diff options
author | Kinan Hakim <kinan@google.com> | 2016-01-25 17:34:19 +0100 |
---|---|---|
committer | Kinan Hakim <kinan@google.com> | 2016-01-25 18:23:24 +0100 |
commit | 2bef8b90e267af3a2b74301eb415d0a5d04657fa (patch) | |
tree | f2ba0ef0d8246fc797aca7070b8e3dba5cf70136 | |
parent | 671e9caebb6a6d5580ae9bd7676c09501715b6f8 (diff) | |
download | dng_sdk-2bef8b90e267af3a2b74301eb415d0a5d04657fa.tar.gz |
Fix and avoid some integer overflows
Change-Id: I479a2b3bff0a0aeaa4f54e1b45226998b4d99775
-rw-r--r-- | source/dng_bad_pixels.cpp | 5 | ||||
-rw-r--r-- | source/dng_bad_pixels.h | 5 | ||||
-rw-r--r-- | source/dng_date_time.cpp | 5 | ||||
-rw-r--r-- | source/dng_date_time.h | 2 | ||||
-rw-r--r-- | source/dng_hue_sat_map.cpp | 5 | ||||
-rw-r--r-- | source/dng_ifd.cpp | 15 | ||||
-rw-r--r-- | source/dng_info.cpp | 15 | ||||
-rw-r--r-- | source/dng_lens_correction.cpp | 31 | ||||
-rw-r--r-- | source/dng_linearization_info.cpp | 4 | ||||
-rw-r--r-- | source/dng_misc_opcodes.cpp | 10 | ||||
-rw-r--r-- | source/dng_negative.cpp | 5 | ||||
-rw-r--r-- | source/dng_point.h | 5 | ||||
-rw-r--r-- | source/dng_read_image.cpp | 12 | ||||
-rw-r--r-- | source/dng_render.cpp | 2 | ||||
-rw-r--r-- | source/dng_resample.cpp | 8 | ||||
-rw-r--r-- | source/dng_shared.cpp | 5 | ||||
-rw-r--r-- | source/dng_stream.cpp | 12 | ||||
-rw-r--r-- | source/dng_string.cpp | 5 | ||||
-rw-r--r-- | source/dng_utils.h | 5 |
19 files changed, 136 insertions, 20 deletions
diff --git a/source/dng_bad_pixels.cpp b/source/dng_bad_pixels.cpp index 920acd6..77012a4 100644 --- a/source/dng_bad_pixels.cpp +++ b/source/dng_bad_pixels.cpp @@ -589,6 +589,11 @@ dng_opcode_FixBadPixelsList::dng_opcode_FixBadPixelsList /*****************************************************************************/
+#if defined(__clang__) && defined(__has_attribute)
+#if __has_attribute(no_sanitize)
+__attribute__((no_sanitize("unsigned-integer-overflow")))
+#endif
+#endif
dng_opcode_FixBadPixelsList::dng_opcode_FixBadPixelsList (dng_stream &stream)
: dng_filter_opcode (dngOpcode_FixBadPixelsList,
diff --git a/source/dng_bad_pixels.h b/source/dng_bad_pixels.h index 8716f1c..d8e5cdf 100644 --- a/source/dng_bad_pixels.h +++ b/source/dng_bad_pixels.h @@ -78,6 +78,11 @@ class dng_opcode_FixBadPixelsConstant: public dng_filter_opcode protected:
+#if defined(__clang__) && defined(__has_attribute)
+#if __has_attribute(no_sanitize)
+__attribute__((no_sanitize("unsigned-integer-overflow")))
+#endif
+#endif
bool IsGreen (int32 row, int32 col) const
{
return (((uint32) row + (uint32) col + fBayerPhase + (fBayerPhase >> 1)) & 1) == 0;
diff --git a/source/dng_date_time.cpp b/source/dng_date_time.cpp index 53a911a..e7175b8 100644 --- a/source/dng_date_time.cpp +++ b/source/dng_date_time.cpp @@ -103,6 +103,11 @@ void dng_date_time::Clear () /*****************************************************************************/ +#if defined(__clang__) && defined(__has_attribute) +#if __has_attribute(no_sanitize) +__attribute__((no_sanitize("unsigned-integer-overflow"))) +#endif +#endif static uint32 DateTimeParseU32 (const char *&s) { diff --git a/source/dng_date_time.h b/source/dng_date_time.h index 3f923f2..6f9f0ba 100644 --- a/source/dng_date_time.h +++ b/source/dng_date_time.h @@ -149,7 +149,7 @@ class dng_time_zone void SetOffsetHours (int32 offset)
