commit 833ca6e5d1509ff583faf8693f3302cb4c69aee8 Author: overweight <5324761+overweight@user.noreply.gitee.com> Date: Mon Sep 30 11:10:41 2019 -0400 Package init diff --git a/CVE-2017-17480.patch b/CVE-2017-17480.patch new file mode 100644 index 0000000..032315c --- /dev/null +++ b/CVE-2017-17480.patch @@ -0,0 +1,42 @@ +From 0bc90e4062a5f9258c91eca018c019b179066c62 Mon Sep 17 00:00:00 2001 +From: Hugo Lefeuvre +Date: Mon, 22 Oct 2018 16:59:41 +0200 +Subject: [PATCH] jp3d/jpwl convert: fix write stack buffer overflow + +Missing buffer length formatter in fscanf call might lead to write +stack buffer overflow. + +fixes #1044 (CVE-2017-17480) +--- + src/bin/jp3d/convert.c | 4 ++-- + src/bin/jpwl/convert.c | 2 +- + 2 files changed, 3 insertions(+), 3 deletions(-) + +diff --git a/src/bin/jp3d/convert.c b/src/bin/jp3d/convert.c +index 23fd70b04..acad8f82a 100644 +--- a/src/bin/jp3d/convert.c ++++ b/src/bin/jp3d/convert.c +@@ -297,8 +297,8 @@ opj_volume_t* pgxtovolume(char *relpath, opj_cparameters_t *parameters) + fprintf(stdout, "[INFO] Loading %s \n", pgxfiles[pos]); + + fseek(f, 0, SEEK_SET); +- fscanf(f, "PG%[ \t]%c%c%[ \t+-]%d%[ \t]%d%[ \t]%d", temp, &endian1, &endian2, +- signtmp, &prec, temp, &w, temp, &h); ++ fscanf(f, "PG%31[ \t]%c%c%31[ \t+-]%d%31[ \t]%d%31[ \t]%d", temp, &endian1, ++ &endian2, signtmp, &prec, temp, &w, temp, &h); + + i = 0; + sign = '+'; +diff --git a/src/bin/jpwl/convert.c b/src/bin/jpwl/convert.c +index f3bb670b0..73c1be729 100644 +--- a/src/bin/jpwl/convert.c ++++ b/src/bin/jpwl/convert.c +@@ -1349,7 +1349,7 @@ opj_image_t* pgxtoimage(const char *filename, opj_cparameters_t *parameters) + } + + fseek(f, 0, SEEK_SET); +- if (fscanf(f, "PG%[ \t]%c%c%[ \t+-]%d%[ \t]%d%[ \t]%d", temp, &endian1, ++ if (fscanf(f, "PG%31[ \t]%c%c%31[ \t+-]%d%31[ \t]%d%31[ \t]%d", temp, &endian1, + &endian2, signtmp, &prec, temp, &w, temp, &h) != 9) { + fprintf(stderr, + "ERROR: Failed to read the right number of element from the fscanf() function!\n"); diff --git a/CVE-2018-5785.patch b/CVE-2018-5785.patch new file mode 100644 index 0000000..b93515c --- /dev/null +++ b/CVE-2018-5785.patch @@ -0,0 +1,79 @@ +From ca16fe55014c57090dd97369256c7657aeb25975 Mon Sep 17 00:00:00 2001 +From: Hugo Lefeuvre +Date: Sat, 22 Sep 2018 14:33:19 -0400 +Subject: [PATCH] convertbmp: fix issues with zero bitmasks + +In the case where a BMP file declares compression 3 (BI_BITFIELDS) +with header size <= 56, all bitmask values keep their initialization +value 0. This may lead to various undefined behavior later e.g. when +doing 1 << (l_comp->prec - 1). + +This issue does not affect files with bit count 16 because of a check +added in 16240e2 which sets default values to the color masks if they +are all 0. + +This commit adds similar checks for the 32 bit case. + +Also, if a BMP file declares compression 3 with header size >= 56 and +intentional 0 bitmasks, the same issue will be triggered in both the +16 and 32 bit count case. + +This