import compat-exiv2-026-0.26-7.el8
This commit is contained in:
parent
0d503e7822
commit
5155abcd6e
280
SOURCES/exiv2-CVE-2020-18898.patch
Normal file
280
SOURCES/exiv2-CVE-2020-18898.patch
Normal file
@ -0,0 +1,280 @@
|
||||
diff --git a/src/exiv2.cpp b/src/exiv2.cpp
|
||||
index dbd2834..75c6fc2 100644
|
||||
--- a/src/exiv2.cpp
|
||||
+++ b/src/exiv2.cpp
|
||||
@@ -593,41 +593,79 @@ int Params::evalPrint(const std::string& optarg)
|
||||
{
|
||||
int rc = 0;
|
||||
switch (action_) {
|
||||
- case Action::none:
|
||||
- switch (optarg[0]) {
|
||||
- case 's': action_ = Action::print; printMode_ = pmSummary; break;
|
||||
- case 'a': rc = evalPrintFlags("kyct"); break;
|
||||
- case 'e': rc = evalPrintFlags("Ekycv"); break;
|
||||
- case 't': rc = evalPrintFlags("Ekyct"); break;
|
||||
- case 'v': rc = evalPrintFlags("Exgnycv"); break;
|
||||
- case 'h': rc = evalPrintFlags("Exgnycsh"); break;
|
||||
- case 'i': rc = evalPrintFlags("Ikyct"); break;
|
||||
- case 'x': rc = evalPrintFlags("Xkyct"); break;
|
||||
- case 'c': action_ = Action::print; printMode_ = pmComment ; break;
|
||||
- case 'p': action_ = Action::print; printMode_ = pmPreview ; break;
|
||||
- case 'C': action_ = Action::print; printMode_ = pmIccProfile ; break;
|
||||
- case 'R': action_ = Action::print; printMode_ = pmRecursive ; break;
|
||||
- case 'S': action_ = Action::print; printMode_ = pmStructure ; break;
|
||||
- case 'X': action_ = Action::print; printMode_ = pmXMP ; break;
|
||||
+ case Action::none:
|
||||
+ switch (optarg[0]) {
|
||||
+ case 's':
|
||||
+ action_ = Action::print;
|
||||
+ printMode_ = pmSummary;
|
||||
+ break;
|
||||
+ case 'a':
|
||||
+ rc = evalPrintFlags("kyct");
|
||||
+ break;
|
||||
+ case 'e':
|
||||
+ rc = evalPrintFlags("Ekycv");
|
||||
+ break;
|
||||
+ case 't':
|
||||
+ rc = evalPrintFlags("Ekyct");
|
||||
+ break;
|
||||
+ case 'v':
|
||||
+ rc = evalPrintFlags("Exgnycv");
|
||||
+ break;
|
||||
+ case 'h':
|
||||
+ rc = evalPrintFlags("Exgnycsh");
|
||||
+ break;
|
||||
+ case 'i':
|
||||
+ rc = evalPrintFlags("Ikyct");
|
||||
+ break;
|
||||
+ case 'x':
|
||||
+ rc = evalPrintFlags("Xkyct");
|
||||
+ break;
|
||||
+ case 'c':
|
||||
+ action_ = Action::print;
|
||||
+ printMode_ = pmComment;
|
||||
+ break;
|
||||
+ case 'p':
|
||||
+ action_ = Action::print;
|
||||
+ printMode_ = pmPreview;
|
||||
+ break;
|
||||
+ case 'C':
|
||||
+ action_ = Action::print;
|
||||
+ printMode_ = pmIccProfile;
|
||||
+ break;
|
||||
+ case 'R':
|
||||
+ #ifdef NDEBUG
|
||||
+ std::cerr << progname() << ": " << _("Action not available in Release mode")
|
||||
+ << ": '" << optarg << "'\n";
|
||||
+ rc = 1;
|
||||
+ #else
|
||||
+ action_ = Action::print;
|
||||
+ printMode_ = pmRecursive;
|
||||
+ #endif
|
||||
+ break;
|
||||
+ case 'S':
|
||||
+ action_ = Action::print;
|
||||
+ printMode_ = pmStructure;
|
||||
+ break;
|
||||
+ case 'X':
|
||||
+ action_ = Action::print;
|
||||
+ printMode_ = pmXMP;
|
||||
+ break;
|
||||
+ default:
|
||||
+ std::cerr << progname() << ": " << _("Unrecognized print mode") << " `" << optarg << "'\n";
|
||||
+ rc = 1;
|
||||
+ break;
|
||||
+ }
|
||||
+ break;
|
||||
+ case Action::print:
|
||||
+ std::cerr << progname() << ": " << _("Ignoring surplus option -p") << optarg << "\n";
|
||||
+ break;
|
||||
default:
|
||||
