Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Leap:15.5:Update
tiff.32960
tiff-CVE-2023-2731.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File tiff-CVE-2023-2731.patch of Package tiff.32960
This patch contains code from following commits: For the `old_tif_rawcc` field in `LZWCodecState` struct: https://gitlab.com/libtiff/libtiff/-/commit/7bad03e938c651aae4d1cf3bc5ec76406531513a https://gitlab.com/libtiff/libtiff/-/commit/4af64003c8322d2cba6f86245a3ccf88dd6125d5 Compatability: https://gitlab.com/libtiff/libtiff/-/commit/189d65779275132c86abd1e06cdab8a080645b32 https://gitlab.com/libtiff/libtiff/-/commit/a2aa4074e90b63adc5d8d06679dc567de36f74cd `error_code` label: https://gitlab.com/libtiff/libtiff/-/commit/3079627ea0dee150e6a208cec8381de611bb842b For the `read_error` field in `LZWCodecState` struct: https://gitlab.com/libtiff/libtiff/-/commit/b4e79bfa0c7d2d08f6f1e7ec38143fc8cb11394a which also is marked as fix for CVE-2022-1622 (bsc#1199483) which we are not affected by due to code not being present. And finally the commit marked as a fix for CVE-2023-2731 (bsc#1211478) https://github.com/libsdl-org/libtiff/commit/9be22b639ea69e102d3847dca4c53ef025e9527b Index: tiff-4.0.9/libtiff/tif_lzw.c =================================================================== --- tiff-4.0.9.orig/libtiff/tif_lzw.c +++ tiff-4.0.9/libtiff/tif_lzw.c @@ -3,6 +3,7 @@ /* * Copyright (c) 1988-1997 Sam Leffler * Copyright (c) 1991-1997 Silicon Graphics, Inc. + * Copyright (c) 2022 Even Rouault * * Permission to use, copy, modify, distribute, and sell this software and * its documentation for any purpose is hereby granted without fee, provided @@ -38,8 +39,13 @@ */ #include "tif_predict.h" +#include <stdbool.h> #include <stdio.h> +/* Select the plausible largest natural integer type for the architecture */ +#define SIZEOF_WORDTYPE SIZEOF_SIZE_T +typedef size_t WordType; + /* * NB: The 5.0 spec describes a different algorithm than Aldus * implements. Specifically, Aldus does code length transitions @@ -54,13 +60,6 @@ * Future revisions to the TIFF spec are expected to "clarify this issue". */ #define LZW_COMPAT /* include backwards compatibility code */ -/* - * Each strip of data is supposed to be terminated by a CODE_EOI. - * If the following #define is included, the decoder will also - * check for end-of-strip w/o seeing this code. This makes the - * library more robust, but also slower. - */ -#define LZW_CHECKEOS /* include checks for strips w/o EOI code */ #define MAXCODE(n) ((1L<<(n))-1) /* @@ -94,7 +93,7 @@ typedef struct { unsigned short nbits; /* # of bits/code */ unsigned short maxcode; /* maximum code for lzw_nbits */ unsigned short free_ent; /* next free entry in hash table */ - unsigned long nextdata; /* next bits of i/o */ + WordType nextdata; /* next bits of i/o */ long nextbits; /* # of valid bits in lzw_nextdata */ int rw_mode; /* preserve rw_mode from init */ @@ -121,8 +120,10 @@ typedef struct { typedef struct code_ent { struct code_ent *next; unsigned short length; /* string len, including this token */ - unsigned char value; /* data value */ + /* firstchar should