{
- fOffsetMinutes = offset * 60;
+ fOffsetMinutes = (int32) ((int64) offset * 60);
}
void SetOffsetMinutes (int32 offset)
diff --git a/source/dng_hue_sat_map.cpp b/source/dng_hue_sat_map.cpp index e6fa36a..92a0e1e 100644 --- a/source/dng_hue_sat_map.cpp +++ b/source/dng_hue_sat_map.cpp @@ -97,6 +97,11 @@ dng_hue_sat_map::~dng_hue_sat_map () /*****************************************************************************/
+#if defined(__clang__) && defined(__has_attribute)
+#if __has_attribute(no_sanitize)
+__attribute__((no_sanitize("unsigned-integer-overflow")))
+#endif
+#endif
void dng_hue_sat_map::SetDivisions (uint32 hueDivisions,
uint32 satDivisions,
uint32 valDivisions)
diff --git a/source/dng_ifd.cpp b/source/dng_ifd.cpp index d2086f0..8fc9001 100644 --- a/source/dng_ifd.cpp +++ b/source/dng_ifd.cpp @@ -256,6 +256,11 @@ dng_ifd::~dng_ifd () /*****************************************************************************/
+#if defined(__clang__) && defined(__has_attribute)
+#if __has_attribute(no_sanitize)
+__attribute__((no_sanitize("unsigned-integer-overflow")))
+#endif
+#endif
// Parses tags that should only appear in IFDs that contain images.
bool dng_ifd::ParseTag (dng_stream &stream,
@@ -2717,6 +2722,11 @@ bool dng_ifd::IsValidCFA (dng_shared &shared, /*****************************************************************************/
+#if defined(__clang__) && defined(__has_attribute)
+#if __has_attribute(no_sanitize)
+__attribute__((no_sanitize("unsigned-integer-overflow")))
+#endif
+#endif
bool dng_ifd::IsValidDNG (dng_shared &shared,
uint32 parentCode)
{
@@ -4051,6 +4061,11 @@ dng_rect dng_ifd::TileArea (uint32 rowIndex, /*****************************************************************************/
+#if defined(__clang__) && defined(__has_attribute)
+#if __has_attribute(no_sanitize)
+__attribute__((no_sanitize("unsigned-integer-overflow")))
+#endif
+#endif
uint32 dng_ifd::TileByteCount (const dng_rect &tile) const
{
diff --git a/source/dng_info.cpp b/source/dng_info.cpp index 916de84..d6bd360 100644 --- a/source/dng_info.cpp +++ b/source/dng_info.cpp @@ -334,6 +334,11 @@ void dng_info::ParseTag (dng_host &host, /*****************************************************************************/
+#if defined(__clang__) && defined(__has_attribute)
+#if __has_attribute(no_sanitize)
+__attribute__((no_sanitize("unsigned-integer-overflow")))
+#endif
+#endif
bool dng_info::ValidateIFD (dng_stream &stream,
uint64 ifdOffset,
int64 offsetDelta)
@@ -657,6 +662,11 @@ void dng_info::ParseIFD (dng_host &host, /*****************************************************************************/
+#if defined(__clang__) && defined(__has_attribute)
+#if __has_attribute(no_sanitize)
+__attribute__((no_sanitize("unsigned-integer-overflow")))
+#endif
+#endif
bool dng_info::ParseMakerNoteIFD (dng_host &host,
dng_stream &stream,
uint64 ifdSize,
@@ -1417,6 +1427,11 @@ void dng_info::ParseSonyPrivateData (dng_host & /* host */, /*****************************************************************************/
+#if defined(__clang__) && defined(__has_attribute)
