Merged many changes contributed by Michael Vetter and Max Kellermann

that fix many outstanding issues in JasPer (including many CVEs).
jasper-software · Jul 18, 2020 · 3b9c307 · 3b9c307
1 parent 9aef6d9
commit 3b9c307
Show file tree

Hide file tree

Showing 101 changed files with 1,343 additions and 1,427 deletions.
diff --git a/CMakeLists.txt b/CMakeLists.txt
@@ -8,6 +8,8 @@ set(CMAKE_MODULE_PATH
 # This include should be placed as early as possible.
 include(InSourceBuild)
 
+include(CheckCCompilerFlag)
+
 ################################################################################
 # Version information.
 ################################################################################
@@ -76,7 +78,6 @@ include(CheckFunctionExists)
 include(CheckCSourceCompiles)
 include(CTest)
 include(Sanitizers)
-include(EnableAssertions)
 
 cmake_policy(SET CMP0012 NEW)
 
@@ -85,6 +86,8 @@ cmake_policy(SET CMP0012 NEW)
 ################################################################################
 
 option(JAS_ENABLE_SHARED "Enable building of shared library" true)
+option(JAS_ENABLE_HIDDEN "Hide internal symbols" false)
+option(JAS_ENABLE_32BIT "Use 32 bit integers on 64 bit CPUs" false)
 option(JAS_ENABLE_LIBJPEG "Enable the use of the JPEG Library" true)
 option(JAS_ENABLE_OPENGL "Enable the use of the OpenGL/GLUT Library" true)
 option(JAS_ENABLE_STRICT "Enable pedantic error checking" false)
@@ -195,6 +198,25 @@ if (JAS_STRICT)
 	set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -W -Wformat -Wmissing-prototypes -Wstrict-prototypes")
 endif()
 
+if (JAS_ENABLE_HIDDEN AND NOT WIN32)
+	# don't export internal symbols
+	check_c_compiler_flag("-fvisibility=hidden" JAS_HAVE_VISIBILITY)
+	if (JAS_HAVE_VISIBILITY)
+		set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fvisibility=hidden -DJAS_HAVE_VISIBILITY")
+	endif()
+
+	if (NOT (CMAKE_BUILD_TYPE MATCHES "Debug"))
+		# remove unused internal symbols
+		check_c_compiler_flag("-ffunction-sections" HAVE_FUNCTION_SECTIONS)
+		check_c_compiler_flag("-fdata-sections" HAVE_DATA_SECTIONS)
+		check_c_compiler_flag("-Wl,--gc-sections" HAVE_GC_SECTIONS)
+
+		if (HAVE_FUNCTION_SECTIONS AND HAVE_DATA_SECTIONS AND HAVE_GC_SECTIONS)
+			set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -ffunction-sections -fdata-sections -Wl,--gc-sections")
+		endif()
+	endif()
+endif()
+
 ################################################################################
 # Perform plaform checks.
 ################################################################################
@@ -227,8 +249,12 @@ check_function_exists(getrusage JAS_HAVE_GETRUSAGE)
 # Check for the JPEG library.
 ################################################################################
 
-find_package(JPEG ${JAS_LIBJPEG_REQUIRED})
-message("JPEG library found: ${JPEG_FOUND}")
+if (JAS_ENABLE_LIBJPEG)
+	find_package(JPEG ${JAS_LIBJPEG_REQUIRED})
+	message("JPEG library found: ${JPEG_FOUND}")
+else()
+	set(JPEG_FOUND false)
+endif()
 if (JAS_ENABLE_LIBJPEG AND JPEG_FOUND)
 	set(JAS_HAVE_LIBJPEG 0)
 	message("JPEG include directory: ${JPEG_INCLUDE_DIR}")
@@ -267,9 +293,13 @@ message("JAS_HAVE_LIBJPEG: ${JAS_HAVE_LIBJPEG}")
 # Check for the OpenGL and GLUT libraries.
 ################################################################################
 
