| Age | Commit message (Collapse) | Author |
|---|
|
|
|
This fixes an issue where a corrupted LZW code can result in the first
element of an empty buffer being accessed.
Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=27863
|
|
Let's just say no to shenanigans by capping images at 16384 pixels both
wide and tall. If a day comes in the future where we need to handle
images larger than this, we can deal with it then.
|
|
It was possible to go outside the interlacing row strid/offset arrays.
Just fail the decode if this is about to happen. I've added a FIXME
about rejecting such images earlier, since it's a bit sad to only do
this once we realize the pass index is about to overflow.
Found by oss-fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28239
|
|
We don't need to wait for oss-fuzz to find this for us. :^)
|
|
Not yet found by oss-fuzz, but I hit it a while ago when running
FuzzGIFLoader locally.
|
|
Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=27913
and https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=27873
|
|
No behavior change.
|
|
|
|
If we try to read a sentinel byte but the stream is fresh out of data,
we have to take care of the stream error and bail out right away, or
we'll hit an assertion when exiting the function soon after.
Fixes #3486.
|
|
|
|
GIFLoader now tracks the state of errors during the decoding process
and will fall back to displaying the first frame of the GIF if any of
the subsequent frames fail to decode.
|
|
This fixes a crash when a GIF frame extends beyond the limits of the
logical screen, causing writes past the end of the frame buffer
|
|
|
|
This prevents frame() from modifying the contents of the same bitmap
that was returned from previous calls to frame()
|
|
|
|
|
|
|
|
|
|
GIFLoader now uses a single frame buffer to cache the last decoded
frame. This drastically reduces memory usage at the small expense of
re-decoding frames on each loop.
|
|
|
|
RestoreBackground disposal mode is now a transparent fill to allow
background to show through.
RestorePrevious disposal mode now restores the previous frame.
|
|
|
|
|
|
The disposal method on a GIF animation frame now correctly applies to
rendering of the next frame.
|
|
This fixes an issue where transparent pixels in GIF animation frames
have their alpha values incorrectly set to zero, allowing the
background behind the GIF to show through, instead of the previous
animation frame.
Additionally, transparent pixels are now correctly identified based on
their index matching the image transparency index, instead of their
color values.
|
|
This enables a nice warning in case a function becomes dead code.
|
|
|
|
This function did a const_cast internally which made the call side look
"safe". This method is removed completely and call sites are replaced
with ByteBuffer::wrap(const_cast<void*>(data), size) which makes the
behaviour obvious.
|
|
This reverts commit dc12cbca41b8b667ae7ced1066647d47186d1557.
Sadly this broke the build due to some confusion about <new>.
Reverting until this can be solved fully.
|
|
This makes Lagom pick up the host math.h, which is what we want.
|
|
They are dependencies of LibWeb and might be useful for
running test-web on GitHub actions one day.
|
|
|
|
This fits nicer with FloatRect,FloatPoint,FloatSize and gives a much
better visual clue about what type of metric is being used.
|
|
And move canonicalized_path() to a static method on LexicalPath.
This is to make it clear that FileSystemPath/canonicalized_path() only
perform *lexical* canonicalization.
|
|
GIFImageDecoderPlugin now lazily decodes GIF frames as they are
requested.
|
|
Various optimisations to speed up LZWDecoder
- Take advantage of the fact that we add new codes in the order they are
discovered so no need to store the code as part of a separate
CodeTableEntry structure. Instead we store directly store vectors of
colors and the code is the index into the vector.
- Cache current table capacity to avoid calling pow2 every time.
- Prevent some unnecessary vector copies by returning by reference from
get_output.
|
|
Adds methods to determine whether an image is animated, how many times
the animation loops, the number of frames, and to get individual frames.
Implements stubs of these methods for PNGImageDecoderPlugin and
GIFImageDecoderPlugin.
|
|
The LZW decode step will now copy and pad LZW data out to 4 bytes if there are
less than 4 bytes remaining in the buffer. This means it will now also work when
the total size of the LZW image data is less than 4 bytes.
|
|
|
|
|
|
|
|
The sniff method is intended to be used for content sniffing. It should be a
cheap test to rapidly rule out whether a candidate image can be successfully
decoded. For the GIF and PNG implementations it simply attempts to decode the
image header, returning true if successful and false if not.
|
|
|
|
|
|
Also:
- Define the GIFLoadingContext structure.
- The load_gif_impl function now returns load operation success, and takes a
reference to a GIFLoadingContext as input.
- Implement GIFImageDecoderPlugin::bitmap which calls onto load_gif_impl.
|
|
Add an LZWDecoder class that can decode GIF LZW data.
|
|
|
|
|
|
The not initialized variables can lead to compiler warnings that
become errors with the -Werror flag.
|
