Update libjpeg-turbo to 9df5786f05c8be702f5a896b231c6e057847c18b.

Bug: chromium:995993 Change-Id: I09a1cb64384cf618f033289c259711fedbf92d5b
author: Peter Kasting <pkasting@chromium.org> 2021-07-09 07:13:34 -0700
committer: Peter Kasting <pkasting@chromium.org> 2021-07-09 07:13:34 -0700
commit: 2eb7e20a20524dd70806268e480a695fb9cdfe46 (patch)
tree: 6b79907837ba3e92a22f55ed9c21985edc84a5f7
parent: b7bef8c05b7cdb1a038ae271a2c2b6647af4c879 (diff)
download: libjpeg-turbo-2eb7e20a20524dd70806268e480a695fb9cdfe46.tar.gz
8 files changed, 42 insertions, 19 deletions
diff --git a/ChangeLog.md b/ChangeLog.md
index 498b8f27..ea0f9031 100644
--- a/ChangeLog.md
+++ b/ChangeLog.md
@@ -1,3 +1,12 @@
+2.1.1
+=====
+
+### Significant changes relative to 2.1.0
+
+1. Fixed a regression introduced in 2.1.0 that caused build failures with
+non-GCC-compatible compilers for Un*x/Arm platforms.
+
+
 2.1.0
 =====
 
@@ -284,15 +293,15 @@ JPEG images.  This was known to cause a buffer overflow when attempting to
 decompress some such images using `tjDecompressToYUV2()` or
 `tjDecompressToYUVPlanes()`.
 
-5. Fixed an issue, detected by ASan, whereby attempting to losslessly transform
-a specially-crafted malformed JPEG image containing an extremely-high-frequency
-coefficient block (junk image data that could never be generated by a
-legitimate JPEG compressor) could cause the Huffman encoder's local buffer to
-be overrun. (Refer to 1.4.0[9] and 1.4beta1[15].)  Given that the buffer
-overrun was fully contained within the stack and did not cause a segfault or
-other user-visible errant behavior, and given that the lossless transformer
-(unlike the decompressor) is not generally exposed to arbitrary data exploits,
-this issue did not likely pose a security risk.
+5. Fixed an issue (CVE-2020-17541), detected by ASan, whereby attempting to
+losslessly transform a specially-crafted malformed JPEG image containing an
+extremely-high-frequency coefficient block (junk image data that could never be
+generated by a legitimate JPEG compressor) could cause the Huffman encoder's
+local buffer to be overrun. (Refer to 1.4.0[9] and 1.4beta1[15].)  Given that
+the buffer overrun was fully contained within the stack and did not cause a
+segfault or other user-visible errant behavior, and given that the lossless
+transformer (unlike the decompressor) is not generally exposed to arbitrary
+data exploits, this issue did not likely pose a security risk.
 
 6. The Arm 64-bit (Armv8) Neon SIMD assembly code now stores constants in a
 separate read-only data section rather than in the text section, to support
diff --git a/README.chromium b/README.chromium
index d260cb2c..7dda13b9 100644
--- a/README.chromium
+++ b/README.chromium
@@ -1,6 +1,6 @@
 Name: libjpeg-turbo
 URL: https://github.com/libjpeg-turbo/libjpeg-turbo/
-Version: 2.1.0
+Version: 9df5786f05c8be702f5a896b231c6e057847c18b (post 2.1.0)
 License: Custom license
 License File: LICENSE.md
 Security Critical: yes
@@ -8,7 +8,7 @@ License Android Compatible: yes
 
 Description:
 This consists of the components:
-* libjpeg-turbo 2.1.0
+* libjpeg-turbo 9df5786f05c8be702f5a896b231c6e057847c18b (post 2.1.0)
 * This file (README.chromium)
 * A build file (BUILD.gn)
 * An OWNERS file
diff --git a/jchuff.c b/jchuff.c
index 2bce767e..8ff817b1 100644
--- a/jchuff.c
+++ b/jchuff.c
@@ -44,8 +44,9 @@
  * flags (this defines __thumb__).
  */
 