-find_package(OpenGL ${JAS_REQUIRED})
 message("JAS_ENABLE_OPENGL: ${JAS_ENABLE_OPENGL}")
-message("OpenGL library found: ${OPENGL_FOUND}")
+if (JAS_ENABLE_OPENGL)
+	find_package(OpenGL ${JAS_REQUIRED})
+	message("OpenGL library found: ${OPENGL_FOUND}")
+else()
+	set(OPENGL_FOUND false)
+endif()
 if (JAS_ENABLE_OPENGL AND OPENGL_FOUND)
 	set(JAS_HAVE_OPENGL 0)
 	message("OpenGL include directory: ${OPENGL_INCLUDE_DIR}")

diff --git a/INSTALL b/INSTALL
@@ -117,6 +117,17 @@ JAS_ENABLE_SHARED
     Enable the building of shared libraries.
     Valid values: true or false
 
+JAS_ENABLE_HIDDEN
+    Hide internal symbols?  Enabling this results in a smaller binary.
+    Valid values: true or false
+
+JAS_ENABLE_32BIT
+    Force the use of 32 bit integers?  On 64 bit CPUs, JasPer
+    historically used 64 bit integers which consumes more memory, is
+    slower and has no advantages.  This produces a different ABI, so
+    the resulting library is not compatible with other builds.
+    Valid values: true or false
+
 JAS_ENABLE_ASAN
     Enable the Address Sanitizer.
     Valid values: true or false

diff --git a/build/cmake/modules/Sanitizers.cmake b/build/cmake/modules/Sanitizers.cmake
@@ -2,6 +2,7 @@ option(JAS_ENABLE_ASAN "Enable Address Sanitizer" false)
 option(JAS_ENABLE_USAN "Enable Undefined-Behavior Sanitizer" false)
 option(JAS_ENABLE_LSAN "Enable Leak Sanitizer" false)
 option(JAS_ENABLE_MSAN "Enable Memory Sanitizer" false)
+option(JAS_ENABLE_FUZZER "Enable libFuzzer" false)
 
 macro(jas_enable_sanitizer name)
 	if ("${name}" MATCHES "asan")

diff --git a/src/appl/CMakeLists.txt b/src/appl/CMakeLists.txt
@@ -32,6 +32,14 @@ else()
 	message("GLUT library not found; skipping build of jiv program")
 endif()
 
+if (JAS_ENABLE_FUZZER)
+	add_executable(fuzz fuzz.c)
+	target_link_libraries(fuzz libjasper ${JPEG_LIBRARIES} ${MATH_LIBRARY})
+	set(programs "${programs}" fuzz)
+	set_target_properties(fuzz PROPERTIES COMPILE_FLAGS "-fsanitize=fuzzer")
+	set_target_properties(fuzz PROPERTIES LINK_FLAGS "-fsanitize=fuzzer")
+endif()
+
 # The JasPer include directories in the source and build tree must be included
 # before any other directories that may contain the include directory for an
 # already installed version of the JasPer library.