- std::cerr << progname() << ": " << _("Unrecognized print mode") << " `"
|
||||
- << optarg << "'\n";
|
||||
+ std::cerr << progname() << ": " << _("Option -p is not compatible with a previous option\n");
|
||||
rc = 1;
|
||||
break;
|
||||
- }
|
||||
- break;
|
||||
- case Action::print:
|
||||
- std::cerr << progname() << ": "
|
||||
- << _("Ignoring surplus option -p") << optarg << "\n";
|
||||
- break;
|
||||
- default:
|
||||
- std::cerr << progname() << ": "
|
||||
- << _("Option -p is not compatible with a previous option\n");
|
||||
- rc = 1;
|
||||
- break;
|
||||
}
|
||||
return rc;
|
||||
-} // Params::evalPrint
|
||||
+} // Params::evalPrint
|
||||
|
||||
int Params::evalPrintFlags(const std::string& optarg)
|
||||
{
|
||||
diff --git a/test/data/webp-test.out b/test/data/webp-test.out
|
||||
index e92a844..eec850d 100644
|
||||
--- a/test/data/webp-test.out
|
||||
+++ b/test/data/webp-test.out
|
||||
@@ -1,149 +1,3 @@
|
||||
-STRUCTURE OF WEBP FILE: exiv2-bug1199.webp
|
||||
- Chunk | Length | Offset | Payload
|
||||
- RIFF | 187526 | 0 | WEBP
|
||||
- VP8X | 10 | 12 | ,........
|
||||
- ICCP | 560 | 30 | ...0ADBE....mntrRGB XYZ ........
|
||||
- VP8 | 172008 | 598 | .G...*.. .>1..B.!..o.. ......]..
|
||||
- EXIF | 12040 | 172614 | II*........................... .
|
||||
- XMP | 2864 | 184662 | <?xpacket begin="..." id="W5M0Mp
|
||||
-STRUCTURE OF WEBP FILE: exiv2-bug1199.webp
|
||||
- Chunk | Length | Offset | Payload
|
||||
- RIFF | 187526 | 0 | WEBP
|
||||
- VP8X | 10 | 12 | ,........
|
||||
- ICCP | 560 | 30 | ...0ADBE....mntrRGB XYZ ........
|
||||
- VP8 | 172008 | 598 | .G...*.. .>1..B.!..o.. ......]..
|
||||
- EXIF | 12040 | 172614 | II*........................... .
|
||||
- STRUCTURE OF TIFF FILE (II): MemIo
|
||||
- address | tag | type | count | offset | value
|
||||
- 10 | 0x0100 ImageWidth | LONG | 1 | 1200 | 1200
|
||||
- 22 | 0x0101 ImageLength | LONG | 1 | 800 | 800
|
||||
- 34 | 0x0102 BitsPerSample | SHORT | 3 | 194 | 8 8 8
|
||||
- 46 | 0x010e ImageDescription | ASCII | 37 | 200 | ...
|
||||
- 58 | 0x010f Make | ASCII | 18 | 238 | NIKON CORPORATION
|
||||
- 70 | 0x0110 Model | ASCII | 12 | 256 | NIKON D5300
|
||||
- 82 | 0x0112 Orientation | SHORT | 1 | 1 | 1
|
||||
- 94 | 0x011a XResolution | RATIONAL | 1 | 268 | 300/1
|
||||
- 106 | 0x011b YResolution | RATIONAL | 1 | 276 | 300/1
|
||||
- 118 | 0x0128 ResolutionUnit | SHORT | 1 | 2 | 2
|
||||
- 130 | 0x0131 Software | ASCII | 11 | 284 | GIMP 2.9.5
|
||||
- 142 | 0x0132 DateTime | ASCII | 20 | 296 | 2016:08:13 10:54:16
|
||||
- 154 | 0x0213 YCbCrPositioning | SHORT | 1 | 1 | 1
|
||||
- 166 | 0x8769 ExifTag | LONG | 1 | 316 | 316
|
||||
- STRUCTURE OF TIFF FILE (II): MemIo
|
||||
- address | tag | type | count | offset | value
|
||||
- 318 | 0x829a ExposureTime | RATIONAL | 1 | 814 | 10/4000
|
||||
- 330 | 0x829d FNumber | RATIONAL | 1 | 822 | 100/10
|
||||
- 342 | 0x8822 ExposureProgram | SHORT | 1 | 0 | 0
|
||||
- 354 | 0x8827 ISOSpeedRatings | SHORT | 1 | 200 | 200
|
||||
- 366 | 0x8830 SensitivityType | SHORT | 1 | 2 | 2
|
||||
- 378 | 0x9000 ExifVersion | UNDEFINED | 4 | 808661552 | 0230
|
||||
- 390 | 0x9003 DateTimeOriginal | ASCII | 20 | 830 | 2015:07:16 15:38:54
|
||||
- 402 | 0x9004 DateTimeDigitized | ASCII | 20 | 850 | 2015:07:16 15:38:54
|
||||
- 414 | 0x9101 ComponentsConfiguration | UNDEFINED | 4 | 197121 | ...