commit adds checks to bmp_read_info_header() rejecting BMP files +with "intentional" 0 bitmasks. These checks might be removed in the +future when proper handling of zero bitmasks will be available in +openjpeg2. + +fixes #1057 (CVE-2018-5785) +--- + src/bin/jp2/convertbmp.c | 21 +++++++++++++++++++++ + 1 file changed, 21 insertions(+) + +diff --git a/src/bin/jp2/convertbmp.c b/src/bin/jp2/convertbmp.c +index 084f70bb7..7fde99ab3 100644 +--- a/src/bin/jp2/convertbmp.c ++++ b/src/bin/jp2/convertbmp.c +@@ -435,16 +435,31 @@ static OPJ_BOOL bmp_read_info_header(FILE* IN, OPJ_BITMAPINFOHEADER* header) + header->biRedMask |= (OPJ_UINT32)getc(IN) << 16; + header->biRedMask |= (OPJ_UINT32)getc(IN) << 24; + ++ if (!header->biRedMask) { ++ fprintf(stderr, "Error, invalid red mask value %d\n", header->biRedMask); ++ return OPJ_FALSE; ++ } ++ + header->biGreenMask = (OPJ_UINT32)getc(IN); + header->biGreenMask |= (OPJ_UINT32)getc(IN) << 8; + header->biGreenMask |= (OPJ_UINT32)getc(IN) << 16; + header->biGreenMask |= (OPJ_UINT32)getc(IN) << 24; + ++ if (!header->biGreenMask) { ++ fprintf(stderr, "Error, invalid green mask value %d\n", header->biGreenMask); ++ return OPJ_FALSE; ++ } ++ + header->biBlueMask = (OPJ_UINT32)getc(IN); + header->biBlueMask |= (OPJ_UINT32)getc(IN) << 8; + header->biBlueMask |= (OPJ_UINT32)getc(IN) << 16; + header->biBlueMask |= (OPJ_UINT32)getc(IN) << 24; + ++ if (!header->biBlueMask) { ++ fprintf(stderr, "Error, invalid blue mask value %d\n", header->biBlueMask); ++ return OPJ_FALSE; ++ } ++ + header->biAlphaMask = (OPJ_UINT32)getc(IN); + header->biAlphaMask |= (OPJ_UINT32)getc(IN) << 8; + header->biAlphaMask |= (OPJ_UINT32)getc(IN) << 16; +@@ -831,6 +846,12 @@ opj_image_t* bmptoimage(const char *filename, opj_cparameters_t *parameters) + bmpmask32toimage(pData, stride, image, 0x00FF0000U, 0x0000FF00U, 0x000000FFU, + 0x00000000U); + } else if (Info_h.biBitCount == 32 && Info_h.biCompression == 3) { /* bitmask */ ++ if ((Info_h.biRedMask == 0U) && (Info_h.biGreenMask == 0U) && ++ (Info_h.biBlueMask == 0U)) { ++ Info_h.biRedMask = 0x00FF0000U; ++ Info_h.biGreenMask = 0x0000FF00U; ++ Info_h.biBlueMask = 0x000000FFU; ++ } + bmpmask32toimage(pData, stride, image, Info_h.biRedMask, Info_h.biGreenMask, + Info_h.biBlueMask, Info_h.biAlphaMask); + } else if (Info_h.biBitCount == 16 && Info_h.biCompression == 0) { /* RGBX */ diff --git a/CVE-2018-7648.patch b/CVE-2018-7648.patch new file mode 100644 index 0000000..04f270e --- /dev/null +++ b/CVE-2018-7648.patch @@ -0,0 +1,32 @@ +From 6d8c0c06ee32dc03ba80acd48334e98728e56cf5 Mon Sep 17 00:00:00 2001 +From: Karol Babioch +Date: Fri, 2 Mar 2018 14:40:58 +0100 +Subject: [PATCH] opj_mj2_extract: Check provided output prefix for length + +This uses snprintf() with correct buffer length instead of sprintf(). This +prevents a buffer overflow when providing a long output prefix. Furthermore +the program exits with an error when the provided output prefix is too