be placed immediately before value in this structure */ unsigned char firstchar; /* first token of string */ + unsigned char value; /* data value */ + bool repeated; } code_t; typedef int (*decodeFunc)(TIFF*, uint8*, tmsize_t, uint16); @@ -133,15 +134,15 @@ typedef struct { /* Decoding specific data */ long dec_nbitsmask; /* lzw_nbits 1 bits, right adjusted */ long dec_restart; /* restart count */ -#ifdef LZW_CHECKEOS uint64 dec_bitsleft; /* available bits in raw data */ -#endif + tmsize_t old_tif_rawcc; /* value of tif_rawcc at the end of the previous TIFLZWDecode() call */ decodeFunc dec_decode; /* regular or backwards compatible */ code_t* dec_codep; /* current recognized code */ code_t* dec_oldcodep; /* previously recognized code */ code_t* dec_free_entp; /* next free entry */ code_t* dec_maxcodep; /* max available entry */ code_t* dec_codetab; /* kept separate for small machines */ + int read_error; /* whether a read error has occured, and which should cause further reads in the same strip/tile to be aborted */ /* Encoding specific data */ int enc_oldcode; /* last code encountered */ @@ -168,26 +169,6 @@ static void cl_hash(LZWCodecState*); * LZW Decoder. */ -#ifdef LZW_CHECKEOS -/* - * This check shouldn't be necessary because each - * strip is suppose to be terminated with CODE_EOI. - */ -#define NextCode(_tif, _sp, _bp, _code, _get) { \ - if ((_sp)->dec_bitsleft < (uint64)nbits) { \ - TIFFWarningExt(_tif->tif_clientdata, module, \ - "LZWDecode: Strip %d not terminated with EOI code", \ - _tif->tif_curstrip); \ - _code = CODE_EOI; \ - } else { \ - _get(_sp,_bp,_code); \ - (_sp)->dec_bitsleft -= nbits; \ - } \ -} -#else -#define NextCode(tif, sp, bp, code, get) get(sp, bp, code) -#endif - static int LZWFixupTags(TIFF* tif) { @@ -240,16 +221,19 @@ LZWSetupDecode(TIFF* tif) */ code = 255; do { - sp->dec_codetab[code].value = (unsigned char)code; sp->dec_codetab[code].firstchar = (unsigned char)code; + sp->dec_codetab[code].value = (unsigned char)code; + sp->dec_codetab[code].repeated = true; sp->dec_codetab[code].length = 1; sp->dec_codetab[code].next = NULL; } while (code--); /* - * Zero-out the unused entries - */ - _TIFFmemset(&sp->dec_codetab[CODE_CLEAR], 0, + * Zero-out the unused entries */ + /* Silence false positive */ + /* coverity[overrun-buffer-arg] */ + memset(&sp->dec_codetab[CODE_CLEAR], 0, (CODE_FIRST - CODE_CLEAR) * sizeof (code_t)); + } return (1); } @@ -318,10 +302,9 @@ LZWPreDecode(TIFF* tif, uint16 s) sp->dec_restart = 0; sp->dec_nbitsmask = MAXCODE(BITS_MIN); -#ifdef LZW_CHECKEOS sp->dec_bitsleft = 0; -#endif - sp->dec_free_entp = sp->dec_codetab + CODE_FIRST; + sp->old_tif_rawcc = 0; + sp->dec_free_entp = sp->dec_codetab - 1 ; // + CODE_FIRST; /* * Zero entries that are not yet filled in. We do * this to guard against bogus input data that causes @@ -329,33 +312,86 @@ LZWPreDecode(TIFF* tif, uint16 s) * come up with a way to safely bounds-check input codes * while decoding then you can remove this operation. */ - _TIFFmemset(sp->dec_free_entp, 0, (CSIZE-CODE_FIRST)*sizeof (code_t)); - sp->dec_oldcodep = &sp->dec_codetab[-1]; + sp->dec_oldcodep = &sp->dec_codetab[0]; sp->dec_maxcodep = &sp->dec_codetab[sp->dec_nbitsmask-1]; + sp->read_error = 0; return (1); } /* * Decode a "hunk of data". */ -#define GetNextCode(sp, bp, code) { \ - nextdata = (nextdata<<8) | *(bp)++; \ - nextbits += 8; \ - if (nextbits < nbits) { \ - nextdata = (nextdata<<8) | *(bp)++; \ - nextbits += 8; \ - } \ - code = (hcode_t)((nextdata >> (nextbits-nbits)) & nbitsmask); \ - nextbits -= nbits; \ -} -static void -codeLoop(TIFF* tif, const char* module) -{ - TIFFErrorExt(tif->tif_clientdata, module, - "Bogus encoding, loop in the code table; scanline %d", - tif->tif_row); -} +/* Get the next 32 or 64-bit from the input data */ +#ifdef WORDS_BIGENDIAN +# define GetNextData(nextdata, bp) memcpy(&nextdata, bp, sizeof(nextdata)) +#elif SIZEOF_WORDTYPE == 8 +# if defined(__GNUC__) && defined(__x86_64__) +# define GetNextData(nextdata, bp) nextdata = __builtin_bswap64(*(uint64*)(bp)) +# elif defined(_M_X64) +# define GetNextData(nextdata, bp) nextdata = _byteswap_uint64(*(uint64*)(bp)) +# elif defined(__GNUC__) +# define GetNextData(nextdata, bp) memcpy(&nextdata, bp, sizeof(nextdata)); \ + nextdata = __builtin_bswap64(nextdata) +# else +# define GetNextData(nextdata, bp) nextdata = (((uint64)bp[0]) << 56) | \ + (((uint64)bp[1]) << 48) | \ + (((uint64)bp[2]) << 40) | \ + (((uint64)bp[3]) << 32) | \ + (((uint64)bp[4]) << 24) | \ + (((uint64)bp[5]) << 16) | \ + (((uint64)bp[6]) << 8) | \ + (((uint64)bp[7])) +# endif +#elif SIZEOF_WORDTYPE == 4 +# if defined(__GNUC__) && defined(__i386__) +# define GetNextData(nextdata, bp) nextdata = __builtin_bswap32(*(uint32*)(bp)) +# elif defined(_M_X86) +# define GetNextData(nextdata, bp) nextdata = _byteswap_ulong(*(unsigned long*)(bp)) +# elif defined(__GNUC__) +# define GetNextData(nextdata, bp) memcpy(&nextdata, bp, sizeof(nextdata)); \ + nextdata = __builtin_bswap32(nextdata) +# else +# define GetNextData(nextdata, bp) nextdata = (((uint32)bp[0]) << 24) | \ + (((uint32)bp[1]) << 16) | \ + (((uint32)bp[2]) << 8) | \ + (((uint32)bp[3])) +# endif +#else +# error "Unhandled SIZEOF_WORDTYPE" +#endif + +#define GetNextCodeLZW() do { \ + nextbits -= nbits; \ + if (nextbits < 0) { \ + if (dec_bitsleft >= 8 * SIZEOF_WORDTYPE) { \ + unsigned codetmp = (unsigned)(nextdata << (-nextbits)); \ + GetNextData(nextdata, bp); \ + bp += SIZEOF_WORDTYPE; \ + nextbits += 8 * SIZEOF_WORDTYPE; \ + dec_bitsleft -= 8 * SIZEOF_WORDTYPE; \ + code = (WordType)((codetmp | (nextdata >> nextbits)) & nbitsmask); \ + break; \ + } \ + else {\ + if( dec_bitsleft < 8) { \ + goto no_eoi; \ + }\ + nextdata = (nextdata<<8) | *(bp)++; \ + nextbits += 8; \ + dec_bitsleft -= 8; \ + if( nextbits < 0 ) { \ + if( dec_bitsleft < 8) { \ + goto no_eoi; \ + }\ + nextdata = (nextdata<<8) | *(bp)++; \ + nextbits += 8; \ + dec_bitsleft -= 8; \ + } \ + } \ + } \ + code = (WordType)((nextdata >> nextbits) & nbitsmask); \ +} while(0) static int LZWDecode(TIFF* tif, uint8* op0, tmsize_t occ0, uint16 s) @@ -364,17 +400,22 @@ LZWDecode(TIFF* tif, uint8* op0, tmsize_ LZWCodecState *sp = DecoderState(tif); char *op = (char*) op0; long occ = (long) occ0; - char *tp; unsigned char *bp; - hcode_t code; - int len; long nbits, nextbits, nbitsmask; - unsigned long nextdata; - code_t *codep, *free_entp, *maxcodep, *oldcodep; + WordType nextdata; + code_t *free_entp, *maxcodep, *oldcodep; (void) s; assert(sp != NULL); - assert(sp->dec_codetab != NULL); + assert(sp->dec_codetab != NULL); + + if (sp->read_error) { + TIFFErrorExt(tif, module, + "LZWDecode: Scanline %u cannot be read due to " + "previous error", + tif->tif_row); + return 0; + } /* Fail if value does not fit in long. @@ -387,7 +428,7 @@ LZWDecode(TIFF* tif, uint8* op0, tmsize_ if (sp->dec_restart) { long residue; - codep = sp->dec_codep; + code_t* codep = sp->dec_codep; residue = codep->length - sp->dec_restart; if (residue > occ) { /* @@ -401,7 +442,7 @@ LZWDecode(TIFF* tif, uint8* op0, tmsize_ codep = codep->next; } while (--residue > occ && codep); if (codep) { - tp = op + occ; + uint8* tp = op + occ; do { *--tp = codep->value; codep = codep->next; @@ -414,7 +455,7 @@ LZWDecode(TIFF* tif, uint8* op0, tmsize_ */ op += residue; occ -= residue; - tp = op; + uint8* tp = op; do { int t; --tp; @@ -426,9 +467,8 @@ LZWDecode(TIFF* tif, uint8* op0, tmsize_ } bp = (unsigned char *)tif->tif_rawcp; -#ifdef LZW_CHECKEOS - sp->dec_bitsleft = (((uint64)tif->tif_rawcc) << 3); -#endif + sp->dec_bitsleft += (((uint64)tif->tif_rawcc - sp->old_tif_rawcc) << 3); + uint64 dec_bitsleft = sp->dec_bitsleft; nbits = sp->lzw_nbits; nextdata = sp->lzw_nextdata; nextbits = sp->lzw_nextbits; @@ -436,125 +476,235 @@ LZWDecode(TIFF* tif, uint8* op0, tmsize_ oldcodep = sp->dec_oldcodep; free_entp = sp->dec_free_entp; maxcodep = sp->dec_maxcodep; + code_t* const dec_codetab = sp->dec_codetab; + code_t* codep; - while (occ > 0) { - NextCode(tif, sp, bp, code, GetNextCode); - if (code == CODE_EOI) - break; - if (code == CODE_CLEAR) { - do { - free_entp = sp->dec_codetab + CODE_FIRST; - _TIFFmemset(free_entp, 0, - (CSIZE - CODE_FIRST) * sizeof (code_t)); - nbits = BITS_MIN; - nbitsmask = MAXCODE(BITS_MIN); - maxcodep = sp->dec_codetab + nbitsmask-1; - NextCode(tif, sp, bp, code, GetNextCode); - } while (code == CODE_CLEAR); /* consecutive CODE_CLEAR codes */ - if (code == CODE_EOI) - break; - if (code > CODE_CLEAR) { - TIFFErrorExt(tif->tif_clientdata, tif->tif_name, - "LZWDecode: Corrupted LZW table at scanline %d", - tif->tif_row); - return (0); - } - *op++ = (char)code; - occ--; - oldcodep = sp->dec_codetab + code; - continue; - } - codep = sp->dec_codetab + code; + if (occ == 0) { + goto after_loop; + } + +begin: + { + WordType code; + GetNextCodeLZW(); + codep = dec_codetab + code; + if (code >= CODE_FIRST) + goto code_above_or_equal_to_258; + if (code < 256) + goto code_below_256; + if (code == CODE_EOI) + goto after_loop; + goto code_clear; - /* - * Add the new entry to the code table. - */ - if (free_entp < &sp->dec_codetab[0] || - free_entp >= &sp->dec_codetab[CSIZE]) { - TIFFErrorExt(tif->tif_clientdata, module, - "Corrupted LZW table at scanline %d", - tif->tif_row); - return (0); - } +code_below_256: + { + if (codep > free_entp) + goto error_code; + free_entp->next = oldcodep; + free_entp->firstchar = oldcodep->firstchar; + free_entp->length = oldcodep->length+1; + free_entp->value = (uint8)code; + free_entp->repeated = (bool)(oldcodep->repeated & !