|
||||
- 426 | 0x9102 CompressedBitsPerPixel | RATIONAL | 1 | 870 | 2/1
|
||||
- 438 | 0x9204 ExposureBiasValue | SRATIONAL | 1 | 878 | 0/6
|
||||
- 450 | 0x9205 MaxApertureValue | RATIONAL | 1 | 886 | 43/10
|
||||
- 462 | 0x9207 MeteringMode | SHORT | 1 | 5 | 5
|
||||
- 474 | 0x9208 LightSource | SHORT | 1 | 0 | 0
|
||||
- 486 | 0x9209 Flash | SHORT | 1 | 16 | 16
|
||||
- 498 | 0x920a FocalLength | RATIONAL | 1 | 894 | 440/10
|
||||
- 510 | 0x927c MakerNote | UNDEFINED | 3826 | 902 | Nikon.....II*.....9.+...$...... ...
|
||||
- STRUCTURE OF TIFF FILE (II): MemIo
|
||||
- address | tag | type | count | offset | value
|
||||
- 10 | 0x002b | ASCII | 36 | 698 | 48 49 48 48 0 0 2 0 0 0 0 0 0 0 ...
|
||||
- 22 | 0x002c | ASCII | 1157 | 734 | 48 49 48 49 35 0 128 2 170 1 0 0 ...
|
||||
- 34 | 0x002d | ASCII | 8 | 1892 | 512 0 0
|
||||
- 46 | 0x0032 | ASCII | 20 | 1900 | 48 49 48 48 1 0 0 0
|
||||
- 58 | 0x0035 | ASCII | 16 | 1920 | 48 50 48 48 0 0
|
||||
- 70 | 0x003b | ASCII | 32 | 1936 | 256/256 256/256 256/256 256/256
|
||||
- 82 | 0x003c | ASCII | 2 | 49 | 1
|
||||
- 94 | 0x009d | ASCII | 2 | 48 | 0
|
||||
- 106 | 0x00a3 | BYTE | 1 | 0 |
|
||||
- 118 | 0x00b6 | ASCII | 16 | 1968 | 0 0 0 0 0 0 0 0
|
||||
- 130 | 0x00bb | ASCII | 26 | 1984 | 48 50 48 48 255 255 255 0
|
||||
- 142 | 0x00bf | ASCII | 2 | 48 | 0
|
||||
- 154 | 0x00c0 | ASCII | 21 | 2010 | 60 1 12 0 144 1 12 0
|
||||
- 166 | 0x0022 | SHORT | 1 | 65535 | 65535
|
||||
- 178 | 0x008a | SHORT | 1 | 1 | 1
|
||||
- 190 | 0x001e GPSDifferential | SHORT | 1 | 1 | 1
|
||||
- 202 | 0x001b GPSProcessingMethod | SHORT | 7 | 2032 | 0 6016 4016 6016 4016 ...
|
||||
- 214 | 0x0019 GPSDestDistanceRef | SRATIONAL | 1 | 2046 | 0/6
|
||||
- 226 | 0x000e GPSTrackRef | UNDEFINED | 4 | 786688 | ...
|
||||
- 238 | 0x001c GPSAreaInformation | SHORT | 3 | 2054 | 0 1 6
|
||||
- 250 | 0x0018 GPSDestBearing | UNDEFINED | 4 | 393472 | ...
|
||||
- 262 | 0x0012 GPSMapDatum | UNDEFINED | 4 | 393472 | ...
|
||||
- 274 | 0x0009 GPSStatus | ASCII | 20 | 2060 |
|
||||
- 286 | 0x0017 GPSDestBearingRef | UNDEFINED | 4 | 393472 | ...
|
||||
- 298 | 0x00a8 | UNDEFINED | 49 | 2080 | 0106........................... ...
