dnrops
/
gimp
mirror of https://github.com/GNOME/gimp.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
52,589 Commits 320 Branches 272 Tags 777 MiB
C 95.2%
Scheme 1.3%
Python 1.1%
C++ 0.7%
Meson 0.6%
Other 0.7%
Go to file
Andrzej Hunt 2ba35e5b3d tga: don't copy more bytes than necessary 
We are trying to copy all bytes in the current row, which is the width times
the number of bytes per pixel (stored in info->bytes), not width times bits
per pixel.

Copying too much data allows certain inputs to induce a heap-buffer-buffer
overflow read, and probably also a write, see ASAN output below:

ERROR: AddressSanitizer: heap-buffer-overflow on address 0x61d000008088 at pc 0x00000052be17 bp 0x7ffd8bbe8e20 sp 0x7ffd8bbe85e8
READ of size 16448 at 0x61d000008088 thread T0
    #0 0x52be16 in __asan_memcpy /home/abuild/rpmbuild/BUILD/llvm-12.0.0.src/build/../projects/compiler-rt/lib/asan/asan_interceptors_memintrinsics.cpp:22:3
    #1 0x5641ca in read_line /home/ahunt/git/gimp/plug-ins/common/file-tga.c:982:7
    #2 0x560218 in ReadImage /home/ahunt/git/gimp/plug-ins/common/file-tga.c:1147:15
    #3 0x55f526 in load_image /home/ahunt/git/gimp/plug-ins/common/file-tga.c:646:11
    #4 0x56519b in LLVMFuzzerTestOneInput /home/ahunt/git/gimp/plug-ins/common/file-tga_fuzzer.c:69:17
    #5 0x461624 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /home/abuild/rpmbuild/BUILD/llvm-12.0.0.src/build/../projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:599:15
    #6 0x460b2a in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned long, bool, fuzzer::InputInfo*, bool, bool*) /home/abuild/rpmbuild/BUILD/llvm-12.0.0.src/build/../projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:505:3
    #7 0x462ec4 in fuzzer::Fuzzer::ReadAndExecuteSeedCorpora(std::__Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /home/abuild/rpmbuild/BUILD/llvm-12.0.0.src/build/../projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:814:7
    #8 0x4630d9 in fuzzer::Fuzzer::Loop(std::__Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /home/abuild/rpmbuild/BUILD/llvm-12.0.0.src/build/../projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:845:3
    #9 0x451686 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /home/abuild/rpmbuild/BUILD/llvm-12.0.0.src/build/../projects/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:906:6
    #10 0x47b662 in main /home/abuild/rpmbuild/BUILD/llvm-12.0.0.src/build/../projects/compiler-rt/lib/fuzzer/FuzzerMain.cpp:20:10
    #11 0x7fdbd277c349 in __libc_start_main (/lib64/libc.so.6+0x24349)
    #12 0x424a39 in _start /home/abuild/rpmbuild/BUILD/glibc-2.26/csu/../sysdeps/x86_64/start.S:120

0x61d000008088 is located 0 bytes to the right of 2056-byte region [0x61d000007880,0x61d000008088)
allocated by thread T0 here:
    #0 0x52ca8d in malloc /home/abuild/rpmbuild/BUILD/llvm-12.0.0.src/build/../projects/compiler-rt/lib/asan/asan_malloc_linux.cpp:145:3
    #1 0x7fdbd37fccf2 in g_malloc /home/ahunt/git/glib/_build/../glib/gmem.c:106:13
    #2 0x56009b in ReadImage /home/ahunt/git/gimp/plug-ins/common/file-tga.c:1134:10
    #3 0x55f526 in load_image /home/ahunt/git/gimp/plug-ins/common/file-tga.c:646:11
    #4 0x56519b in LLVMFuzzerTestOneInput /home/ahunt/git/gimp/plug-ins/common/file-tga_fuzzer.c:69:17
    #5 0x461624 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /home/abuild/rpmbuild/BUILD/llvm-12.0.0.src/build/../projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:599:15
    #6 0x460b2a in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned long, bool, fuzzer::InputInfo*, bool, bool*) /home/abuild/rpmbuild/BUILD/llvm-12.0.0.src/build/../projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:505:3
    #7 0x462ec4 in fuzzer::Fuzzer::ReadAndExecuteSeedCorpora(std::__Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /home/abuild/rpmbuild/BUILD/llvm-12.0.0.src/build/../projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:814:7
    #8 0x4630d9 in fuzzer::Fuzzer::Loop(std::__Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /home/abuild/rpmbuild/BUILD/llvm-12.0.0.src/build/../projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:845:3
    #9 0x451686 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /home/abuild/rpmbuild/BUILD/llvm-12.0.0.src/build/../projects/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:906:6
    #10 0x47b662 in main /home/abuild/rpmbuild/BUILD/llvm-12.0.0.src/build/../projects/compiler-rt/lib/fuzzer/FuzzerMain.cpp:20:10
    #11 0x7fdbd277c349 in __libc_start_main (/lib64/libc.so.6+0x24349)

