* quick proposal
warn on startup if untrusted operations might run
use vips_block_untrusted_set() to block untrusted operations, set an env
var or make a file to stop the warning
* mark fits, nifti and svg as untrusted
* remove the annoying "untrusted" warning message
better to warn on the download page
leave vips_block_untrusted_set() since it's obviously useful
* separate UNTRUSTED and BLOCKED
* typos
* add VIPS_BLOCK_UNTRUSTED env var
* move BLOCK_UNTRUSTED after plugin load
obviously, ooops
* add a test, disable *magick
although *magick is fuzzed, it's probably safer to disable it in
untrusted environments
* mark some more operations as untrusted
Strip TIFFs with rowperstrip of 1 used to use 1-pixel high cache tiles.
This could slow reading. This patch sets a minimum tile height near 16
but a multiple of the strip size.
* libnsgif: Update to latest upstream.
* nsgifload: Update for new pixel format API.
LibNSGIF now lets the client select a pixel colour component
order. We use NSGIF_BITMAP_FMT_R8G8B8A8, which is the same
format LibNSGIF always decoded to.
* nsgifload: Remove loop_count from VERBOSE output.
This was internal state for a nsgif_frame_prepare() managed
animation, but VIPS doesn't use nsgif_frame_prepare(). The
loop_count member has been removed from the public structure.
The nsgif_data_scan() call returns an error code that says
if anything was wrong with the source data.
It is not unusual for there to be bad stuff in a GIF, so we
only need to worry if we failed to find any frames.
* cgifsave: avoid size issue
avoid size issue by restoring the original transparency setting after quantization/dithering
* switch to per-frame alpha channel
* add option for lossy transparency
* switch lossy transparency off by default
* switch to g_malloc instead of g_malloc0
no need to 0 initialize at this point
* adapt to libvips coding conventions
* cgifsave: avoid size issue
avoid size issue by restoring the original transparency setting after quantization/dithering
* switch to per-frame alpha channel
* add option for lossy transparency
* switch lossy transparency off by default
* switch to g_malloc instead of g_malloc0
no need to 0 initialize at this point
* adapt to libvips coding conventions
* switch to official Homebrew sources for installing cgif
* bump required cgif version to v0.2.0
Use GLib's i18n support instead of copying and pasting that
logic into its own header. This deprecates the vips/intl.h
header in favour of glib/gi18n.h.
* Meson: remove space before colon
Since key-value pairs in Python are usually delimited as
colon+space instead of space+colon+space.
* Meson: disable modules by default when building static libraries
Corresponds to autotools. See: #2323.
* Meson: make modules a feature option
Corresponds to autotools, where modules are built
automatically if enabled and supported.
* Meson: specify minimum required GLib version
* Meson: fix indentation
* Remove unused function checks
* Simplify GLib configure checks
* Meson: ensure modules doesn't include enumtypes sources
Since that would cause duplicate symbols.
(`soname_header` can also be safely removed here,
since that is already included in `libvips_headers_dep`)
* LSan: remove GLib suppression
* LSan: disable the fast unwinder to get full stacktraces
* Move ASan/UBSan fuzzer options to CI configuration
* LSan: remove EOLed python2.7 suppression
* LSan: remove libstdc++ suppression
* LSan: add libx265 to suppression file
* Try to reproduce small memleak
* Try a possible patch
* Skip test if `im_benchmark` is not available
* CI: upgrade Clang version to 13
* CI: correct job names
* Meson: increase the timeout for tests
* README.md: correct Meson invocation
* Ensure that double asterisk characters are only used for gtk-doc comments
This triggers warnings when parsing the files with the introspection scanner
and gtk-doc
* Enhance the introspection support by fixing annotations
Also refine the .metadata file
Co-authored-by: John Cupitt <jcupitt@gmail.com>
* quick hack
won't even compile
* works!
at a basic level, anyway
* start wiring up metadata
* metadata done
* add spng interlaced save
* start adding index support
* fix palette save
* Update libvips/foreign/spngsave.c
Co-authored-by: Kleis Auke Wolthuizen <github@kleisauke.nl>
* start adding low bit depth write
* add a warning for low bitdepth write
* small fixes
* add 1/2/4 bit write
adapted from the vips2tiff bit packer
* small polish
* note spngsave in changelog
* Update libvips/foreign/spngsave.c
Co-authored-by: Kleis Auke Wolthuizen <github@kleisauke.nl>
* Update libvips/foreign/spngsave.c
Co-authored-by: Kleis Auke Wolthuizen <github@kleisauke.nl>
* revise 8 and 16-bit PNG write rules
* cleanup
* remove unnecessary palette filter optimisation
since libspng already does this
* add xres/yres rounding
thanks klies
he commit message for your changes. Lines starting
* look for spng.pc and libspng.pc
It can be called either, frustratingly.
* fix PACKAGES_USED for spng .pc changes
Co-authored-by: Kleis Auke Wolthuizen <github@kleisauke.nl>
We were loading 12-bit images as 0-4095 pixels, which then looked very
dark as RGB16. This patch left-justifies bits to fill 0-55, 0-65535 etc.
as required.
* libnsgif: Delete patch for read only source data.
The source data is now read only in upstream libnsgif and the code
has changed quite a bit so this does not apply.
* libnsgif: Update to latest upstream master.
* libnsgif: Only one insufficient data return code now.
There is only one code now, for "I need more data".
* libnsgif: Update for renamed structure member.
When we image_new_from_source, the source object has some of the loader
state: it tracks the current read position of the load library. This
means that we mustn't keep source loaders in the operation cache, since
a second call could give a different result because the source object
read position might have changed.
Also: add a rewind to get_flags_source in spngload, and jp2k needs to
tag its load region as having no thread ownership or you'll get assert
fails in the test suite with debug enabled.
This patch makes "insert" issue minimise signals for inputs in sequential
mode. This can drop memory use in some programs, for example:
```python
import sys
import random
import pyvips
image = pyvips.Image.black(20000, 20000)
for filename in sys.argv[2:]:
tile = pyvips.Image.new_from_file(filename, access='sequential')
x = random.randint(0, image.width - tile.width)
y = random.randint(0, image.height - tile.height)
image = image.insert(tile, x, y)
image.write_to_file(sys.argv[1])
```
Before this patch:
```
$ for i in {0..1000}; do cp ~/pics/k2.jpg $i.jpg; done
$ /usr/bin/time -f %M:%e ../manyjoin.py ../x.jpg *.jpg
5456256:4.34
```
With this patch:
```
$ /usr/bin/time -f %M:%e ../manyjoin.py ../x.jpg *.jpg
2475324:3.38
```
This patch makes arrayjoin leave a bigger margin off the end of each
input image. This can help some loaders which have large output caches.
See https://github.com/libvips/libvips/issues/2440
Instead of a simple fail/don't-fail boolean switch, add fail-on, an enum which sets the sensitivity of loaders to errors.
There's a new sensitivity level which tries to detect truncated images, but ignores other types of error.