According to relicensecheck Brad is OK with changing LGPLv2 to LGPLv2+,
which is required to be compatible with the LGPL-2.1-or-later licensed
source files.
Since QImage does sanity checking for overflows and stuff wrt.
dimensions and depth, check for QImage::isNull() as early as possible to
see if there's some funky business going on.
Also tried to add some checks wherever we wrote to "raw" memory.
Unit tests pass, and tested converting some files from
https://samples.ffmpeg.org/image-samples/ to pngs, and that seemed to
work.
Reviewed By: aacid
Differential Revision: https://phabricator.kde.org/D24367
We added our own implementation of rand_r to make sure we use the same
as Gimp, and to make Windows work. But we need to actually use it
everywhere.
Discussion in Differential:
Differential Revision: https://phabricator.kde.org/D25267
We now support up to and including version 11 of the XCF format, earlier
it only supported version 1 (from 1997, according to the XCF spec).
Biggest difference seems to be that they changed to 64bit for offsets
from version 11 and upwards, otherwise it's mostly just newer enum
values and theoretically major stuff that we don't really need to care
about to get a thumbnail (e. g. linear vs. perceptual RGB).
We still don't support all features, but now it handles that more
gracefully and should at least create thumbnails that are usable. It
should also be easier to update in the future if/when there comes new
versions.
Also added a test file created with the latest version of Gimp
(2.10.18).
Reviewed By: aacid
Differential Revision: https://phabricator.kde.org/D25937
Summary:
Instead of directly casting the quint8 to PicChannelEncoding we just store the quint8
and compare it to the possible PicChannelEncoding values when needed
oss-fuzz/19344
Reviewers: dfaure
Reviewed By: dfaure
Subscribers: dfaure, security-team, kde-frameworks-devel
Tags: #frameworks
Differential Revision: https://phabricator.kde.org/D25937