long. + +Fixes #1088. +--- + src/bin/mj2/opj_mj2_extract.c | 7 ++++++- + 1 file changed, 6 insertions(+), 1 deletion(-) + +diff --git a/src/bin/mj2/opj_mj2_extract.c b/src/bin/mj2/opj_mj2_extract.c +index a062e17d8..244110523 100644 +--- a/src/bin/mj2/opj_mj2_extract.c ++++ b/src/bin/mj2/opj_mj2_extract.c +@@ -140,7 +140,12 @@ int main(int argc, char *argv[]) + fread(frame_codestream, sample->sample_size - 8, 1, + file); /* Assuming that jp and ftyp markers size do*/ + +- sprintf(outfilename, "%s_%05d.j2k", argv[2], snum); ++ int num = snprintf(outfilename, sizeof(outfilename), "%s_%05d.j2k", argv[2], snum); ++ if (num >= sizeof(outfilename)) { ++ fprintf(stderr, "maximum length of output prefix exceeded\n"); ++ return 1; ++ } ++ + outfile = fopen(outfilename, "wb"); + if (!outfile) { + fprintf(stderr, "failed to open %s for writing\n", outfilename); diff --git a/openjpeg-2.3.1.tar.gz b/openjpeg-2.3.1.tar.gz new file mode 100644 index 0000000..13416d2 Binary files /dev/null and b/openjpeg-2.3.1.tar.gz differ diff --git a/openjpeg2.spec b/openjpeg2.spec new file mode 100644 index 0000000..e19f857 --- /dev/null +++ b/openjpeg2.spec @@ -0,0 +1,87 @@ +Name: openjpeg2 +Version: 2.3.1 +Release: 1 +Summary: C-Library for JPEG 2000 +License: BSD and MIT +URL: https://github.com/uclouvain/openjpeg +Source0: https://github.com/uclouvain/openjpeg/archive/v%{version}/openjpeg-%{version}.tar.gz + +Patch0: openjpeg2_remove-thirdparty.patch +Patch1: openjpeg2_opj2.patch + +BuildRequires: cmake gcc-c++ make zlib-devel libpng-devel libtiff-devel lcms2-devel doxygen + +Provides: %{name}-tools +Obsoletes: %{name}-tools + +%description +OpenJPEG is an open-source JPEG 2000 codec written in C language. It has been developed in order +to promote the use of JPEG 2000, a still-image compression standard from the Joint Photographic +Experts Group (JPEG). Since April 2015, it is officially recognized by ISO/IEC and ITU-T as a +JPEG 2000 Reference Software. + +%package devel +Summary: Development files for OpenJPEG 2 +Requires: %{name}%{?_isa} = %{version}-%{release} + +%description devel +The %{name}-devel package contains libraries and header files for developing +applications that use OpenJPEG 2. + +%package_help + +%prep +%autosetup -n openjpeg-%{version} -p1 + +rm -rf thirdparty + +%build +mkdir %{_target_platform} +pushd %{_target_platform} +%cmake -DCMAKE_BUILD_TYPE=RelWithDebInfo -DOPENJPEG_INSTALL_LIB_DIR=%{_lib} \ + %{?optional_components:-DBUILD_MJ2=ON -DBUILD_JPWL=ON -DBUILD_JPIP=ON -DBUILD_JP3D=ON} \ + -DBUILD_DOC=ON \ + -DBUILD_STATIC_LIBS=OFF \ + -DBUILD_SHARED_LIBS=ON \ + %{?runcheck:-DBUILD_TESTING:BOOL=ON -DOPJ_DATA_ROOT=$PWD/../data} \ + .. +popd + +%make_build VERBOSE=1 -C %{_target_platform} + + +%install +%make_install -C %{_target_platform} + +mv %{buildroot}%{_mandir}/man1/opj_compress.1 %{buildroot}%{_mandir}/man1/opj2_compress.1 +mv %{buildroot}%{_mandir}/man1/opj_decompress.1 %{buildroot}%{_mandir}/man1/opj2_decompress.1 +mv %{buildroot}%{_mandir}/man1/opj_dump.1 %{buildroot}%{_mandir}/man1/opj2_dump.1 + +%ldconfig_scriptlets + +%files +%defattr(-,root,root) +%{!?