1. 25 Aug, 2020 2 commits
  2. 24 Aug, 2020 3 commits
  3. 22 Aug, 2020 2 commits
  4. 21 Aug, 2020 9 commits
  5. 19 Aug, 2020 1 commit
  6. 18 Aug, 2020 6 commits
  7. 10 Aug, 2020 1 commit
  8. 09 Aug, 2020 2 commits
    • Even Rouault's avatar
      8c4d5da8
    • Even Rouault's avatar
      JBIG2: avoid abort() on large memory allocation · 9e853438
      Even Rouault authored
      Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=24772
      
      When numInputSyms + numNewSyms is large enough, a fatal out of memory
      allocation can occur in JArithmeticDecoderStats() constructor per
      
      ```
          #0 0xf7f6bf19 in [vdso]
          #1 0xf7d40d08 in gsignal (/lib32/libc.so.6+0x2bd08)
          #2 0xf7d42206 in abort (/lib32/libc.so.6+0x2d206)
          #3 0xbdc0049 in gmalloc(unsigned int, bool) gdal/poppler/goo/gmem.h:52:5
          #4 0xbdf3c61 in gmallocn(int, int, bool) gdal/poppler/goo/gmem.h:119:12
          #5 0xc1391fd in JArithmeticDecoderStats::JArithmeticDecoderStats(int) gdal/poppler/poppler/JArithmeticDecoder.cc:36:30
          #6 0xc1130d5 in JBIG2Stream::resetIntStats(int) gdal/poppler/poppler/JBIG2Stream.cc:4052:25
          #7 0xc1083df in JBIG2Stream::readSymbolDictSeg(unsigned int, unsigned int, unsigned int*, unsigned int) gdal/poppler/poppler/JBIG2Stream.cc:1624:9
          #8 0xc105305 in JBIG2Stream::readSegments() gdal/poppler/poppler/JBIG2Stream.cc:1318:18
          #9 0xc103f5a in JBIG2Stream::reset() gdal/poppler/poppler/JBIG2Stream.cc:1142:5
      ```
      
      Avoid it and return nicely.
      9e853438
  9. 08 Aug, 2020 2 commits
  10. 03 Aug, 2020 2 commits
  11. 02 Aug, 2020 4 commits
  12. 01 Aug, 2020 1 commit
  13. 20 Jul, 2020 1 commit
  14. 18 Jul, 2020 1 commit
  15. 17 Jul, 2020 1 commit
  16. 16 Jul, 2020 2 commits