbo/feature-requests/5/ https://sourceforge.net/p/libjpeg-turbo/patches/5/

0ff7da71

2016-11-16T15:55:12

Advertise the new AVX2 SIMD extensions (our story so far ...)

74e4c793

2016-11-16T15:08:16

TJBench: Fix regression/-nowrite always enabled Introduced by eb59b6e72d8098a1f7b8c7e0c710b32eb6f5dc45

7bfb22af

2016-09-26T17:59:14

Fix broken MIPS build Regression introduced by 9055fb408dcb585ce9392d395e16630d51002152 Fixes #104

dfefba77

2016-09-22T14:19:29

Fix broken build with NDK platforms < android-21 Regression introduced by a09ba29a55b9a43d346421210d94370065eeaf53 Fixes #103

cb88e5da

2016-09-20T21:06:24

ARM64 NEON: Fix another ABI conformance issue Based on https://github.com/mayeut/libjpeg-turbo/commit/98a5a9dc899aa9265858a3cbe0a96289a31a1322 with wordsmithing by DRC. In the AArch64 ABI, as in many others, it's forbidden to read/store data below the stack pointer. Some SIMD functions were doing just that (stack pointer misuse) when trying to preserve callee-saved registers, and this resulted in those registers being restored with incorrect contents under certain circumstances. This patch fixes that behavior, and callee-saved registers are now stored above the stack pointer throughout the function call. The patch also removes register saving in places where it is unnecessary for this ABI, or it makes use of unused scratch regiters instead of callee-saved registers. Fixes #97. Closes #101. Refer also to https://bugzilla.redhat.com/show_bug.cgi?id=1368569

077e5bb4

2016-09-08T21:49:02

Fix out-of-bounds write in partial decomp. feature Reported by Clang UBSan (refer to https://bugzilla.mozilla.org/show_bug.cgi?id=1301252 for test image.) This appears to be a legitimate bug introduced by 3ab68cf563f6edc2608c085f5c8b2d5d5c61157e. Any component array, such as first_MCU_col and last_MCU_col, should always be able to accommodate MAX_COMPONENTS values. The aforementioned test image had 8 components, which was not enough to make the out-of-bounds write bust out of the jpeg_decomp_master struct (and fortunately the memory after last_MCU_col is an integer used as a boolean, so stomping on it will do nothing other than change the decoder state.) I crafted another special image that has 10 components (the maximum allowable), but that was apparently not enough to bust out of the allocated memory, either. Thus, it is posited that the security threat posed by this bug is either extremely minimal or non-existent.

a1dd3568

2016-09-08T21:29:58

Silence additional UBSan warnings NOTE: The jdhuff.c/jdphuff.c warnings should have already been silenced by 8e9cef2e6f5156c4b055a04a8f979b7291fc6b7a, but apparently I need to be REALLY clear that I'm trying to do pointer arithmetic rather than dereference an array. Grrr... Refer to: https://bugzilla.mozilla.org/show_bug.cgi?id=1301250 https://bugzilla.mozilla.org/show_bug.cgi?id=1301256

a09ba29a

2016-09-07T16:40:10

Fix unsigned int overflow in libjpeg memory mgr. When attempting to decode a malformed JPEG image (refer to https://bugzilla.mozilla.org/show_bug.cgi?id=1295044) with dimensions 61472 x 32800, the maximum_space variable within the realize_virt_arrays() function will exceed the maximum value of a 32-bit integer and will wrap around. The memory manager subsequently fails with an "Insufficient memory" error (case 4, in alloc_large()), so this commit simply causes that error to be triggered earlier, before UBSan has a chance to complain. Note that this issue did not ever represent an exploitable security threat, because the POSIX-based memory manager that we use doesn't ever do anything meaningful with the value of maximum_space. jpeg_mem_available() simply sets avail_mem = maximum_space, so the subsequent behavior of the memory manager is the same regardless of whether maximum_space is correct or not. This commit simply removes a UBSan warning in order to make it easier to detect actual security issues.

8ce2c911

2016-08-01T11:22:24

TurboJPEG: Decomp. 4:2:2/4:4:0 JPEGs w/unusual SFs Normally, 4:2:2 JPEGs have horizontal x vertical luminance,chrominance sampling factors of 2x1,1x1, and 4:4:0 JPEGs have horizontal x vertical luminance,chrominance sampling factors of 1x2,1x1. However, it is technically legal to create 4:2:2 JPEGs with sampling factors of 2x2,1x2 and 4:4:0 JPEGs with sampling factors of 2x2,2x1, since the sums of the products of those sampling factors (2x2 + 1x2 + 1x2 and 2x2 + 2x1 + 2x1) are still <= 10. The libjpeg API correctly decodes such images, so the TurboJPEG API should as well. Fixes #92

7723d7f7

2016-07-13T20:39:11

Use plain upsampling if merged isn't accelerated Currently, this only affects ARM, since it is the only platform that accelerates YCbCr-to-RGB conversion but not merged upsampling. Even if "plain" upsampling isn't accelerated, the combination of accelerated color conversion + unaccelerated plain upsampling is still faster than the unaccelerated merged upsampling algorithms. Closes #81

628c168c

2016-07-10T19:01:51

Implement h1v2 fancy upsampling This allows fancy upsampling to be used when decompressing 4:2:2 images that have been losslessly rotated or transposed. (docs and comments added by DRC) Based on https://github.com/pornel/libjpeg-turbo/commit/f63aca945debde07e7c6476a1f667b71728c3d44 Closes #89