_licensedir:%global license %doc} +%doc AUTHORS.md +%license LICENSE +%{_libdir}/libopenjp2.so.* +%{_bindir}/opj2* +%exclude %{_datadir}/doc/ + +%files devel +%defattr(-,root,root) +%{_includedir}/openjpeg-2.3/*.h +%{_libdir}/*.so +%{_libdir}/openjpeg-2.3/ +%{_libdir}/pkgconfig/libopenjp2.pc + +%files help +%defattr(-,root,root) +%doc %{_target_platform}/doc/html +%doc NEWS.md README.md THANKS.md +%{_mandir}/man1/*.1* +%{_mandir}/man3/*.3* + +%changelog +* Thu Sep 19 2019 openEuler Buildteam - 2.3.1-1 +- Package init diff --git a/openjpeg2_install.patch b/openjpeg2_install.patch new file mode 100644 index 0000000..9e06fd2 --- /dev/null +++ b/openjpeg2_install.patch @@ -0,0 +1,11 @@ +diff -rupN openjpeg-2.3.0/src/lib/openjp2/CMakeLists.txt openjpeg-2.3.0-new/src/lib/openjp2/CMakeLists.txt +--- openjpeg-2.3.0/src/lib/openjp2/CMakeLists.txt 2017-10-05 00:23:14.000000000 +0200 ++++ openjpeg-2.3.0-new/src/lib/openjp2/CMakeLists.txt 2017-12-25 13:53:07.000000000 +0100 +@@ -99,6 +99,7 @@ else() + set(INSTALL_LIBS ${OPENJPEG_LIBRARY_NAME} openjp2_static) + else() + add_library(${OPENJPEG_LIBRARY_NAME} ${OPENJPEG_SRCS}) ++ set(INSTALL_LIBS ${OPENJPEG_LIBRARY_NAME}) + endif() + endif() + diff --git a/openjpeg2_opj2.patch b/openjpeg2_opj2.patch new file mode 100644 index 0000000..4a531ad --- /dev/null +++ b/openjpeg2_opj2.patch @@ -0,0 +1,12 @@ +diff -rupN openjpeg-2.3.1/src/bin/jp2/CMakeLists.txt openjpeg-2.3.1-new/src/bin/jp2/CMakeLists.txt +--- openjpeg-2.3.1/src/bin/jp2/CMakeLists.txt 2019-04-02 14:45:15.000000000 +0200 ++++ openjpeg-2.3.1-new/src/bin/jp2/CMakeLists.txt 2019-04-02 16:14:13.726252297 +0200 +@@ -44,6 +44,8 @@ endif() + # Loop over all executables: + foreach(exe opj_decompress opj_compress opj_dump) + add_executable(${exe} ${exe}.c ${common_SRCS}) ++ string(REPLACE "opj_" "opj2_" exe2 ${exe}) ++ set_target_properties(${exe} PROPERTIES OUTPUT_NAME ${exe2}) + if(NOT ${CMAKE_VERSION} VERSION_LESS "2.8.12") + target_compile_options(${exe} PRIVATE ${OPENJP2_COMPILE_OPTIONS}) + endif() diff --git a/openjpeg2_remove-thirdparty.patch b/openjpeg2_remove-thirdparty.patch new file mode 100644 index 0000000..12ac763 --- /dev/null +++ b/openjpeg2_remove-thirdparty.patch @@ -0,0 +1,11 @@ +diff -rupN openjpeg-2.3.1/CMakeLists.txt openjpeg-2.3.1-new/CMakeLists.txt +--- openjpeg-2.3.1/CMakeLists.txt 2019-04-02 14:45:15.000000000 +0200 ++++ openjpeg-2.3.1-new/CMakeLists.txt 2019-04-02 16:14:13.688252343 +0200 +@@ -278,7 +278,6 @@ if(BUILD_CODEC OR BUILD_MJ2) + # OFF: It will only build 3rd party libs if they are not found on the system + # ON: 3rd party libs will ALWAYS be build, and used + option(BUILD_THIRDPARTY "Build the thirdparty executables if it is needed" OFF) +- add_subdirectory(thirdparty) + add_subdirectory(src/bin) + endif () + add_subdirectory(wrapping)