Merge branch 'release'

ChangeLog

@@ -1,3 +1,86 @@
+2019-12-19  Hayaki Saito <saitoha@me.com>
+
+  * src/fromsixel.c: sixel decoder: extend image width and height separately
+
+2019-12-18  Hayaki Saito <saitoha@me.com>
+
+  * Makefile.in, configure, configure.ac, package.json: Bump the package
+  version
+
+  * ChangeLog: Update ChangeLog
+
+  * src/fromsixel.c: Suppress gcc -Wsign-conversion warnings
+
+  * README.md: Update README
+
+  * src/stb_image.h: Raise an error instead of assert() when wrong color mask
+  is detected (#89)
+
+  * src/fromsixel.c: Prevent integer overflow reported in #118, thanks to
+  @SuhwanSong
+
+2019-12-17  Hayaki Saito <saitoha@me.com>
+
+  * src/fromsixel.c: Fix typo
+
+  * converters/sixel2png.c: sixel2png: fix misssing error handling
+
+  * src/tosixel.c: Add additional error message for SIXEL_BAD_INTEGER_OVERFLOW
+
+  * src/frompnm.c: Fix for infinite recursive loop problem in load_pnm()
+  (#85), Thanks to @Loginsoft-Research
+
+  * src/loader.c: Try to suppress gcc -Wclobbered warnings again
+
+  * Makefile.in, config.h.in, configure, configure.ac, src/loader.c: Check
+  availability of -Wclobbered
+
+  * src/loader.c: Try to suppress gcc -Wclobbered warnings again
+
+  * Makefile.in, src/loader.c: Suppress gcc -Werror=clobbered warnings
+
+2019-12-16  Hayaki Saito <saitoha@me.com>
+
+  * src/fromsixel.c: Add error message for 1377517
+
+  * src/fromsixel.c: Make safe_addition_for_params() as a static function
+
+  * Makefile.in, src/fromsixel.c: Add error message for 9c013f2
+
+  * README.md: Update README: add more projects using sixels
+
+  * src/tosixel.c: Fix access violation problem on high color mode (#116),
+  Thanks to SuhwanSong
+
+  * src/dither.c: Use SIXEL_PALETTE_MAX instead of 256
+
+  * src/fromsixel.c: Use SIXEL_PALETTE_MAX instead of 256
+
+2019-12-15  Hayaki Saito <saitoha@me.com>
+
+  * src/fromsixel.c: Add invalid parameter check at image_buffer_init() /
+  image_buffer_resize() (#107)
+
+  * Makefile.in, src/fromsixel.c: Avoid huge memory allocation caused by
+  integer overflow problems
+
+  * src/loader.c: Handle libpng error message (#73), thanks to HongxuChen
+
+  * src/dither.c: Avoid illegal memory access problem with 1 color paletted
+  png(#73), Thanks to HongxuChen.
+
+  * README.md: Update README
+
+  * README.md: Update README
+
+  * configure, configure.ac, package.json: Bump version
+
+  * README.md, converters/img2sixel.1: Update contributers section
+
+  * NEWS: Update NEWS
+
+  * ChangeLog: Update ChangeLog
+
 2019-12-13  Hayaki Saito <saitoha@me.com>
 
   * src/loader.c: Suppress glib deprecated warnings

Makefile.in

@@ -192,8 +192,8 @@ CTAGS = ctags
 CSCOPE = cscope
 am__DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/config.h.in \
 	$(srcdir)/libsixel.pc.in $(srcdir)/package.json.in.in \
-	ChangeLog NEWS compile config.guess config.sub install-sh \
-	ltmain.sh missing py-compile
+	ChangeLog NEWS compile config.guess config.sub depcomp \
+	install-sh ltmain.sh missing py-compile
 DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
 distdir = $(PACKAGE)-$(VERSION)
 top_distdir = $(distdir)

NEWS

@@ -2,6 +2,32 @@
                   ------------------------------
                    What's new in libsixel-1.8 ?
                   ------------------------------
+* Security fix for CVE-2019-11024 (#85), recursive loop problem,
+  reported by @Loginsoft-Research.
+
+* Security fix for #73, illegal memory access problem,
+  reported by @HongxuChen.
+
+* Security fix for #89, core dumped issue,
+  reported by @niugx.
+
+* Security fix for #107, large memory allocation problem,
+  reported by @cuanduo.
+
+* Security fix for #114, heap-buffer-overflow problem,
+  reported by @SuhwanSong.
+
+* Security fix for #116, heap-buffer-overflow problem,
+  reported by @SuhwanSong.
+
+* Security fix for #118, heap-buffer-overflow problem,
+  reported by @SuhwanSong.
+
+* Security fix for #121, heap-buffer-overflow problem,
+  reported by @gutiniao
+
+* Security fix for #73, illegal memory access problem,
+  reported by @HongxuChen.
 
 * Security fix for CVE-2018-19757 (#79), NULL pointer dereference problem,
   reported by @nluedtke and fixed by @knok (#91, #94).