SUMMARY: AddressSanitizer: heap-buffer-overflow /home/abuild/rpmbuild/BUILD/llvm-12.0.0.src/build/../projects/compiler-rt/lib/asan/asan_interceptors_memintrinsics.cpp:22:3 in __asan_memcpy
Shadow bytes around the buggy address:
  0x0c3a7fff8fc0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x0c3a7fff8fd0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x0c3a7fff8fe0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x0c3a7fff8ff0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x0c3a7fff9000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
=>0x0c3a7fff9010: 00[fa]fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c3a7fff9020: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c3a7fff9030: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c3a7fff9040: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c3a7fff9050: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c3a7fff9060: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           00
  Partially addressable: 01 02 03 04 05 06 07
  Heap left redzone:       fa
  Freed heap region:       fd
  Stack left redzone:      f1
  Stack mid redzone:       f2
  Stack right redzone:     f3
  Stack after return:      f5
  Stack use after scope:   f8
  Global redzone:          f9
  Global init order:       f6
  Poisoned by user:        f7
  Container overflow:      fc
  Array cookie:            ac
  Intra object redzone:    bb
  ASan internal:           fe
  Left alloca redzone:     ca
  Right alloca redzone:    cb
  Shadow gap:              cc
==26560==ABORTING

crash-4b13aca1db7bb795a815431b86cc20284f3aa6da
 		2024-07-19 14:04:44 -04:00
.gitlab gitlab: Comment 'Contribution guidelines' in MR template 2024-06-21 15:06:29 +00:00
.vscode Add .vscode/settings.json compliant with Coding Style 2024-01-19 16:06:06 -03:00
app pdb, libgimpbase: Rename GIMP_VECTORS_STROKE_TYPE... 2024-07-19 15:07:43 +00:00
app-tools Issue #4053: Add "*default_bin" support on Windows and enable it 2024-06-05 11:51:14 -03:00
build build/linux: Sync with beta manifest regarding appstream and xmu 2024-07-15 13:38:33 +00:00
data build/windows: Debloat 'lib/python3.11' bundling 2024-06-23 14:09:22 +00:00
desktop desktop: sync AppStream metadata after GIMP 2.10.38 release. 2024-06-06 21:12:32 +02:00
devel-docs app: Rename app/core GimpVectors vectors API... 2024-07-13 05:07:57 +00:00
docs Issue #4053: Add "*default_bin" support on Windows and enable it 2024-06-05 11:51:14 -03:00
etc Refreshing the templaterc 2024-04-15 23:46:32 +00:00
extensions build/windows, data, extensions, plug-ins: Fix Build omissions 2024-01-02 10:49:31 +00:00
gimp-data@c23a30befe libgimpwidgets, widgets: Fix icons on Path locks 2024-07-16 17:50:41 +00:00
libgimp pdb, libgimpbase: Rename GIMP_VECTORS_STROKE_TYPE... 2024-07-19 15:07:43 +00:00
libgimpbase pdb, libgimpbase: Rename GIMP_VECTORS_STROKE_TYPE... 2024-07-19 15:07:43 +00:00
libgimpcolor libgimpcolor: Remove GimpCMYK code 2024-06-21 16:00:18 +00:00
libgimpconfig libgimpconfig: Let GimpGroupLayer params be copied 2024-07-15 11:20:11 +00:00
libgimpmath libgimpmath: Add missing (out) annotations 2024-05-11 15:01:23 +02:00
libgimpmodule app, libgimp*, plug-ins, tools: settings custom check colors now space-invaded. 2024-02-11 23:28:02 +01:00
libgimpthumb app, libgimp*, plug-ins, tools: settings custom check colors now space-invaded. 2024-02-11 23:28:02 +01:00
libgimpwidgets libgimpwidgets, widgets: Fix icons on Path locks 2024-07-16 17:50:41 +00:00
menus menus: move menus to submenus of tab menu 2024-03-08 17:48:38 +00:00
modules modules: Remove last usage of GimpCMYK 2024-06-21 12:44:08 +00:00
pdb pdb, libgimpbase: Rename GIMP_VECTORS_STROKE_TYPE... 2024-07-19 15:07:43 +00:00
