From 359483f939b95e94ef234cd6f4908fcc2e64ed7f Mon Sep 17 00:00:00 2001
From: DistroBaker <osci-list@redhat.com>
Date: Sat, 28 Nov 2020 22:49:27 +0000
Subject: [PATCH] Merged update from upstream sources

This is an automated DistroBaker update from upstream sources.
If you do not know what this is about or would like to opt out,
contact the OSCI team.

Source: https://src.fedoraproject.org/rpms/openjpeg2.git#f7e0d8451bb9965bfa503ee9d4056afa1b8521ac
---
 openjpeg2.spec                 |  8 +++++++-
 openjpeg2_CVE-2020-27814.patch | 16 ++++++++++++++++
 openjpeg2_CVE-2020-6851.patch  | 19 ++++---------------
 openjpeg2_CVE-2020-8112.patch  | 21 ++++-----------------
 openjpeg2_opj2.patch           |  4 ++--
 5 files changed, 33 insertions(+), 35 deletions(-)
 create mode 100644 openjpeg2_CVE-2020-27814.patch

diff --git a/openjpeg2.spec b/openjpeg2.spec
index 0d4837c..3406a80 100644
--- a/openjpeg2.spec
+++ b/openjpeg2.spec
@@ -8,7 +8,7 @@
 
 Name:           openjpeg2
 Version:        2.3.1
-Release:        7%{?dist}
+Release:        8%{?dist}
 Summary:        C-Library for JPEG 2000
 
 # windirent.h is MIT, the rest is BSD
@@ -28,6 +28,9 @@ Patch1:         openjpeg2_CVE-2020-6851.patch
 # Backport patch for CVE 2020-8112
 # https://github.com/uclouvain/openjpeg/pull/1232/commits/05f9b91e60debda0e83977e5e63b2e66486f7074
 Patch2:         openjpeg2_CVE-2020-8112.patch
+# Backport patch for CVE-2020-27814
+# https://github.com/uclouvain/openjpeg/commit/eaa098b59b346cb88e4d10d505061f669d7134fc
+Patch3:         openjpeg2_CVE-2020-27814.patch
 
 
 BuildRequires:  cmake
@@ -330,6 +333,9 @@ chmod +x %{buildroot}%{_bindir}/opj2_jpip_viewer
 
 
 %changelog
+* Sat Nov 28 2020 Sandro Mani <manisandro@gmail.com> - 2.3.1-8
+- Backport patch for CVE-2020-27814
+
 * Tue Jul 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2.3.1-7
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
 