README.md

@@ -299,6 +299,9 @@ $ xterm -xrm "XTerm*decTerminalID: vt340" -xrm "XTerm*numColorRegisters: 256"
 - cancer
   [https://github.com/meh/cancer/](https://github.com/meh/cancer)
 
+- MacTerm
+  [https://github.com/kmgrant/macterm](https://github.com/kmgrant/macterm)
+
 - wezterm
   [https://github.com/wez/wezterm](https://github.com/wez/wezterm)
 
@@ -311,6 +314,15 @@ $ xterm -xrm "XTerm*decTerminalID: vt340" -xrm "XTerm*numColorRegisters: 256"
 - st-sixel
   [https://github.com/galatolofederico/st-sixel](https://github.com/galatolofederico/st-sixel)
 
+- DomTerm
+  [https://github.com/PerBothner/DomTerm](https://github.com/PerBothner/DomTerm)
+
+- yaft-cocoa
+  [https://github.com/uobikiemukot/yaft-cocoa](https://github.com/uobikiemukot/yaft-cocoa)
+
+- toyterm
+  [https://github.com/algon-320/toyterm](https://github.com/algon-320/toyterm)
+
 
 ## Install
 
@@ -1510,3 +1522,25 @@ We are greatly inspired by the quality of ImageMagick and added some resampling
 - [hpjansson/chafa](https://github.com/hpjansson/chafa)
 
 - [m-j-w/TerminalGraphics.jl](https://github.com/m-j-w/TerminalGraphics.jl)
+
+- [MIC-DKFZ/niicat](https://github.com/MIC-DKFZ/niicat)
+
+- [libretro/RetroArch](https://github.com/libretro/RetroArch)
+
+- [jerch/node-sixel](https://github.com/jerch/node-sixel)
+
+- [nikiroo/fanfix](https://github.com/nikiroo/fanfix)
+
+- [mattn/longcat](https://github.com/mattn/longcat)
+
+- [ismail-yilmaz/upp-components/CtrlLib/Terminal/](https://github.com/ismail-yilmaz/upp-components/tree/master/CtrlLib/Terminal)
+
+- [schrmh/pdfgrepSIXEL](schrmh/pdfgrepSIXEL)
+
+- [ar90n/teimpy](https://github.com/ar90n/teimpy)
+
+- [vifm/vifm](https://github.com/vifm/vifm)
+
+- [ktye/iv](https://github.com/ktye/iv/commit/815e06ed776dde3deca0fdba35da5f0b431a69bf)
+
+- [Delta/longdog](https://github.com/0Delta/longdog)

config.h.in

@@ -75,6 +75,9 @@
    don't. */
 #undef HAVE_DECL_SIGTERM
 
+/* define 1 if GCC supports -Wclobbered */
+#undef HAVE_DIAGNOSTIC_CLOBBERED
+
 /* define 1 if GCC supports -Wdeprecated-declarations */
 #undef HAVE_DIAGNOSTIC_DEPRECATED_DECLARATIONS
 

configure

@@ -1,6 +1,6 @@
 #! /bin/sh
 # Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.69 for sixel 1.8.3.
+# Generated by GNU Autoconf 2.69 for sixel 1.8.4.
 #
 # Report bugs to <saitoha@me.com>.
 #
@@ -590,8 +590,8 @@ MAKEFLAGS=
 # Identity of this package.
 PACKAGE_NAME='sixel'
 PACKAGE_TARNAME='sixel'
-PACKAGE_VERSION='1.8.3'
-PACKAGE_STRING='sixel 1.8.3'
+PACKAGE_VERSION='1.8.4'
+PACKAGE_STRING='sixel 1.8.4'
 PACKAGE_BUGREPORT='saitoha@me.com'
 PACKAGE_URL=''
 
@@ -1393,7 +1393,7 @@ if test "$ac_init_help" = "long"; then
   # Omit some internal or obsolete options to make the list less imposing.
   # This message is too long to be a string in the A/UX 3.1 sh.
   cat <<_ACEOF
-\`configure' configures sixel 1.8.3 to adapt to many kinds of systems.
+\`configure' configures sixel 1.8.4 to adapt to many kinds of systems.
 
 Usage: $0 [OPTION]... [VAR=VALUE]...
 
@@ -1463,7 +1463,7 @@ fi
 
 if test -n "$ac_init_help"; then
   case $ac_init_help in
-     short | recursive ) echo "Configuration of sixel 1.8.3:";;
+     short | recursive ) echo "Configuration of sixel 1.8.4:";;
    esac
   cat <<\_ACEOF
 
@@ -1612,7 +1612,7 @@ fi
 test -n "$ac_init_help" && exit $ac_status
 if $ac_init_version; then
   cat <<\_ACEOF
-sixel configure 1.8.3
+sixel configure 1.8.4
 generated by GNU Autoconf 2.69
 
 Copyright (C) 2012 Free Software Foundation, Inc.
@@ -2027,7 +2027,7 @@ cat >config.log <<_ACEOF
 This file contains any messages produced by compilers while
 running configure, to aid debugging if configure makes a mistake.
 