1120ff29

2016-07-13T12:15:02

Fix AArch64 ABI conformance issue in SIMD code In the AArch64 ABI, the high (unused) DWORD of a 32-bit argument's register is undefined, so it was incorrect to use 64-bit instructions to transfer a JDIMENSION argument in the 64-bit NEON SIMD functions. The code worked thus far only because the existing compiler optimizers weren't smart enough to do anything else with the register in question, so the upper 32 bits happened to be all zeroes. The latest builds of Clang/LLVM have a smarter optimizer, and under certain circumstances, it will attempt to load-combine adjacent 32-bit integers from one of the libjpeg structures into a single 64-bit integer and pass that 64-bit integer as a 32-bit argument to one of the SIMD functions (which is allowed by the ABI, since the upper 32 bits of the 32-bit argument's register are undefined.) This caused the libjpeg-turbo regression tests to crash. This patch tries to use the Wn registers whenever possible. Otherwise, it uses a zero-extend instruction to avoid using the upper 32 bits of the 64-bit registers, which are not guaranteed to be valid for 32-bit arguments. Based on https://github.com/sebpop/libjpeg-turbo/commit/1fbae13021eb98f6fffdfaf8678fcdb00b0b04d9 Closes #91. Refer also to android-ndk/ndk#110 and https://llvm.org/bugs/show_bug.cgi?id=28393

6e9d43e0

2016-07-06T16:58:28

Linux/PPC: Only enable AltiVec if CPU supports it This eliminates "illegal instruction" errors when running libjpeg-turbo under Linux on PowerPC chips that lack AltiVec support (e.g. the old 7XX/G3 models but also the newer e5500 series.)

9055fb40

2016-07-07T13:10:30

ARM/MIPS: Change the behavior of JSIMD_FORCE* The JSIMD_FORCE* environment variables previously meant "force the use of this instruction set if it is available but others are available as well", but that did nothing on ARM platforms, since there is only ever one instruction set available. Since the ARM and MIPS CPU feature detection code is less than bulletproof, and since there is only one SIMD instruction set (currently) supported on those platforms, it makes sense for the JSIMD_FORCE* environment variables on those platforms to actually force the use of the SIMD instruction set, thus bypassing the CPU feature detection code. This addresses a concern raised in #88 whereby parsing /proc/cpuinfo didn't work within a QEMU environment. This at least provides a workaround, allowing users to force-enable or force-disable SIMD instructions for ARM and MIPS builds of libjpeg-turbo.

68cf83db

2016-05-10T21:04:02

Don't allow opaque source/dest mgrs to be swapped Calling jpeg_stdio_dest() followed by jpeg_mem_dest(), or jpeg_mem_src() followed by jpeg_stdio_src(), is dangerous, because the existing opaque structure would not be big enough to accommodate the new source/dest manager. This issue was non-obvious to libjpeg-turbo consumers, since it was only documented in code comments. Furthermore, the issue could also occur if the source/dest manager was allocated by the calling program, but it was not allocated with enough space to accommodate the opaque stdio or memory source/dest manager structs. The safest thing to do is to throw an error if one of these functions is called when there is already a source/dest manager assigned to the object and it was allocated elsewhere. Closes #78, #79

5e576386

2016-05-02T12:31:51

ARMv7 SIMD: Fix clang compatibility By design, clang only supports Unified Assembler Language (and not pre-UAL syntax): https://llvm.org/bugs/show_bug.cgi?id=23507 http://infocenter.arm.com/help/index.jsp?topic=/com.arm.doc.dui0473c/BABJIHGJ.html Thus, clang only supports the strbeq instruction and not streqb, but unfortunately some versions of GCC only support streqb. Go, go Gadget #ifdef... Based on https://github.com/mattsarett/libjpeg-turbo/commit/a82e63aac63f8fa3 95fa4caad4de6859623ee2e2 Closes #75

1959e28b

2016-04-21T10:22:36

Increase severity of tjDecompressToYUV2() bug desc Actually, what happened was that the longjmp() call within my_error_exit() acted on the previous value of myerr->setjmp_buffer, which was probably set in a previous TurboJPEG function, such as tjInitDecompress(). Thus, when a libjpeg error was triggered within the body of tjDecompressToYUV2(), the PC jumped to the error handler of the previous TurboJPEG function, and this usually caused stack corruption in the calling program (because the signature and return type of the previous TurboJPEG function probably wasn't the same.)

dec79952

2016-04-20T11:27:42

Catch libjpeg errors in tjDecompressToYUV2() Even though tjDecompressToYUV2() is mostly just a wrapper for tjDecompressToYUVPlanes(), tjDecompressToYUV2() still calls jpeg_read_header(), so it needs to properly set up the libjpeg error handler prior to making this call. Otherwise, under very esoteric (and arguably incorrect) use cases, a program can call tjDecompressToYUV2() without first checking the JPEG header using tjDecompressHeader3(), and if the header is corrupt, tjDecompressToYUV2() will abort without triggering an error. Fixes #72

1a3aebd8

2016-03-31T10:02:44

Merge branch '1.4.x'

b2817f52

2016-03-16T07:18:30

Merge branch '1.4.x'

1385f8b2

2016-03-14T13:32:00

ChangeLog.md: Improve readability of plain text

a839a7a9

2016-03-13T16:24:48

Markdown version of ChangeLog.txt This will make it easier to crib ChangeLog information into release notes, since both SourceForge and GitHub support MD.

3f56bd59

2016-03-13T12:36:06

Rename ChangeLog.txt ... in preparation for creating a MarkDown version (Git will not preserve history unless you rename the file prior to modifying it.)

kc3-lang/libjpeg-turbo/ChangeLog.md

ChangeLog.md

Log