DCMTK

2025-11-07

17:40 Feature #1178 (New): Add support for single bit images in RLE codec

DICOM CP 2301 "Clarify applicability of RLE and JPEG 2000 Transfer Syntax to single bit images such as binary segment... Marco Eichelberg

2025-11-06

18:09 Bug #1177 (Closed): Various bugs in the dcmqrscp.cfg parser

Various issues have been fixed in the the dcmqrscp.cfg parser.
Thanks to Jake Cobb <Jake.Cobb@varian.com> for the ... Marco Eichelberg

18:05 Bug #1176 (Closed): In some tools the return value of setuid() is not checked

In some tools the return value of setuid() is not checked. In the worstcase this could lead to privilege escalation s... Marco Eichelberg

18:01 Bug #1175 (Closed): Possible overflows and underflows in ACSE data structures

At several places in the code a wrong length of ACSE data structures received over the network can cause overflows or... Marco Eichelberg

17:58 Bug #858: Buffer overflow in DcmRLEDecoder::decompress()

This issue has been registered as CVE-2019-1010228 (https://www.cve.org/CVERecord?id=CVE-2019-1010228). Marco Eichelberg

17:54 Bug #1174 (Closed): Possible NULL pointer dereference / double free in network module

There is a use-after-free bug in the network module that can lead to NULL pointer dereference or a double free.
Th... Marco Eichelberg

17:50 Bug #1173 (Closed): possible NULL pointer dereference in DU_getStringDOElement()

There is possible NULL pointer dereference in DU_getStringDOElement() due to a missing check.
Thanks to Jinsheng B... Marco Eichelberg

17:48 Bug #1172 (Closed): Possible NULL pointer reference / double free in network module

The malloced memory for storing all file information are recorded in a global variable LST and are not freed properly... Marco Eichelberg

17:41 Bug #1021: Path traversal vulnerability in DCMTK

This issue has been registered as the following CVEs:
* CVE-2022-2119 (https://www.cve.org/CVERecord?id=CVE-2022-211... Marco Eichelberg

17:40 Bug #1171 (Closed): Crash when shutting down via private SOP class.

A segmentation fault occured when shutting down the application via the private SOP Class. This issue was introduced ... Marco Eichelberg

17:37 Bug #1026: dcmqrscp may crash when reading malformed configuration file

This issue has been registered as CVE-2022-4981 (https://www.cve.org/CVERecord?id=CVE-2022-4981). Marco Eichelberg

17:37 Bug #1108: Possible overflow in EctEnhancedCT

This issue has been registered as CVE-2024-27628 (https://www.cve.org/CVERecord?id=CVE-2024-27628). Marco Eichelberg

17:36 Bug #1120: Segmentation faults due to incorrect typecast of DcmItem::search() result

This issue has been registered as CVE-2024-28130 (https://www.cve.org/CVERecord?id=CVE-2024-28130).
Marco Eichelberg

17:33 Bug #1114: Segmentation fault while receiving invalid message

This issue has also been registered as CVE-2024-34508 (https://www.cve.org/CVERecord?id=CVE-2024-34508). Marco Eichelberg

17:31 Bug #1114: Segmentation fault while receiving invalid message

This issue has been registered as CVE-2024-34509 (https://www.cve.org/CVERecord?id=CVE-2024-34509). Marco Eichelberg

17:30 Bug #1155: Segmentation fault in JPEG-LS decoder caused by invalid JPEG-LS data

This issue was registered as CVE-2025-2357 (https://www.cve.org/CVERecord?id=CVE-2025-2357). Marco Eichelberg

17:29 Bug #1170 (Closed): Issue when rendering an invalid monochrome DICOM image where the number of pixels stored does not match the expected number of pixel

There is an issue when rendering an invalid monochrome DICOM image where the number of pixels stored does not match t... Marco Eichelberg

17:26 Bug #1169 (Closed): Issue when processing an invalid DICOM image where the number of pixels stored does not match the expected number of pixels

There is an issue when processing an invalid DICOM image where the number of pixels stored does not match the expecte... Marco Eichelberg

17:24 Bug #1168 (Closed): Missing check that HighBit < BitsAllocated

In class DicomImage, a check was missing during the image preprocessing to make sure that the value of HighBit is alw... Marco Eichelberg

17:21 Bug #1167 (Closed): Issue rendering invalid monochrome image

There is an issue in class DicomImage when rendering an invalid monochrome DICOM image where the number of pixels sto... Marco Eichelberg

2025-11-05

15:55 Bug #1166 (Closed): The RLE decoder may crash when decompressing an invalid RLE compressed image

The RLE decoder may crash when decompressing an invalid RLE compressed image where the RLE header contains an invalid... Marco Eichelberg

15:51 Bug #1165 (Closed): Segfault when processing an invalid DICOM image with a Photometric Interpretation of "YBR_FULL"

When processing an invalid DICOM image with a Photometric Interpretation of "YBR_FULL" and a Planar Configuration of ... Marco Eichelberg

2025-11-04

16:36 Feature #796: Copy element value to another element (with a different tag)

Also see this posting re. "Change the VR of an existing DcmElement": https://forum.dcmtk.org/viewtopic.php?p=22754 Jörg Riesmeier

2025-10-23

11:37 Feature #1164 (New): Change behaviour of overlay rendering for overlapping overlay bitmaps

Class DicomImage offers different modes for rendering overlay bitmaps into the underlying image. Three of these modes... Marco Eichelberg

2025-10-20

15:04 Feature #1162: Enable users to adjust the handling of character sets in dcmdata

Another step towards implementing this feature is the commit ab8944c9d. Jörg Riesmeier

15:01 Bug #684 (Reopened): Check whether delimiters (such as a backslash) are treated correctly during character set conversion

There still seems to be a problem, e.g., with GB18030:
From an email sent by Mathieu Malaterre <mathieu.malaterre@... Jörg Riesmeier