diff --git a/src/appl/fuzz.c b/src/appl/fuzz.c
@@ -0,0 +1,106 @@
+/*
+ * Copyright (c) 2020 Max Kellermann
+ */
+
+/* __START_OF_JASPER_LICENSE__
+ *
+ * JasPer License Version 2.0
+ *
+ * Copyright (c) 2001-2006 Michael David Adams
+ * Copyright (c) 1999-2000 Image Power, Inc.
+ * Copyright (c) 1999-2000 The University of British Columbia
+ *
+ * All rights reserved.
+ *
+ * Permission is hereby granted, free of charge, to any person (the
+ * "User") obtaining a copy of this software and associated documentation
+ * files (the "Software"), to deal in the Software without restriction,
+ * including without limitation the rights to use, copy, modify, merge,
+ * publish, distribute, and/or sell copies of the Software, and to permit
+ * persons to whom the Software is furnished to do so, subject to the
+ * following conditions:
+ *
+ * 1.  The above copyright notices and this permission notice (which
+ * includes the disclaimer below) shall be included in all copies or
+ * substantial portions of the Software.
+ *
+ * 2.  The name of a copyright holder shall not be used to endorse or
+ * promote products derived from the Software without specific prior
+ * written permission.
+ *
+ * THIS DISCLAIMER OF WARRANTY CONSTITUTES AN ESSENTIAL PART OF THIS
+ * LICENSE.  NO USE OF THE SOFTWARE IS AUTHORIZED HEREUNDER EXCEPT UNDER
+ * THIS DISCLAIMER.  THE SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS
+ * "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING
+ * BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A
+ * PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.  IN NO
+ * EVENT SHALL THE COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, OR ANY SPECIAL
+ * INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES WHATSOEVER RESULTING
+ * FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
+ * NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
+ * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.  NO ASSURANCES ARE
+ * PROVIDED BY THE COPYRIGHT HOLDERS THAT THE SOFTWARE DOES NOT INFRINGE
+ * THE PATENT OR OTHER INTELLECTUAL PROPERTY RIGHTS OF ANY OTHER ENTITY.
+ * EACH COPYRIGHT HOLDER DISCLAIMS ANY LIABILITY TO THE USER FOR CLAIMS
+ * BROUGHT BY ANY OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL
+ * PROPERTY RIGHTS OR OTHERWISE.  AS A CONDITION TO EXERCISING THE RIGHTS
+ * GRANTED HEREUNDER, EACH USER HEREBY ASSUMES SOLE RESPONSIBILITY TO SECURE
+ * ANY OTHER INTELLECTUAL PROPERTY RIGHTS NEEDED, IF ANY.  THE SOFTWARE
+ * IS NOT FAULT-TOLERANT AND IS NOT INTENDED FOR USE IN MISSION-CRITICAL
+ * SYSTEMS, SUCH AS THOSE USED IN THE OPERATION OF NUCLEAR FACILITIES,
+ * AIRCRAFT NAVIGATION OR COMMUNICATION SYSTEMS, AIR TRAFFIC CONTROL
+ * SYSTEMS, DIRECT LIFE SUPPORT MACHINES, OR WEAPONS SYSTEMS, IN WHICH
+ * THE FAILURE OF THE SOFTWARE OR SYSTEM COULD LEAD DIRECTLY TO DEATH,
+ * PERSONAL INJURY, OR SEVERE PHYSICAL OR ENVIRONMENTAL DAMAGE ("HIGH
+ * RISK ACTIVITIES").  THE COPYRIGHT HOLDERS SPECIFICALLY DISCLAIM ANY
+ * EXPRESS OR IMPLIED WARRANTY OF FITNESS FOR HIGH RISK ACTIVITIES.
+ *
+ * __END_OF_JASPER_LICENSE__
+ */
+
+/******************************************************************************\
+* Includes.
+\******************************************************************************/
+
+#include <jasper/jasper.h>
+#include <jasper/jas_debug.h>
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <assert.h>
+#include <stdint.h>
+
+/******************************************************************************\
+* Code.
+\******************************************************************************/
+
+int LLVMFuzzerInitialize(int *argc, char ***argv);
+int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size);
+
+int LLVMFuzzerInitialize(int *argc, char ***argv)
+{
+	if (jas_init()) {
+		abort();
+	}
+
+	return 0;
+}
+
+int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
+{
+	if (size == 0)
+		/* avoid the assertion failure */
+		data = NULL;
+
+	jas_stream_t *stream = jas_stream_memopen((char *)data, size);
+	if (stream == NULL)
+		abort();
+
+	jas_image_t *image = jas_image_decode(stream, -1, NULL);
+	jas_stream_close(stream);
+
+	if (image != NULL)
+		jas_image_destroy(image);
+
+	return 0;
+}
diff --git a/src/appl/imgcmp.c b/src/appl/imgcmp.c
@@ -73,7 +73,6 @@
 #include <stdio.h>
 #include <math.h>
 #include <float.h>
-#include <assert.h>
 
 #include <jasper/jasper.h>
 
@@ -130,7 +129,7 @@ static jas_taginfo_t metrictab[] = {
 	{-1, 0}
 };
 
-static jas_opt_t opts[] = {
+static const jas_opt_t opts[] = {
 	{OPT_HELP, "help", 0},
 	{OPT_VERSION, "version", 0},
 	{OPT_VERBOSE, "verbose", 0},
@@ -154,10 +153,10 @@ static char *cmdname = 0;
 
 int main(int argc, char **argv)
 {
-	char *origpath;
-	char *reconpath;
+	const char *origpath;
+	const char *reconpath;
 	int verbose;
-	char *metricname;
+	const char *metricname;
 	int metric;
 
 	int id;
@@ -177,7 +176,7 @@ int main(int argc, char **argv)
 	int compno;
 	jas_stream_t *origstream;
 	jas_stream_t *reconstream;
-	char *diffpath;
+	const char *diffpath;
 	int maxonly;
 	int minonly;
 	int fmtid;

diff --git a/src/appl/imginfo.c b/src/appl/imginfo.c
@@ -104,7 +104,7 @@ static void cmdinfo(void);
 *
 \******************************************************************************/
 