plug-ins tga: don't copy more bytes than necessary 2024-07-19 14:04:44 -04:00
po Update Georgian translation 2024-07-18 03:38:36 +00:00
po-libgimp Update Norwegian Nynorsk translation 2024-07-14 15:31:55 +00:00
po-plug-ins Update Slovenian translation 2024-07-16 21:01:36 +00:00
po-python Update Norwegian Nynorsk translation 2024-07-14 15:55:08 +00:00
po-script-fu Update Norwegian Nynorsk translation 2024-07-14 16:08:37 +00:00
po-tags Add Hindi translation 2024-04-12 16:36:24 +00:00
po-tips Update Italian translation 2024-05-30 16:12:17 +00:00
po-windows-installer Update Norwegian Nynorsk translation 2024-07-14 15:33:12 +00:00
themes themes: Removing padding constraints on GimpToolDialog 2024-05-16 15:49:10 +00:00
tools Issue #4053: Add "*default_bin" support on Windows and enable it 2024-06-05 11:51:14 -03:00
.clang-format .clang-format: Remove duplicate option 2024-02-21 15:44:48 +00:00
.dir-locals.el .dir-locals.el: configure emacs to show trailing whitespace 2016-08-24 17:46:57 +02:00
.gitignore .gitignore: Delete unused exceptions 2024-01-19 15:43:46 -03:00
.gitlab-ci.yml gitlab-ci: allow gimp-win-x64-cross to fail until we have a fix for #11756 2024-07-15 17:58:39 +02:00
.gitmodules gitmodules, gimp-data: set the default remote branch. 2024-03-28 04:30:59 +01:00
.kateconfig Add .kateconfig with modelines for Kate 2016-08-23 14:53:38 +02:00
AUTHORS AUTHORS: update. 2022-02-25 21:06:17 +01:00
COPYING Change a bazillion URLs to https:// 2018-07-14 14:19:27 +02:00
ChangeLog.pre-1-0 changelog split up 1998-06-07 13:54:00 +00:00
ChangeLog.pre-1-2 converted to utf-8 2004-05-10 17:45:17 +00:00
ChangeLog.pre-2-0 vte sucks 2004-05-20 02:36:11 +00:00
ChangeLog.pre-2-2 Copied current ChangeLog away and truncated it. 2004-12-19 02:55:34 +00:00
ChangeLog.pre-2-4 renamed the pre-2.4 ChangeLog 2007-10-23 23:36:17 +00:00
ChangeLog.pre-2-6 Applied changes based on official version of TinyScheme (CVS commit dated 2009-08-04 14:23:55 -04:00
ChangeLog.pre-git Applied changes based on official version of TinyScheme (CVS commit dated 2009-08-04 14:23:55 -04:00
INSTALL.in Issue #11760: explain why `poppler-data` is a hard dependency. 2024-07-04 21:50:11 +02:00
LICENSE LICENSE: add a note about data/ licensing for future added data. 2023-03-16 23:20:44 +01:00
MAINTAINERS MAINTAINERS: update. 2021-04-04 16:01:48 +02:00
NEWS NEWS: update. 2024-07-06 14:44:45 +02:00
NEWS.pre-2-0 Misc. typos 2018-10-19 15:30:27 +00:00
NEWS.pre-2-2 Misc. typos 2018-10-19 15:30:27 +00:00
NEWS.pre-2-4 Misc. typos 2018-10-19 15:30:27 +00:00
NEWS.pre-2-6 Misc. typos 2018-10-19 15:30:27 +00:00
NEWS.pre-2-8 NEWS.pre-2-8: new file preserving the history that lead to 2.8 2015-11-22 17:30:15 +01:00
NEWS.pre-2-10 Misc. typos 2018-10-19 15:30:27 +00:00
README README: some updates. 2023-11-05 22:25:09 +01:00
README.i18n Change a bazillion URLs to https:// 2018-07-14 14:19:27 +02:00
authors.dtd authors.dtd: Update 2011-01-28 07:55:55 +01:00
authors.xml authors: update. 2022-08-21 12:24:20 +02:00
authors.xsl Also put maintainers separately in AUTHORS 2011-01-27 22:04:05 +01:00
authors4gimp-web.xsl Bug 734981 - Update maintainers and authors. 2017-10-23 23:55:22 +02:00
gimp.doap DOAP: Replace defunct mailing list 2023-12-13 10:16:27 +03:00
meson.build meson, build/linux: Fix 'sed' hell in Flatpak build 2024-06-24 17:39:46 +00:00
meson_dist_script.sh meson: remove a reference to autotools files in the meson dist script. 2023-06-06 23:49:39 +02:00
meson_install_win_debug.sh meson, build/windows: generate .pdb (CodeView) debug symbols 2024-04-21 18:13:47 -03:00
meson_options.txt Issue #4053: Add "*default_bin" support on Windows and enable it 2024-06-05 11:51:14 -03:00

