diff --git a/78d323ecbe6a9752aee6e97118a76d40704d73ee.patch b/78d323ecbe6a9752aee6e97118a76d40704d73ee.patch deleted file mode 100644 index 3bd2e35..0000000 --- a/78d323ecbe6a9752aee6e97118a76d40704d73ee.patch +++ /dev/null @@ -1,97 +0,0 @@ -From 78d323ecbe6a9752aee6e97118a76d40704d73ee Mon Sep 17 00:00:00 2001 -From: Alex Tutubalin -Date: Thu, 20 Aug 2020 15:24:40 +0300 -Subject: [PATCH] Additional checks in hassy model parser - ---- - src/metadata/hasselblad_model.cpp | 39 ++++++++++++++++++++----------- - 1 file changed, 26 insertions(+), 13 deletions(-) - -diff --git a/src/metadata/hasselblad_model.cpp b/src/metadata/hasselblad_model.cpp -index 979f56c6..f1cd0d6d 100644 ---- a/src/metadata/hasselblad_model.cpp -+++ b/src/metadata/hasselblad_model.cpp -@@ -93,7 +93,7 @@ static const char *Hasselblad_SensorEnclosures[] = { - int norm_model_isSet = 0; - - if (model[0] == ' ') -- memmove(model, model+1, strlen(model)); -+ memmove(model, model+1, MIN(sizeof(model)-1,strlen(model))); - - if (!imHassy.format) { - if (dng_version) { -@@ -116,49 +116,62 @@ static const char *Hasselblad_SensorEnclosures[] = { - memmove(imHassy.SensorUnitConnector, imHassy.SensorUnitConnector+11, 64-11); - - if (imHassy.format == LIBRAW_HF_AdobeDNG) { // Adobe DNG, use LocalizedCameraModel -+ imgdata.color.LocalizedCameraModel[63] = 0; // make sure 0-termination - if ((ps = strrchr(imgdata.color.LocalizedCameraModel, '-'))) - c = ps-imgdata.color.LocalizedCameraModel; - else c = strlen(imgdata.color.LocalizedCameraModel); -- memcpy(tmp_model, imgdata.color.LocalizedCameraModel, c); -- tmp_model[c] = 0; -+ int cc = MIN(c, sizeof(tmp_model)-1); -+ memcpy(tmp_model, imgdata.color.LocalizedCameraModel,cc); -+ tmp_model[cc] = 0; - if (strcasestr(imgdata.color.UniqueCameraModel, "coated")) { -- strcpy(normalized_model, imgdata.color.UniqueCameraModel); -+ strncpy(normalized_model, imgdata.color.UniqueCameraModel,sizeof(imgdata.color.UniqueCameraModel)-1); -+ normalized_model[sizeof(imgdata.color.UniqueCameraModel) - 1] = 0; - norm_model_isSet = 1; - } - if (!strncmp(normalized_model, "Hasselblad ", 11)) - memmove(normalized_model, normalized_model+11, 64-11); -- } else -- strcpy(tmp_model, imgdata.color.UniqueCameraModel); -+ } -+ else -+ { -+ strncpy(tmp_model, imgdata.color.UniqueCameraModel, sizeof(imgdata.color.UniqueCameraModel) - 1); -+ tmp_model[63] = 0; -+ } - if (!strncasecmp(tmp_model, "Hasselblad ", 11)) - memmove(tmp_model, tmp_model+11, 64-11); - - // check if model tag contains manual CaptureSequenceInitiator info: -- strcpy(imHassy.CaptureSequenceInitiator, model); -+ strncpy(imHassy.CaptureSequenceInitiator, model,31); -+ imHassy.CaptureSequenceInitiator[31] = 0; - FORC(int(sizeof Hasselblad_Ctrl / sizeof *Hasselblad_Ctrl)) { - if (strcasestr(model, Hasselblad_Ctrl[c])) { - // yes, fill 'model' with sensor unit data -- strcpy(model, tmp_model); -+ strncpy(model, tmp_model,63); -+ model[63] = 0; - break; - } - } - - ps = strchr(model, '-'); - if (ps) { // check if model contains both host body and sensor version, resolution, MS info -- strcpy(imHassy.SensorUnit, model); -+ strncpy(imHassy.SensorUnit, model,63); - memcpy(imHassy.HostBody, model, ps-model); - imHassy.HostBody[ps-model] = 0; - if (!strncmp(ps-2, "II-", 3)) - ps -=2; -- strcpy(imHassy.Sensor, ps); -+ strncpy(imHassy.Sensor, ps,7); -+ imHassy.Sensor[7] = 0; - add_MP_toName = 0; - } else { // model contains host body only -- strcpy(imHassy.HostBody, model); -+ strncpy(imHassy.HostBody, model,63); -+ imHassy.HostBody[63] = 0; - // fill 'model' with sensor unit data -- strcpy(model, tmp_model); -+ strncpy(model, tmp_model,63); -+ model[63] = 0; - } - - if (!strncmp(model, "503CWD", 6)) { -- strcpy(imHassy.HostBody, model); -+ strncpy(imHassy.HostBody, model,63); -+ imHassy.HostBody[63] = 0; - ilm.CameraFormat = LIBRAW_FORMAT_66; - ilm.CameraMount = LIBRAW_MOUNT_Hasselblad_V; - if (model[6] == 'I' && model[7] == 'I') diff --git a/LibRaw.spec b/LibRaw.spec index 637a2a8..c9d877e 100644 --- a/LibRaw.spec +++ b/LibRaw.spec @@ -6,8 +6,8 @@ Summary: Library for reading RAW files obtained from digital photo cameras Name: LibRaw -Version: 0.20.0 -Release: 3%{?dist} +Version: 0.20.1 +Release: 1%{?dist} License: BSD and (CDDL or LGPLv2) URL: http://www.libraw.org @@ -17,11 +17,8 @@ BuildRequires: pkgconfig(jasper) BuildRequires: pkgconfig(libjpeg) BuildRequires: autoconf automake libtool -#Source0: http://www.libraw.org/data/%{name}-%{version}.tar.gz Source0: http://github.com/LibRaw/LibRaw/archive/%{version}.tar.gz Patch0: LibRaw-pkgconfig.patch -# For CVE-2020-24890 -Patch1: 78d323ecbe6a9752aee6e97118a76d40704d73ee.patch Provides: bundled(dcraw) = 9.25 %description @@ -116,6 +113,9 @@ rm -fv %{buildroot}%{_libdir}/lib*.la %changelog +* Wed Oct 14 2020 Gwyn Ciesla - 0.20.1-1 +- 0.20.1 + * Thu Sep 24 2020 Gwyn Ciesla - 0.20.0-3 - Patch for CVE-2020-24890.