Question about the use of color_sycc_to_rgb()

cgohlke / imagecodecs

Image transformation, compression, and decompression codecs

https://pypi.org/project/imagecodecs

BSD 3-Clause "New" or "Revised" License

111 stars 21 forks source link

Question about the use of color_sycc_to_rgb() #77

Closed opoplawski closed 1 year ago

opoplawski commented 1 year ago

I'm looking into packaging imagecodecs for Fedora and I've noticed that you are shipping a local copy of the openjpeg color.c file to make use of the color_sync_to_rgb() function. I have a number of concerns about this, particularly related to tracking possible security issues in openjpeg. Have you contacted upstream about making color_sycc_to_rgb() public or if there is an alternative way to achieve what you need to do in your code?

cgohlke commented 1 year ago

you are shipping a local copy of ...

There's quite a number of third party libraries and code files that are vendored for various reasons: https://github.com/cgohlke/imagecodecs/tree/master/3rdparty

I have a number of concerns about this

I understand. You'll have to disable modules in imagecodecs or modify the build config to use other sources or link libraries.

Have you contacted upstream about making color_sycc_to_rgb() public

That's https://github.com/uclouvain/openjpeg/issues/1225