README 

                   ------------------------------
                   GNU Image Manipulation Program
                      2.99 Development Branch
                   ------------------------------

This is an unstable development release, an intermediate state on the
way to the next stable release: GIMP 3.0. GIMP 2.99 may or may not do
what you expect. Save your work early and often. If you want a stable
version, please use GIMP 2.10 instead.

If you think you found a bug in this version, please make sure that it
hasn't been reported earlier and that it is not just new stuff that is
still being worked on and obviously not quite finished yet.

If you want to hack on GIMP, please read the file devel-docs/README.md.
For detailed installation instructions, see the file INSTALL.


1. Web Resources
================

GIMP's home page is at:

	https://www.gimp.org/

Please be sure to visit this site for information, documentation,
tutorials, news, etc.  All things GIMP-ish are available from there.

The latest version of GIMP can be found at:

	https://www.gimp.org/downloads/

We also have a website dedicated to documentation at:

        https://docs.gimp.org/


2. Contributing
===============

GIMP source code can be found at:

	https://gitlab.gnome.org/GNOME/gimp/

Resources for contributors:

        https://developer.gimp.org/

In particular, you may want to look in the "Core Development" section. Some
articles of particular interest for newcomers could be:

* Setting up your developer environment: https://developer.gimp.org/core/setup/
* GIMP Coding Style: https://developer.gimp.org/core/coding_style/
* Submit your first patch: https://developer.gimp.org/core/submit-patch/


3. Discussion Channels
======================

We have several discussion channels dedicated to GIMP user and
development discussion. There is more info at:

        https://www.gimp.org/discuss.html

For the real junkies, there are IRC channels (e.g. #gimp or #gimp-user)
devoted to GIMP on GIMPNet (a private free software oriented network).
Many of the developers hang out there. Some of the GIMPNet servers are:

	irc.gimp.org:6667
	irc.us.gimp.org:6667
	irc.eu.gimp.org:6667

More discussion channels, such as forums, will be listed on the above
"discuss" page when they are moderated by a team member.
Links to archives of former discussion methods (e.g. mailing lists) are
also included in that page.

4. Customizing
==============

The look of GIMP's interface can be customized like any other GTK+ app
by editing files in `${XDG_CONFIG_HOME}/gtk-3.0/` (settings.ini and
gtk.css in particular) or by using "themes" (ready-made customizations).
Additionally, GIMP reads `${XDG_CONFIG_HOME}/GIMP/2.99/gimp.css` so you
can have settings that only apply to GIMP.

You can also manually change the keybindings to any of your choice by
editing: `${XDG_CONFIG_HOME}/GIMP/2.99/shortcutsrc`.


Have fun,

  Spencer Kimball
  Peter Mattis
  Federico Mena
  Manish Singh
  Sven Neumann
  Michael Natterer
  Dave Neary
  Martin Nordholts
  Jehan