GitLab

Libjasper is not really maintained any more, and has been dropped by
various Linux distributions over the years.

GdkPixbuf has not enabled the JPEG2000 loader by default in many years,
relying on downstream distributors to do so if they also shipped
libjasper. This means that it's unlikely anybody has relied on GdkPixbuf
to load a JPEG2000 image for the past 3 to 5 years, if at all.

The only other option for loading JPEG2000 images is to use OpenJPEG,
and for that there is an out of tree GdkPixbuf module available:

https://notabug.org/necklace/jp2-pixbuf-loader

Fixes: #152, #137

We use `gtk_doc`, now.

This patch significantly improves performance
of gtksourceview-2.10.5 full-screen redraw
on a 4K display with an alpha channel.

Divisions by the common value 0xff0000 are converted into
multiplications by an optimizing C compiler.
For other values, 3 divisions are reduced to 1 division,
3 multiplications and some float-to-int conversions.

And deprecate the `docs` one.

The `gtk_doc` option is shared across GNOME modules, so we should
conform to the established practice.

The relative links in the functions documentation stanza refer to the
current section; this means that, in order to refer to an anchor
specified in a section the symbols must be in the same section within
the same file.

Pixel data in XPM files consists of color characters.

XPM allows up to 31 characters per pixel (cpp). If the file defines
a width larger than G_MAXINT / cpp, the calculated memory required
to parse a single line (wbytes) leads to a signed integer overflow.

On common systems, a signed integer overflow works as expected on
a bit level. Properly crafted files can overflow the variable
wbytes in a way that it is positive again, which leads to a
"successful" parsing of the XPM file. The pixel values itself are
not assigned by gdk-pixbuf code, therefore leaking raw memory
returned by malloc.

This might leak sensitive information through pixel values,
depending on the actual application.

Proof of Concept:

/* XPM */
static char * poc_xpm[] = {
"138547333 1 1 31",
"xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx  	c None",
"---------------------------"};

Parsing an XBM file with pixel bits larger than int leads to undefined
behavior (signed integer overflow).

Since only the lowest 8 bits are used, this patched code produces the
same images as before.

Also do not increment gotone but set it to a value. If more than
INT_MAX values are parsed, this int would overflow as well.

Proof of Concept (compile with -fsanitize=undefined or -ftrapv):

static unsigned char poc_bits[] = {
0xFFFFFFFF };

Avoid declaring variables in a for loop initialization so that the code
continues to build on older compilers.

mmap does not return NULL on failure, but rather MAP_FAILED.

#158

powershell instead of cmd, win2016 instead of 2012r2

On FreeBSD, macros such as _POSIX_C_SOURCE and _XOPEN_SOURCE are used as
a means to disable features instead of enabling features. Therefore,
setting a macro to a value which is too small can make required features
become unavailable.

Commit f57bec33 sets _XOPEN_SOURCE to
500 and causes compilation errors on FreeBSD because of missing C99
support. FreeBSD libc automatically sets _POSIX_C_SOURCE to 199506 when
_XOPEN_SOURCE is set to 500. Since 1995 < 1999, this also means all C99
functions are disabled. To fix it, use a value matching the current
definition of _POSIX_C_SOURCE=200809, which is _XOPEN_SOURCE=700.

The get_static_image() method for gifs is leaking an iterator and since
the iterator has a reference to the animation, this results in all
animation frames being leaked.

Avoid overflows by using the checked multiplication macro for gsize.

Fixes: #132

We might still get a GdkPixbuf even if the GError is set, which leads to
us reusing the GError instance later on.

Add test for the issue fixed by commit
35dcd72b.

From https://bugs.launchpad.net/inkscape/+bug/1746054/comments/5

Fixes: #128

Some tests depend on build options—like the ability to load certain
images. There's no point in compiling things that we know will fail,
so might as well skip them.

Fixes: #123

We must skip the reference test when both the source and reference files
are unsupported.

There's no point in failing the test when we know we don't support the
file format.

Previously only skipped bytes at the start of incremental
loads. During a incremental load, there may be bytes to skip
between reloads. Previous behavior misread metadata sometimes.

Fixes #70

If glib-compile-resources did not produce anything on stdout,
gen-resources.py reports success, even if it actually failed. This
can lead to a build error down the line.

Instead, just use os.execvpe after setting up the environment.

This avoids the build from erroring out due to warning/error C4819 (Unicode
handling issue in the compiler), which is likely to occur on Chinese, Japanese
and Korean locales

They were prepare_func/prepared_func, and update_func/updated_func in
various places.

Since their corresponding type names are GdkPixbufModulePreparedFunc
and GdkPixbufModuleUpdatedFunc, make all the fields be called
prepared_func and updated_func to make them easier to grep.