+#if __has_attribute(no_sanitize)
+__attribute__((no_sanitize("unsigned-integer-overflow")))
+#endif
+#endif
void dng_info::ParseDNGPrivateData (dng_host &host,
dng_stream &stream)
{
diff --git a/source/dng_lens_correction.cpp b/source/dng_lens_correction.cpp index 244ffb7..5afda9f 100644 --- a/source/dng_lens_correction.cpp +++ b/source/dng_lens_correction.cpp @@ -1111,6 +1111,11 @@ void dng_filter_warp::Initialize (dng_host &host) /*****************************************************************************/ +#if defined(__clang__) && defined(__has_attribute) +#if __has_attribute(no_sanitize) +__attribute__((no_sanitize("float-cast-overflow"))) +#endif +#endif dng_rect dng_filter_warp::SrcArea (const dng_rect &dstArea) { @@ -1201,13 +1206,13 @@ dng_rect dng_filter_warp::SrcArea (const dng_rect &dstArea) const int32 pad = (int32) fWeights.Radius (); - xMin -= pad; - yMin -= pad; - xMax += pad; - yMax += pad; + xMin = (int32) ((int64) xMin - (int64)pad); + yMin = (int32) ((int64) yMin - (int64)pad); + xMax = (int32) ((int64) xMax + (int64)pad); + yMax = (int32) ((int64) yMax + (int64)pad); - xMax += 1; - yMax += 1; + xMax = (int32) ((int64) xMax + 1); + yMax = (int32) ((int64) yMax + 1); const dng_rect srcArea (yMin, xMin, @@ -1220,6 +1225,11 @@ dng_rect dng_filter_warp::SrcArea (const dng_rect &dstArea) /*****************************************************************************/ +#if defined(__clang__) && defined(__has_attribute) +#if __has_attribute(no_sanitize) +__attribute__((no_sanitize("float-cast-overflow"))) +#endif +#endif dng_point dng_filter_warp::SrcTileSize (const dng_point &dstTileSize) { @@ -1280,8 +1290,8 @@ dng_point dng_filter_warp::SrcTileSize (const dng_point &dstTileSize) // Add the two bounds together. - srcTileSize.v += (int32) ceil (srcTanGap.v * fNormRadius); - srcTileSize.h += (int32) ceil (srcTanGap.h * fNormRadius); + srcTileSize.v = (int32) ((real64) srcTileSize.v + (real64) ceil (srcTanGap.v * fNormRadius)); + srcTileSize.h = (int32) ((real64) srcTileSize.h + (real64) ceil (srcTanGap.h * fNormRadius)); return srcTileSize; @@ -1289,6 +1299,11 @@ dng_point dng_filter_warp::SrcTileSize (const dng_point &dstTileSize) /*****************************************************************************/ +#if defined(__clang__) && defined(__has_attribute) +#if __has_attribute(no_sanitize) +__attribute__((no_sanitize("float-cast-overflow"))) +#endif +#endif void dng_filter_warp::ProcessArea (uint32 /* threadIndex */, dng_pixel_buffer &srcBuffer, dng_pixel_buffer &dstBuffer) diff --git a/source/dng_linearization_info.cpp b/source/dng_linearization_info.cpp index 95fa493..27bc457 100644 --- a/source/dng_linearization_info.cpp +++ b/source/dng_linearization_info.cpp @@ -687,7 +687,7 @@ void dng_linearize_plane::Process (const dng_rect &srcTile) uint16 *dstPtr = (uint16 *) dPtr; - b1 -= 128; // Rounding for 8 bit shift + b1 = (int32) ((int64) b1 - (int64) 128); // Rounding for 8 bit shift if (fSrcPixelType == ttByte) { @@ -735,7 +735,7 @@ void dng_linearize_plane::Process (const dng_rect &srcTile) if (b2_count) { - x -= b2 [b2_phase]; + x = (int32) ((int64)x - b2 [b2_phase]); if (++b2_phase == b2_count) { diff --git a/source/dng_misc_opcodes.cpp