-It was created by sixel $as_me 1.8.3, which was
+It was created by sixel $as_me 1.8.4, which was
 generated by GNU Autoconf 2.69.  Invocation command line was
 
   $ $0 $@
@@ -2970,7 +2970,7 @@ fi
 
 # Define the identity of the package.
  PACKAGE='sixel'
- VERSION='1.8.3'
+ VERSION='1.8.4'
 
 
 cat >>confdefs.h <<_ACEOF
@@ -13635,6 +13635,37 @@ rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
    CFLAGS="$saved_cflags"
 
 
+   { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $CC supports -Wclobbered" >&5
+$as_echo_n "checking if $CC supports -Wclobbered... " >&6; }
+   saved_cflags="$CFLAGS"
+   CFLAGS="-Wclobbered -Werror"
+   cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+$as_echo "yes" >&6; }
+                      AM_CFLAGS="$AM_CFLAGS -Wclobbered"
+
+$as_echo "#define HAVE_DIAGNOSTIC_CLOBBERED 1" >>confdefs.h
+
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+                      :
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+   CFLAGS="$saved_cflags"
+
+
    { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $CC supports -Bsymbolic" >&5
 $as_echo_n "checking if $CC supports -Bsymbolic... " >&6; }
    saved_cflags="$CFLAGS"
@@ -16373,7 +16404,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
 # report actual input values of CONFIG_FILES etc. instead of their
 # values after options handling.
 ac_log="
-This file was extended by sixel $as_me 1.8.3, which was
+This file was extended by sixel $as_me 1.8.4, which was
 generated by GNU Autoconf 2.69.  Invocation command line was
 
   CONFIG_FILES    = $CONFIG_FILES
@@ -16439,7 +16470,7 @@ _ACEOF
 cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
 ac_cs_version="\\
-sixel config.status 1.8.3
+sixel config.status 1.8.4
 configured by $0, generated by GNU Autoconf 2.69,
   with options \\"\$ac_cs_config\\"
 

configure.ac

@@ -3,7 +3,7 @@
 
 AC_PREREQ([2.60])
 LT_PREREQ([2.4])
-AC_INIT([sixel], [1.8.3], [saitoha@me.com])
+AC_INIT([sixel], [1.8.4], [saitoha@me.com])
 LS_LT_CURRENT=1
 LS_LT_REVISION=6
 LS_LT_AGE=0
@@ -208,6 +208,9 @@ LS_CHECK_CFLAG([-Wswitch-default],
 LS_CHECK_CFLAG([-Wunused-function],
                [AM_CFLAGS="$AM_CFLAGS -Wunused-function"
                 AC_DEFINE(HAVE_DIAGNOSTIC_UNUSED_FUNCTION, 1, [define 1 if GCC supports -Wunused-function])])
+LS_CHECK_CFLAG([-Wclobbered],
+               [AM_CFLAGS="$AM_CFLAGS -Wclobbered"
+                AC_DEFINE(HAVE_DIAGNOSTIC_CLOBBERED, 1, [define 1 if GCC supports -Wclobbered])])
 LS_CHECK_CFLAG([-Bsymbolic],
                [AM_CFLAGS="$AM_CFLAGS -Bsymbolic"
                 AC_DEFINE(HAVE_BSYMBOLIC, 1, [define 1 if GCC supports -Bsymbolic])])

converters/sixel2png.c

@@ -224,6 +224,9 @@ main(int argc, char *argv[])
     }
 
     status = sixel_decoder_decode(decoder);
+    if (SIXEL_FAILED(status)) {
+        goto error;
+    }
     goto end;
 
 argerr:

package.json

@@ -1,6 +1,6 @@
 {
   "name": "libsixel",
-  "version": "1.8.3",
+  "version": "1.8.4",
   "repo": "saitoha/libsixel",
   "description": "A lightweight, fast implementation of DEC SIXEL graphics codec",
   "keywords": ["terminal", "graphics", "image", "sixel"],

src/dither.c

@@ -280,13 +280,17 @@ sixel_dither_new(
     }
 
     if (ncolors < 0) {
-        ncolors = 256;
+        ncolors = SIXEL_PALETTE_MAX;
         quality_mode = SIXEL_QUALITY_HIGHCOLOR;
     } else {
         if (ncolors > SIXEL_PALETTE_MAX) {
-            ncolors = 256;
-        } else if (ncolors < 2) {
-            ncolors = 2;
+            status = SIXEL_BAD_INPUT;
+            ncolors = SIXEL_PALETTE_MAX;
+        } else if (ncolors < 1) {
+            status = SIXEL_BAD_INPUT;
+            sixel_helper_set_additional_message(
+                "sixel_dither_new: palette colors must be more than 0");
+            goto end;
         }
         quality_mode = SIXEL_QUALITY_LOW;
     }

src/frompnm.c

@@ -36,13 +36,15 @@ pnm_get_line(unsigned char *p, unsigned char *end, unsigned char *line)
     int n;
 
     do {
+        /* read the line */
         for (n = 0 ; p < end && *p >= ' '; p++) {
             if (n < 255) {
                 line[n++] = *p;
             }
         }
 
-        if (p < end && *p == '\n') {
+        /* skip invald characters */
+        if (p < end && *p < ' ') {
             p++;
         }