|
||||
- 310 | 0x0087 | BYTE | 1 | 0 |
|
||||
- 322 | 0x0008 FlashSetting | ASCII | 13 | 2130 |
|
||||
- 334 | 0x0007 Focus | ASCII | 7 | 2144 | AF-A
|
||||
- 346 | 0x00b1 | SHORT | 1 | 4 | 4
|
||||
- 358 | 0x0013 GPSDestLatitudeRef | SHORT | 2 | 13107200 | 0 200
|
||||
- 370 | 0x0002 ISOSpeed | SHORT | 2 | 13107200 | 0 200
|
||||
- 382 | 0x0016 GPSDestLongitude | SHORT | 4 | 2152 | 0 0 6000 4000
|
||||
- 394 | 0x00a2 | LONG | 1 | 6173648 | 6173648
|
||||
- 406 | 0x0084 | RATIONAL | 4 | 2160 | 180/10 2500/10 35/10 63/10
|
||||
- 418 | 0x008b | UNDEFINED | 4 | 786743 | 7..
|
||||
- 430 | 0x0083 | BYTE | 1 | 14 | .
|
||||
- 442 | 0x0095 | ASCII | 5 | 2192 | OFF
|
||||
- 454 | 0x000d GPSSpeed | UNDEFINED | 4 | 393472 | ...
|
||||
- 466 | 0x0004 Quality | ASCII | 8 | 2198 | NORMAL
|
||||
- 478 | 0x009e | SHORT | 10 | 2206 | 0 0 0 0 0 ...
|
||||
- 490 | 0x001d GPSDateStamp | ASCII | 8 | 2226 | 2567806
|
||||
- 502 | 0x0089 | SHORT | 1 | 0 | 0
|
||||
- 514 | 0x00a7 | LONG | 1 | 9608 | 9608
|
||||
- 526 | 0x00ab | ASCII | 16 | 2234 | AUTO(FLASH OFF)
|
||||
- 538 | 0x0001 Version | UNDEFINED | 4 | 825307696 | 0211
|
||||
- 550 | 0x000c GPSSpeedRef | RATIONAL | 4 | 2250 | 538/256 354/256 256/256 256/256
|
||||
- 562 | 0x0005 WhiteBalance | ASCII | 13 | 2282 | AUTO
|
||||
- 574 | 0x000b ProcessingSoftware | SSHORT | 2 | 0 | 0 0
|
||||
- 586 | 0x00b7 | UNDEFINED | 30 | 2296 | 0100....i....................
|
||||
- 598 | 0x0097 | UNDEFINED | 1188 | 2326 | 0219.dU....W..2......:.......F.# ...
|
||||
- 610 | 0x00b8 | UNDEFINED | 172 | 3514 | 0100..e........................ ...
|
||||
- 622 | 0x0025 | UNDEFINED | 14 | 3686 | H.....H......
|
||||
- 634 | 0x0098 | UNDEFINED | 33 | 3700 | 0204.W....z.o..#[.....!o.x..E... ...
|
||||
- 646 | 0x00b0 | UNDEFINED | 16 | 3734 | 0100...........
|
||||
- 658 | 0x0023 | UNDEFINED | 58 | 3750 | 0100STANDARD............STANDARD ...
|
||||
- 670 | 0x001f | UNDEFINED | 8 | 3808 | 0100...
|
||||
- 682 | 0x0024 | UNDEFINED | 4 | 65536 | ...
|
||||
- END MemIo
|
||||
- 522 | 0x9286 UserComment | UNDEFINED | 44 | 4728 | ........ ...
|
||||
- 534 | 0x9290 SubSecTime | ASCII | 3 | 12336 | 00
|
||||
- 546 | 0x9291 SubSecTimeOriginal | ASCII | 3 | 12336 | 00
|
||||
- 558 | 0x9292 SubSecTimeDigitized | ASCII | 3 | 12336 | 00
|
||||
- 570 | 0xa000 FlashpixVersion | UNDEFINED | 4 | 808464688 | 0100
|
||||
- 582 | 0xa001 ColorSpace | SHORT | 1 | 1 | 1
|
||||
- 594 | 0xa002 PixelXDimension | LONG | 1 | 6000 | 6000
|
||||
- 606 | 0xa003 PixelYDimension | LONG | 1 | 4000 | 4000
|
||||
- 618 | 0xa217 SensingMethod | SHORT | 1 | 2 | 2
|
||||
- 630 | 0xa300 FileSource | UNDEFINED | 1 | 3 | .
|
||||
- 642 | 0xa301 SceneType | UNDEFINED | 1 | 1 | .
|
||||
- 654 | 0xa302 CFAPattern | UNDEFINED | 8 | 4772 | ........