(oldcodep->value - code)); + if (++free_entp > maxcodep) { + if (++nbits > BITS_MAX) /* should not happen for a conformant encoder */ + nbits = BITS_MAX; + nbitsmask = MAXCODE(nbits); + maxcodep = dec_codetab + nbitsmask-1; + if( free_entp >= &dec_codetab[CSIZE] ) + { + /* At that point, the next valid states are either EOI or a */ + /* CODE_CLEAR. If a regular code is read, at the next */ + /* attempt at registering a new entry, we will error out */ + /* due to setting free_entp before any valid code */ + free_entp = dec_codetab - 1; + } + } + oldcodep = codep; + *op++ = (uint8)code; + occ--; + if (occ == 0) + goto after_loop; + goto begin; + } +code_above_or_equal_to_258: + { + /* + * Add the new entry to the code table. + */ + + if (codep >= free_entp) + { + if (codep != free_entp) + goto error_code; + free_entp->value = oldcodep->firstchar; + } + else + { + free_entp->value = codep->firstchar; + } + free_entp->repeated = (bool)(oldcodep->repeated & !(oldcodep->value - free_entp->value)); + free_entp->next = oldcodep; + + free_entp->firstchar = oldcodep->firstchar; + free_entp->length = oldcodep->length+1; + if (++free_entp > maxcodep) { + if (++nbits > BITS_MAX) /* should not happen for a conformant encoder */ + nbits = BITS_MAX; + nbitsmask = MAXCODE(nbits); + maxcodep = dec_codetab + nbitsmask-1; + if (free_entp >= &dec_codetab[CSIZE]) + { + /* At that point, the next valid states are either EOI or a */ + /* CODE_CLEAR. If a regular code is read, at the next */ + /* attempt at registering a new entry, we will error out */ + /* due to setting free_entp before any valid code */ + free_entp = dec_codetab - 1; + } + } + oldcodep = codep; + + /* + * Code maps to a string, copy string + * value to output (written in reverse). + */ + /* tiny bit faster on x86_64 to store in unsigned short than int */ + unsigned short len = codep->length; + + if (len < 3) /* equivalent to len == 2 given all other conditions */ + { + if (occ <= 2) + { + if (occ == 2) + { + memcpy(op, &(codep->firstchar), 2); + op += 2; + occ -= 2; + goto after_loop; + } + goto too_short_buffer; + } + + memcpy(op, &(codep->firstchar), 2); + op += 2; + occ -= 2; + goto begin; /* we can save the comparison occ > 0 */ + } + + if (len == 3) + { + if (occ <= 3) + { + if (occ == 3) + { + op[0] = codep->firstchar; + op[1] = codep->next->value; + op[2] = codep->value; + op += 3; + occ -= 3; + goto after_loop; + } + goto too_short_buffer; + } + + op[0] = codep->firstchar; + op[1] = codep->next->value; + op[2] = codep->value; + op += 3; + occ -= 3; + goto begin; /* we can save the comparison occ > 0 */ + } + + if (len > occ) + { + goto too_short_buffer; + } + + if (codep->repeated) + { + memset(op, codep->value, len); + op += len; + occ -= len; + if (occ == 0) + goto after_loop; + goto begin; + } + + uint8* tp = op + len; + + assert(len >= 4); + + *--tp = codep->value; + codep = codep->next; + *--tp = codep->value; + codep = codep->next; + *--tp = codep->value; + codep = codep->next; + *--tp = codep->value; + if (tp > op) + { + do { + codep = codep->next; + *--tp = codep->value; + } while (tp > op); + } + + assert(occ >= len); + op += len; + occ -= len; + if (occ == 0) + goto after_loop; + goto begin; + } - free_entp->next = oldcodep; - if (free_entp->next < &sp->dec_codetab[0] || - free_entp->next >= &sp->dec_codetab[CSIZE]) { - TIFFErrorExt(tif->tif_clientdata, module, - "Corrupted LZW table at scanline %d", - tif->tif_row); - return (0); - } - free_entp->firstchar = free_entp->next->firstchar; - free_entp->length = free_entp->next->length+1; - free_entp->value = (codep < free_entp) ? - codep->firstchar : free_entp->firstchar; - if (++free_entp > maxcodep) { - if (++nbits > BITS_MAX) /* should not happen */ - nbits = BITS_MAX; - nbitsmask = MAXCODE(nbits); - maxcodep = sp->dec_codetab + nbitsmask-1; - } - oldcodep = codep; - if (code >= 256) { - /* - * Code maps to a string, copy string - * value to output (written in reverse). - */ - if(codep->length == 0) { - TIFFErrorExt(tif->tif_clientdata, module, - "Wrong length of decoded string: " - "data probably corrupted at scanline %d", - tif->tif_row); - return (0); - } - if (codep->length > occ) { - /* - * String is too long for decode buffer, - * locate portion that will fit, copy to - * the decode buffer, and setup restart - * logic for the next decoding call. - */ - sp->dec_codep = codep; - do { - codep = codep->next; - } while (codep && codep->length > occ); - if (codep) { - sp->dec_restart = (long)occ; - tp = op + occ; - do { - *--tp = codep->value; - codep = codep->next; - } while (--occ && codep); - if (codep) - codeLoop(tif, module); - } - break; - } - len = codep->length; - tp = op + len; - do { - int t; - --tp; - t = codep->value; - codep = codep->next; - *tp = (char)t; - } while (codep && tp > op); - if (codep) { - codeLoop(tif, module); - break; - } - assert(occ >= len); - op += len; - occ -= len; - } else { - *op++ = (char)code; - occ--; - } - } + code_clear: + { + free_entp = dec_codetab + CODE_FIRST; + nbits = BITS_MIN; + nbitsmask = MAXCODE(BITS_MIN); + maxcodep = dec_codetab + nbitsmask-1; + do { + GetNextCodeLZW(); + } while (code == CODE_CLEAR); /* consecutive CODE_CLEAR codes */ + if (code == CODE_EOI) + goto after_loop; + if (code > CODE_EOI) { + goto error_code; + } + *op++ = (uint8)code; + occ--; + oldcodep = dec_codetab + code; + if (occ == 0) + goto after_loop; + goto begin; + } + } + +too_short_buffer: + { + /* + * String is too long for decode buffer, + * locate portion that will fit, copy to + * the decode buffer, and setup restart + * logic for the next decoding call. + */ + sp->dec_codep = codep; + do { + codep = codep->next; + } while (codep->length > occ); + + sp->dec_restart = occ; + uint8* tp = op + occ; + do { + *--tp = codep->value; + codep = codep->next; + } while (--occ); + } +after_loop: tif->tif_rawcc -= (tmsize_t)( (uint8*) bp - tif->tif_rawcp ); tif->tif_rawcp = (uint8*) bp; + sp->old_tif_rawcc = tif->tif_rawcc; + sp->dec_bitsleft = dec_bitsleft; sp->lzw_nbits = (unsigned short) nbits; sp->lzw_nextdata = nextdata; sp->lzw_nextbits = nextbits; @@ -576,9 +726,37 @@ LZWDecode(TIFF* tif, uint8* op0, tmsize_ return (0); } return (1); + +no_eoi: + sp->read_error = 1; + TIFFErrorExt(tif->tif_clientdata, module, + "LZWDecode: Strip %u not terminated with EOI code", + tif->tif_curstrip); + return 0; +error_code: + sp->read_error = 1; + TIFFErrorExt(tif->tif_clientdata, tif->tif_name, "Using code not yet in table"); + return 0; } #ifdef LZW_COMPAT + +/* + * This check shouldn't be necessary because each + * strip is suppose to be terminated with CODE_EOI. + */ +#define NextCode(_tif, _sp, _bp, _code, _get, dec_bitsleft) { \ + if (dec_bitsleft < (uint64)nbits) { \ + TIFFWarningExt(_tif->tif_clientdata, module, \ + "LZWDecode: Strip %u not terminated with EOI code", \ + _tif->tif_curstrip); \ + _code = CODE_EOI; \ + } else { \ + _get(_sp,_bp,_code); \ + dec_bitsleft -= nbits; \ + } \ +} + /* * Decode a "hunk of data" for old images. */ @@ -605,7 +783,8 @@ LZWDecodeCompat(TIFF* tif, uint8* op0, t unsigned char *bp; int code, nbits; int len; - long nextbits, nextdata, nbitsmask; + long nextbits, nbitsmask; + WordType nextdata; code_t *codep, *free_entp, *maxcodep, *oldcodep; (void) s; @@ -657,9 +836,10 @@ LZWDecodeCompat(TIFF* tif, uint8* op0, t } bp = (unsigned char *)tif->tif_rawcp; -#ifdef LZW_CHECKEOS - sp->dec_bitsleft = (((uint64)tif->tif_rawcc) << 3); -#endif + + sp->dec_bitsleft += (((uint64)tif->tif_rawcc - sp->old_tif_rawcc) << 3); + uint64 dec_bitsleft = sp->dec_bitsleft; + nbits = sp->lzw_nbits; nextdata = sp->lzw_nextdata; nextbits = sp->lzw_nextbits; @@ -669,7 +849,7 @@ LZWDecodeCompat(TIFF* tif, uint8* op0, t maxcodep = sp->dec_maxcodep; while (occ > 0) { - NextCode(tif, sp, bp, code, GetNextCodeCompat); + NextCode(tif, sp, bp, code, GetNextCodeCompat, dec_bitsleft); if (code == CODE_EOI) break; if (code == CODE_CLEAR) { @@ -680,7 +860,7 @@ LZWDecodeCompat(TIFF* tif, uint8* op0, t nbits = BITS_MIN; nbitsmask = MAXCODE(BITS_MIN); maxcodep = sp->dec_codetab + nbitsmask; - NextCode(tif, sp, bp, code, GetNextCodeCompat); + NextCode(tif, sp, bp, code, GetNextCodeCompat, dec_bitsleft); } while (code == CODE_CLEAR); /* consecutive CODE_CLEAR codes */ if (code == CODE_EOI) break; @@ -776,6 +956,8 @@ LZWDecodeCompat(TIFF* tif, uint8* op0, t tif->tif_rawcc -= (tmsize_t)( (uint8*) bp - tif->tif_rawcp ); tif->tif_rawcp = (uint8*) bp; + sp->old_tif_rawcc = tif->tif_rawcc; + sp->dec_bitsleft = dec_bitsleft; sp->lzw_nbits = (unsigned short)nbits; sp->lzw_nextdata = nextdata; sp->lzw_nextbits = nextbits; @@ -900,8 +1082,8 @@ LZWEncode(TIFF* tif, uint8* bp, tmsize_t hcode_t ent; long disp; long incount, outcount, checkpoint; - unsigned long nextdata; - long nextbits; + WordType nextdata; + long nextbits; int free_ent, maxcode, nbits; uint8* op; uint8* limit; @@ -1064,7 +1246,7 @@ LZWPostEncode(TIFF* tif) register LZWCodecState *sp = EncoderState(tif); uint8* op = tif->tif_rawcp; long nextbits = sp->lzw_nextbits; - unsigned long nextdata = sp->lzw_nextdata; + WordType nextdata = sp->lzw_nextdata; long outcount = sp->enc_outcount; int nbits = sp->lzw_nbits;
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
