Resolves#15969
It is possible to set the number of color components
in the JPEG 2000 file separate from the color space,
and OpenJPEG reports that value as-is. This can result
in a buffer overflow if the num_components variable is
larger than the number of channels in the color space.
This patch adds a check to make sure num_components
is within range. If it's larger, then we clamp it to the maximum
value for that color model.
Resolves#15684
In addition to setting the tcp_distoratio parameter to
the user's preferred quality, we also needed to enable
the cp_fixed_quality setting in OpenJPEG to actually
compress JPEG2000 images with different quality values.
Additionally, OpenJPEG expects the quality value to range
from 1.0 to 100.0, while we had it as 0.0 to 1.0. This patch
fixes both issues.
Resolves#15285
Per the report, it's possible to exceed the size of the pixel buffer
with a high precision_scaled value, as we size it to the width * bpp.
This patch includes precision_scaled in the allocation calculation.
It also adds a g_size_checked_mul () check to ensure there's no
overflow, and moves the pixel and buffer memory freeing to occur
in the out section so that it always runs even on failure.
Our JPEG 2000 plug-in assumed all imported images
are unsigned - however, it's possible to store signed data
as well.
This patch adds a check to see if the image has the `sgnd`
flag set to TRUE. If so, we offset the signed data to get it
into the unsigned range before converting to an image.
