Added GError parameters to all static file write functions, check for
failed writing and return an error if that is the case.
Additionally, at end of file make sure the last dummy byte is written to
make chunks an even size.
- Changed all static read functions to have a GError parameter, use a
parameter for the value read, and return a gboolean that will be FALSE
when reading from file failed.
- Check the return values of all read functions and set GError when
needed.
- Added more error checking, like comparing real filesize with what the
header tells us, check for valid speed and number of frames.
- Added some gdebug statements for easier debugging.
- Don't assume that all FLI/FLC writers followed the specs and wrote an
even number of bytes per chunk.
- Skip "frames" that do not have the FRAME type (in most cases this is
a PREFIX chunk).
Improvements to the FLI loading and exporting plug-in:
- I added a GError parameter to all public read/write functions.
- All public functions now return a gboolean result to show if they
succeeded or failed. Before most functions were void. For the non void
returns (the two fli_write_color functions) I added a gboolean
parameter.
- Do cleanup if we fail to read a frame. If at least one frame was read
successfully, we will keep the incomplete image/animation.
- Change name of layer to include the delay in ms.
The unsigned long type in this plug-in is always used for reading/writing
32-bit unsigned integers, so let's change it to guin32 to not get
confused.
Changed unsigned short to gushort, unsigned char to guchar.
There should be absolutely no code change semantic in this commit. If
there is, that's a mistake and it's on me. I only cleaned up the syntax
in the C file which basically was following none of GIMP coding style
(tabs everywhere, brackets at end of lines, nearly no space anywhere so
all the code was a compressed mess which was hard to read, indentation
absolutely wrong everywhere, etc.).
I cleaned it up with a bunch of regexp search-and-replace followed by a
lot of manual cleaning and verification as well.
I also tested with various FLI files found on the web, and they were
loading fine in GIMP. So I believe/hope that I didn't mess up somewhere,
but it looks as the cleaning went all fine.
It is possible to trigger a heap overflow while parsing FLI files. The
RLE decoder is vulnerable to out of boundary writes due to lack of
boundary checks.
The variable "framebuf" points to a memory area which was allocated
with fli_header->width * fli_header->height bytes. The RLE decoder
therefore must never write beyond that limit.
If an illegal frame is detected, the parser won't stop, which means
that the next valid sequence is properly parsed again. This should
allow GIMP to parse FLI files as good as possible even if they are
broken by an attacker or by accident.
While at it, I changed the variable xc to be of type size_t, because
the multiplication of width and height could overflow a 16 bit type.
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
2009-01-17 Michael Natterer <mitch@gimp.org>
* all files with a GPL header and all COPYING files:
Change licence to GPLv3 (and to LGPLv3 for libgimp).
Cleaned up some copyright headers and regenerated the parsers in
the ImageMap plugin.
svn path=/trunk/; revision=27913
2008-08-11 Michael Natterer <mitch@gimp.org>
* plug-ins/bmp/*
* plug-ins/faxg3/*
* plug-ins/fits/*
* plug-ins/fli/*
* plug-ins/ico/*
* plug-ins/jpeg/*
* plug-ins/psd/*
* plug-ins/sgi/*
* plug-ins/uri/*
* plug-ins/xjt/*: removed these...
* plug-ins/file-bmp/*
* plug-ins/file-faxg3/*
* plug-ins/file-fits/*
* plug-ins/file-fli/*
* plug-ins/file-ico/*
* plug-ins/file-jpeg/*
* plug-ins/file-psd/*
* plug-ins/file-sgi/*
* plug-ins/file-uri/*
* plug-ins/file-xjt/*: and moved them here. Changed executable
names to "file-foo".
* plug-ins/Makefile.am: changed accordingly.
* plug-ins/common/*: rename all file plug-ins to file-foo.c. Get
rid of the names "poppler" and "postscript" and call them
"file-pdf" and "file-ps" because the conflict with standard
autofoo targets is gone.
* plug-ins/common/plugin-defs.pl: changed accordingly.
* plug-ins/common/mkgen.pl: make sure cflags variables are named
"PLUG_IN_NAME_CFLAGS" and not "PLUG-IN-NAME_CFLAGS"
* plug-ins/common/Makefile.am: regenerated.
* configure.in: change folders and variable names to match above
changes.
svn path=/trunk/; revision=26494
Jacob Boerema