b/source/dng_misc_opcodes.cpp index 944ec8a..ca7ba8f 100644 --- a/source/dng_misc_opcodes.cpp +++ b/source/dng_misc_opcodes.cpp @@ -201,6 +201,11 @@ void dng_area_spec::PutData (dng_stream &stream) const /*****************************************************************************/ +#if defined(__clang__) && defined(__has_attribute) +#if __has_attribute(no_sanitize) +__attribute__((no_sanitize("unsigned-integer-overflow"))) +#endif +#endif dng_rect dng_area_spec::Overlap (const dng_rect &tile) const { @@ -463,6 +468,11 @@ dng_opcode_MapPolynomial::dng_opcode_MapPolynomial (const dng_area_spec &areaSpe /*****************************************************************************/ +#if defined(__clang__) && defined(__has_attribute) +#if __has_attribute(no_sanitize) +__attribute__((no_sanitize("unsigned-integer-overflow"))) +#endif +#endif dng_opcode_MapPolynomial::dng_opcode_MapPolynomial (dng_stream &stream) : dng_inplace_opcode (dngOpcode_MapPolynomial, diff --git a/source/dng_negative.cpp b/source/dng_negative.cpp index ed106d7..ab63e5d 100644 --- a/source/dng_negative.cpp +++ b/source/dng_negative.cpp @@ -4158,6 +4158,11 @@ void dng_negative::DoBuildStage3 (dng_host &host, /*****************************************************************************/ +#if defined(__clang__) && defined(__has_attribute) +#if __has_attribute(no_sanitize) +__attribute__((no_sanitize("unsigned-integer-overflow"))) +#endif +#endif void dng_negative::BuildStage3Image (dng_host &host, int32 srcPlane) { diff --git a/source/dng_point.h b/source/dng_point.h index 476a71d..66e3ec9 100644 --- a/source/dng_point.h +++ b/source/dng_point.h @@ -109,6 +109,11 @@ class dng_point_real64 /*****************************************************************************/
+#if defined(__clang__) && defined(__has_attribute)
+#if __has_attribute(no_sanitize)
+__attribute__((no_sanitize("signed-integer-overflow")))
+#endif
+#endif
inline dng_point operator+ (const dng_point &a,
const dng_point &b)
diff --git a/source/dng_read_image.cpp b/source/dng_read_image.cpp index 343f947..b2f6dd4 100644 --- a/source/dng_read_image.cpp +++ b/source/dng_read_image.cpp @@ -1171,6 +1171,11 @@ dng_read_image::~dng_read_image () /*****************************************************************************/ +#if defined(__clang__) && defined(__has_attribute) +#if __has_attribute(no_sanitize) +__attribute__((no_sanitize("unsigned-integer-overflow"))) +#endif +#endif bool dng_read_image::ReadUncompressed (dng_host &host, const dng_ifd &ifd, dng_stream &stream, @@ -1392,7 +1397,7 @@ bool dng_read_image::ReadUncompressed (dng_host &host, uint32 *p = (uint32 *) uncompressedBuffer->Buffer (); - uint32 bitMask = (1 << bitDepth) - 1; + uint32 bitMask = ((uint32)1 << bitDepth) - 1; for (uint32 row = 0; row < rows; row++) { @@ -1804,6 +1809,11 @@ bool dng_read_image::ReadBaselineJPEG (dng_host &host, /*****************************************************************************/ +#if defined(__clang__) && defined(__has_attribute) +#if __has_attribute(no_sanitize) +__attribute__((no_sanitize("unsigned-integer-overflow"))) +#endif +#endif bool dng_read_image::ReadLosslessJPEG (dng_host &host, const dng_ifd &ifd, dng_stream &stream, diff --git a/source/dng_render.cpp b/source/dng_render.cpp index 42a3627..bd8d0f8 100644 --- a/source/dng_render.cpp +++ b/source/dng_render.cpp @@ -34,7 +34,7 @@ dng_function_exposure_ramp::dng_function_exposure_ramp (real64 white, real64 black, real64 minBlack) - : fSlope (1.0 / (white - black)) + : fSlope ((white == black) ? 