diff --git a/openjpeg2_CVE-2020-27814.patch b/openjpeg2_CVE-2020-27814.patch
new file mode 100644
index 0000000..cbb8007
--- /dev/null
+++ b/openjpeg2_CVE-2020-27814.patch
@@ -0,0 +1,16 @@
+diff -rupN --no-dereference openjpeg-2.3.1/src/lib/openjp2/tcd.c openjpeg-2.3.1-new/src/lib/openjp2/tcd.c
+--- openjpeg-2.3.1/src/lib/openjp2/tcd.c	2020-11-28 23:29:38.701863373 +0100
++++ openjpeg-2.3.1-new/src/lib/openjp2/tcd.c	2020-11-28 23:29:38.704863383 +0100
+@@ -1235,9 +1235,11 @@ static OPJ_BOOL opj_tcd_code_block_enc_a
+ 
+     /* +1 is needed for https://github.com/uclouvain/openjpeg/issues/835 */
+     /* and actually +2 required for https://github.com/uclouvain/openjpeg/issues/982 */
++    /* and +7 for https://github.com/uclouvain/openjpeg/issues/1283 (-M 3) */
++    /* and +26 for https://github.com/uclouvain/openjpeg/issues/1283 (-M 7) */
+     /* TODO: is there a theoretical upper-bound for the compressed code */
+     /* block size ? */
+-    l_data_size = 2 + (OPJ_UINT32)((p_code_block->x1 - p_code_block->x0) *
++    l_data_size = 26 + (OPJ_UINT32)((p_code_block->x1 - p_code_block->x0) *
+                                    (p_code_block->y1 - p_code_block->y0) * (OPJ_INT32)sizeof(OPJ_UINT32));
+ 
+     if (l_data_size > p_code_block->data_size) {
diff --git a/openjpeg2_CVE-2020-6851.patch b/openjpeg2_CVE-2020-6851.patch
index 9a70291..5e2cfd7 100644
--- a/openjpeg2_CVE-2020-6851.patch
+++ b/openjpeg2_CVE-2020-6851.patch
@@ -1,18 +1,7 @@
-From 024b8407392cb0b82b04b58ed256094ed5799e04 Mon Sep 17 00:00:00 2001
-From: Even Rouault <even.rouault@spatialys.com>
-Date: Sat, 11 Jan 2020 01:51:19 +0100
-Subject: [PATCH] opj_j2k_update_image_dimensions(): reject images whose
- coordinates are beyond INT_MAX (fixes #1228)
-
----
- src/lib/openjp2/j2k.c | 8 ++++++++
- 1 file changed, 8 insertions(+)
-
-diff --git a/src/lib/openjp2/j2k.c b/src/lib/openjp2/j2k.c
-index 14f6ff41a..922550eb1 100644
---- a/src/lib/openjp2/j2k.c
-+++ b/src/lib/openjp2/j2k.c
-@@ -9221,6 +9221,14 @@ static OPJ_BOOL opj_j2k_update_image_dimensions(opj_image_t* p_image,
+diff -rupN --no-dereference openjpeg-2.3.1/src/lib/openjp2/j2k.c openjpeg-2.3.1-new/src/lib/openjp2/j2k.c
+--- openjpeg-2.3.1/src/lib/openjp2/j2k.c	2019-04-02 14:45:15.000000000 +0200
++++ openjpeg-2.3.1-new/src/lib/openjp2/j2k.c	2020-11-28 23:29:38.618863089 +0100
+@@ -9236,6 +9236,14 @@ static OPJ_BOOL opj_j2k_update_image_dim
      l_img_comp = p_image->comps;
      for (it_comp = 0; it_comp < p_image->numcomps; ++it_comp) {
          OPJ_INT32 l_h, l_w;
diff --git a/openjpeg2_CVE-2020-8112.patch b/openjpeg2_CVE-2020-8112.patch
index 95cb809..dd6e1b9 100644
--- a/openjpeg2_CVE-2020-8112.patch
+++ b/openjpeg2_CVE-2020-8112.patch
@@ -1,20 +1,7 @@
-From 05f9b91e60debda0e83977e5e63b2e66486f7074 Mon Sep 17 00:00:00 2001
-From: Even Rouault <even.rouault@spatialys.com>
-Date: Thu, 30 Jan 2020 00:59:57 +0100
-Subject: [PATCH] opj_tcd_init_tile(): avoid integer overflow
-
-That could lead to later assertion failures.
-
-Fixes #1231 / CVE-2020-8112
----
- src/lib/openjp2/tcd.c | 20 ++++++++++++++++++--
- 1 file changed, 18 insertions(+), 2 deletions(-)
-
-diff --git a/src/lib/openjp2/tcd.c b/src/lib/openjp2/tcd.c
-index deecc4dff..aa419030a 100644
---- a/src/lib/openjp2/tcd.c
-+++ b/src/lib/openjp2/tcd.c
-@@ -905,8 +905,24 @@ static INLINE OPJ_BOOL opj_tcd_init_tile(opj_tcd_t *p_tcd, OPJ_UINT32 p_tile_no,
+diff -rupN --no-dereference openjpeg-2.3.1/src/lib/openjp2/tcd.c openjpeg-2.3.1-new/src/lib/openjp2/tcd.c
+--- openjpeg-2.3.1/src/lib/openjp2/tcd.c	2019-04-02 14:45:15.000000000 +0200
++++ openjpeg-2.3.1-new/src/lib/openjp2/tcd.c	2020-11-28 23:29:38.662863239 +0100
+@@ -905,8 +905,24 @@ static INLINE OPJ_BOOL opj_tcd_init_tile
              /* p. 64, B.6, ISO/IEC FDIS15444-1 : 2000 (18 august 2000)  */
              l_tl_prc_x_start = opj_int_floordivpow2(l_res->x0, (OPJ_INT32)l_pdx) << l_pdx;
              l_tl_prc_y_start = opj_int_floordivpow2(l_res->y0, (OPJ_INT32)l_pdy) << l_pdy;
diff --git a/openjpeg2_opj2.patch b/openjpeg2_opj2.patch
index 4a531ad..f4ecd0c 100644
--- a/openjpeg2_opj2.patch
+++ b/openjpeg2_opj2.patch
@@ -1,6 +1,6 @@
-diff -rupN openjpeg-2.3.1/src/bin/jp2/CMakeLists.txt openjpeg-2.3.1-new/src/bin/jp2/CMakeLists.txt
+diff -rupN --no-dereference openjpeg-2.3.1/src/bin/jp2/CMakeLists.txt openjpeg-2.3.1-new/src/bin/jp2/CMakeLists.txt
 --- openjpeg-2.3.1/src/bin/jp2/CMakeLists.txt	2019-04-02 14:45:15.000000000 +0200
-+++ openjpeg-2.3.1-new/src/bin/jp2/CMakeLists.txt	2019-04-02 16:14:13.726252297 +0200
++++ openjpeg-2.3.1-new/src/bin/jp2/CMakeLists.txt	2020-11-28 23:29:38.576862946 +0100
 @@ -44,6 +44,8 @@ endif()
  # Loop over all executables:
  foreach(exe opj_decompress opj_compress opj_dump)