|
||||
- 666 | 0xa401 CustomRendered | SHORT | 1 | 0 | 0
|
||||
- 678 | 0xa402 ExposureMode | SHORT | 1 | 0 | 0
|
||||
- 690 | 0xa403 WhiteBalance | SHORT | 1 | 0 | 0
|
||||
- 702 | 0xa404 DigitalZoomRatio | RATIONAL | 1 | 4780 | 1/1
|
||||
- 714 | 0xa405 FocalLengthIn35mmFilm | SHORT | 1 | 66 | 66
|
||||
- 726 | 0xa406 SceneCaptureType | SHORT | 1 | 0 | 0
|
||||
- 738 | 0xa407 GainControl | SHORT | 1 | 0 | 0
|
||||
- 750 | 0xa408 Contrast | SHORT | 1 | 0 | 0
|
||||
- 762 | 0xa409 Saturation | SHORT | 1 | 0 | 0
|
||||
- 774 | 0xa40a Sharpness | SHORT | 1 | 0 | 0
|
||||
- 786 | 0xa40c SubjectDistanceRange | SHORT | 1 | 0 | 0
|
||||
- 798 | 0xa420 ImageUniqueID | ASCII | 33 | 4788 | 090caaf2c085f3e102513b24750041aa ...
|
||||
- END MemIo
|
||||
- 178 | 0x8825 GPSTag | LONG | 1 | 4822 | 4822
|
||||
- 5072 | 0x0100 ImageWidth | LONG | 1 | 256 | 256
|
||||
- 5084 | 0x0101 ImageLength | LONG | 1 | 170 | 170
|
||||
- 5096 | 0x0102 BitsPerSample | SHORT | 3 | 5172 | 8 8 8
|
||||
- 5108 | 0x0103 Compression | SHORT | 1 | 6 | 6
|
||||
- 5120 | 0x0106 PhotometricInterpretation | SHORT | 1 | 6 | 6
|
||||
- 5132 | 0x0115 SamplesPerPixel | SHORT | 1 | 3 | 3
|
||||
- 5144 | 0x0201 JPEGInterchangeFormat | LONG | 1 | 5178 | 5178
|
||||
- 5156 | 0x0202 JPEGInterchangeFormatLeng | LONG | 1 | 6861 | 6861
|
||||
- END MemIo
|
||||
- XMP | 2864 | 184662 | <?xpacket begin="..." id="W5M0Mp
|
||||
<?xml version="1.0"?>
|
||||
<?xpacket begin="" id="W5M0MpCehiHzreSzNTczkc9d"?>
|
||||
<x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="XMP Core 4.4.0-Exiv2">
|
||||
diff --git a/test/webp-test.sh b/test/webp-test.sh
|
||||
index 04ffe19..9c53293 100755
|
||||
--- a/test/webp-test.sh
|
||||
+++ b/test/webp-test.sh
|
||||
@@ -14,7 +14,6 @@ source ./functions.source
|
||||
|
||||
copyTestFile $filename
|
||||
runTest exiv2 -pS $filename
|
||||
- runTest exiv2 -pR $filename
|
||||
runTest exiv2 -pX $filename | xmllint --format -
|
||||
printf "delete " >&3
|
||||
# test deleting metadata
|
@ -1,6 +1,6 @@
|
||||
Name: compat-exiv2-026
|
||||
Version: 0.26
|
||||
Release: 6%{?dist}
|
||||
Release: 7%{?dist}
|
||||
Summary: Compatibility package with the exiv2 library in version 0.26
|
||||
|
||||
License: GPLv2+
|
||||
@ -36,6 +36,7 @@ Patch28: exiv2-CVE-2021-31291.patch
|
||||
Patch29: exiv2-CVE-2021-31292.patch
|
||||
Patch30: exiv2-CVE-2021-37618.patch
|
||||
Patch31: exiv2-CVE-2021-37619.patch
|
||||
Patch32: exiv2-CVE-2020-18898.patch
|
||||
|
||||
## upstreamable patches
|
||||
|
||||
@ -100,6 +101,10 @@ rm -rf mv %{buildroot}%{_libdir}/libexiv2.so
|
||||
|
||||
|
||||
%changelog
|
||||
* Wed Oct 13 2021 Jan Grulich <jgrulich@redhat.com> - 0.26-7
|
||||
- Fix stack exhaustion issue in the printIFDStructure function
|
||||
Resolves: bz#2003669
|
||||
|
||||
* Wed Aug 18 2021 Jan Grulich <jgrulich@redhat.com> - 0.26-6
|
||||
- Fix out-of-bounds read in Exiv2::Jp2Image::printStructure
|
||||
Resolves: bz#1993283
|
||||
|
Loading…
Reference in New Issue
Block a user