-#if defined(__arm__) || defined(__aarch64__) || defined(_M_ARM) || \
-    defined(_M_ARM64)
+/* NOTE: Both GCC and Clang define __GNUC__ */
+#if (defined(__GNUC__) && (defined(__arm__) || defined(__aarch64__))) || \
+    defined(_M_ARM) || defined(_M_ARM64)
 #if !defined(__thumb__) || defined(__thumb2__)
 #define USE_CLZ_INTRINSIC
 #endif
diff --git a/jcmaster.c b/jcmaster.c
index 998dc40a..c2b26000 100644
--- a/jcmaster.c
+++ b/jcmaster.c
@@ -493,7 +493,7 @@ prepare_for_pass(j_compress_ptr cinfo)
     master->pass_type = output_pass;
     master->pass_number++;
 #endif
-    /*FALLTHROUGH*/
+    FALLTHROUGH                 /*FALLTHROUGH*/
   case output_pass:
     /* Do a data-output pass. */
     /* We need not repeat per-scan setup if prior optimization pass did it. */
diff --git a/jconfigint.h.in b/jconfigint.h.in
index 68cbc2a5..d087d7b5 100644
--- a/jconfigint.h.in
+++ b/jconfigint.h.in
@@ -32,3 +32,13 @@
 #define HAVE_BITSCANFORWARD
 #endif
 #endif
+
+#if defined(__has_attribute)
+#if __has_attribute(fallthrough)
+#define FALLTHROUGH  __attribute__((fallthrough));
+#else
+#define FALLTHROUGH
+#endif
+#else
+#define FALLTHROUGH
+#endif
diff --git a/jcphuff.c b/jcphuff.c
index bd14fc27..9bf96124 100644
--- a/jcphuff.c
+++ b/jcphuff.c
@@ -52,8 +52,9 @@
  * flags (this defines __thumb__).
  */
 
-#if defined(__arm__) || defined(__aarch64__) || defined(_M_ARM) || \
-    defined(_M_ARM64)
+/* NOTE: Both GCC and Clang define __GNUC__ */
+#if (defined(__GNUC__) && (defined(__arm__) || defined(__aarch64__))) || \
+    defined(_M_ARM) || defined(_M_ARM64)
 #if !defined(__thumb__) || defined(__thumb2__)
 #define USE_CLZ_INTRINSIC
 #endif
diff --git a/jdapimin.c b/jdapimin.c
index 21a41d2e..4609b132 100644
--- a/jdapimin.c
+++ b/jdapimin.c
@@ -23,6 +23,7 @@
 #include "jinclude.h"
 #include "jpeglib.h"
 #include "jdmaster.h"
+#include "jconfigint.h"
 
 
 /*
@@ -308,7 +309,7 @@ jpeg_consume_input(j_decompress_ptr cinfo)
     /* Initialize application's data source module */
     (*cinfo->src->init_source) (cinfo);
     cinfo->global_state = DSTATE_INHEADER;
-    /*FALLTHROUGH*/
+    FALLTHROUGH                 /*FALLTHROUGH*/
   case DSTATE_INHEADER:
     retcode = (*cinfo->inputctl->consume_input) (cinfo);
     if (retcode == JPEG_REACHED_SOS) { /* Found SOS, prepare to decompress */
diff --git a/jdmainct.c b/jdmainct.c
index 50301d6b..f466b259 100644
--- a/jdmainct.c
+++ b/jdmainct.c
@@ -18,6 +18,7 @@
 
 #include "jinclude.h"
 #include "jdmainct.h"
+#include "jconfigint.h"
 
 
 /*
@@ -360,7 +361,7 @@ process_data_context_main(j_decompress_ptr cinfo, JSAMPARRAY output_buf,
     main_ptr->context_state = CTX_PREPARE_FOR_IMCU;
     if (*out_row_ctr >= out_rows_avail)
       return;                   /* Postprocessor exactly filled output buf */
-    /*FALLTHROUGH*/
+    FALLTHROUGH                 /*FALLTHROUGH*/
   case CTX_PREPARE_FOR_IMCU:
     /* Prepare to process first M-1 row groups of this iMCU row */
     main_ptr->rowgroup_ctr = 0;
@@ -371,7 +372,7 @@ process_data_context_main(j_decompress_ptr cinfo, JSAMPARRAY output_buf,
     if (main_ptr->iMCU_row_ctr == cinfo->total_iMCU_rows)
       set_bottom_pointers(cinfo);
     main_ptr->context_state = CTX_PROCESS_IMCU;
-    /*FALLTHROUGH*/
+    FALLTHROUGH                 /*FALLTHROUGH*/
   case CTX_PROCESS_IMCU:
     /* Call postprocessor using previously set pointers */
     (*cinfo->post->post_process_data) (cinfo,
author	Peter Kasting <pkasting@chromium.org>	2021-07-09 07:13:34 -0700
committer	Peter Kasting <pkasting@chromium.org>	2021-07-09 07:13:34 -0700
commit	2eb7e20a20524dd70806268e480a695fb9cdfe46 (patch)
tree	6b79907837ba3e92a22f55ed9c21985edc84a5f7
parent	b7bef8c05b7cdb1a038ae271a2c2b6647af4c879 (diff)
download	libjpeg-turbo-2eb7e20a20524dd70806268e480a695fb9cdfe46.tar.gz