1.0f : 1.0 / (white - black)) , fBlack (black) , fRadius (0.0) diff --git a/source/dng_resample.cpp b/source/dng_resample.cpp index a546c04..5bb05d9 100644 --- a/source/dng_resample.cpp +++ b/source/dng_resample.cpp @@ -542,8 +542,8 @@ dng_resample_task::dng_resample_task (const dng_image &srcImage, , fKernel (kernel) - , fRowScale (dstBounds.H () / (real64) srcBounds.H ()) - , fColScale (dstBounds.W () / (real64) srcBounds.W ()) + , fRowScale ((srcBounds.H () != 0) ? dstBounds.H () / (real64) srcBounds.H () : 0) + , fColScale ((srcBounds.W () != 0) ? dstBounds.W () / (real64) srcBounds.W () : 0) , fRowCoords () , fColCoords () @@ -554,6 +554,10 @@ dng_resample_task::dng_resample_task (const dng_image &srcImage, , fSrcTileSize () { + if (fRowScale == 0 || fColScale == 0) + { + ThrowBadFormat (); + } if (srcImage.PixelSize () <= 2 && dstImage.PixelSize () <= 2 && diff --git a/source/dng_shared.cpp b/source/dng_shared.cpp index db599b9..5384116 100644 --- a/source/dng_shared.cpp +++ b/source/dng_shared.cpp @@ -1028,6 +1028,11 @@ bool dng_camera_profile_info::ParseTag (dng_stream &stream, /*****************************************************************************/ +#if defined(__clang__) && defined(__has_attribute) +#if __has_attribute(no_sanitize) +__attribute__((no_sanitize("unsigned-integer-overflow"))) +#endif +#endif bool dng_camera_profile_info::ParseExtended (dng_stream &stream) { diff --git a/source/dng_stream.cpp b/source/dng_stream.cpp index 5071799..f8548db 100644 --- a/source/dng_stream.cpp +++ b/source/dng_stream.cpp @@ -900,12 +900,14 @@ dng_urational dng_stream::TagValue_urational (uint32 tagType) if (d < 0)
{
- n = -n;
- d = -d;
+ result.n = (uint32) ((int64) n * -1);
+ result.d = (uint32) ((int64) d * -1);
+ }
+ else
+ {
+ result.n = (uint32) n;
+ result.d = (uint32) d;
}
-
- result.n = (uint32) n;
- result.d = (uint32) d;
}
diff --git a/source/dng_string.cpp b/source/dng_string.cpp index 6c14416..af8514d 100644 --- a/source/dng_string.cpp +++ b/source/dng_string.cpp @@ -901,6 +901,11 @@ void dng_string::Set_JIS_X208_1990 (const char *s) /*****************************************************************************/ +#if defined(__clang__) && defined(__has_attribute) +#if __has_attribute(no_sanitize) +__attribute__((no_sanitize("unsigned-integer-overflow"))) +#endif +#endif uint32 dng_string::DecodeUTF8 (const char *&s, uint32 maxBytes, bool *isValid) diff --git a/source/dng_utils.h b/source/dng_utils.h index d74ffb4..218831d 100644 --- a/source/dng_utils.h +++ b/source/dng_utils.h @@ -467,6 +467,11 @@ inline real64 Lerp_real64 (real64 a, real64 b, real64 t) /*****************************************************************************/ +#if defined(__clang__) && defined(__has_attribute) +#if __has_attribute(no_sanitize) +__attribute__((no_sanitize("float-cast-overflow"))) +#endif +#endif inline int32 Round_int32 (real32 x) { |