-static jas_opt_t opts[] = {
+static const jas_opt_t opts[] = {
 	{OPT_HELP, "help", 0},
 	{OPT_VERSION, "version", 0},
 	{OPT_VERBOSE, "verbose", 0},
@@ -129,15 +129,15 @@ int main(int argc, char **argv)
 {
 	int fmtid;
 	int id;
-	char *infile;
+	const char *infile;
 	jas_stream_t *instream;
 	jas_image_t *image;
 	int width;
 	int height;
 	int depth;
 	int numcmpts;
 	int verbose;
-	char *fmtname;
+	const char *fmtname;
 	int debug;
 	size_t max_mem;
 	size_t max_samples;

diff --git a/src/appl/jasper.c b/src/appl/jasper.c
@@ -74,7 +74,6 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <assert.h>
-#include <time.h>
 #include <stdint.h>
 
 #include <jasper/jasper.h>
@@ -94,7 +93,7 @@
 
 typedef struct {
 
-	char *infile;
+	const char *infile;
 	/* The input image file. */
 
 	int infmt;
@@ -103,7 +102,7 @@ typedef struct {
 	char *inopts;
 	char inoptsbuf[OPTSMAX + 1];
 
-	char *outfile;
+	const char *outfile;
 	/* The output image file. */
 
 	int outfmt;
@@ -135,13 +134,13 @@ void cmdopts_destroy(cmdopts_t *cmdopts);
 void cmdusage(void);
 void badusage(void);
 void cmdinfo(void);
-int addopt(char *optstr, int maxlen, char *s);
+int addopt(char *optstr, int maxlen, const char *s);
 
 /******************************************************************************\
 * Global data.
 \******************************************************************************/
 
-char *cmdname = "";
+static const char *cmdname = "";
 
 /******************************************************************************\
 * Code.
@@ -306,8 +305,7 @@ int main(int argc, char **argv)
 
 cmdopts_t *cmdopts_parse(int argc, char **argv)
 {
-
-	typedef enum {
+	enum {
 		CMDOPT_HELP = 0,
 		CMDOPT_VERBOSE,
 		CMDOPT_INFILE,
@@ -321,9 +319,9 @@ cmdopts_t *cmdopts_parse(int argc, char **argv)
 		CMDOPT_CMPTNO,
 		CMDOPT_SRGB,
 		CMDOPT_MAXMEM
-	} cmdoptid_t;
+	};
 
-	static jas_opt_t cmdoptions[] = {
+	static const jas_opt_t cmdoptions[] = {
 		{CMDOPT_HELP, "help", 0},
 		{CMDOPT_VERBOSE, "verbose", 0},
 		{CMDOPT_INFILE, "input", JAS_OPT_HASARG},
@@ -462,7 +460,7 @@ void cmdopts_destroy(cmdopts_t *cmdopts)
 	free(cmdopts);
 }
 
-int addopt(char *optstr, int maxlen, char *s)
+int addopt(char *optstr, int maxlen, const char *s)
 {
 	size_t n;
 	size_t m;
@@ -487,7 +485,7 @@ void cmdinfo()
 	fprintf(stderr, "%s\n", JAS_NOTES);
 }
 
-static char *helpinfo[] = {
+static const char *const helpinfo[] = {
 "The following options are supported:\n",
 "    --help                  Print this help information and exit.\n",
 "    --version               Print version information and exit.\n",
@@ -513,8 +511,8 @@ static char *helpinfo[] = {
 void cmdusage()
 {
 	int fmtid;
-	jas_image_fmtinfo_t *fmtinfo;
-	char *s;
+	const jas_image_fmtinfo_t *fmtinfo;
+	const char *s;
 	int i;
 	cmdinfo();
 	fprintf(stderr, "usage: %s [options]\n", cmdname);