Auto sync2gitlab import of openjpeg2-2.4.0-4.el8.src.rpm
This commit is contained in:
parent
ef0dd7f380
commit
3b9172650e
1
.gitignore
vendored
Normal file
1
.gitignore
vendored
Normal file
@ -0,0 +1 @@
|
||||
/openjpeg-2.4.0.tar.gz
|
165
openjpeg2-CVE-2021-29338.patch
Normal file
165
openjpeg2-CVE-2021-29338.patch
Normal file
@ -0,0 +1,165 @@
|
||||
From efbfbbb723e100cfbcea287a30958bf678e83458 Mon Sep 17 00:00:00 2001
|
||||
From: Ariadne Conill <ariadne@dereferenced.org>
|
||||
Date: Tue, 27 Apr 2021 09:37:40 -0600
|
||||
Subject: [PATCH] opj_{compress,decompress,dump}: fix possible buffer overflows
|
||||
in path manipulation functions
|
||||
|
||||
---
|
||||
src/bin/jp2/opj_compress.c | 12 ++++++------
|
||||
src/bin/jp2/opj_decompress.c | 13 ++++++-------
|
||||
src/bin/jp2/opj_dump.c | 14 +++++++-------
|
||||
3 files changed, 19 insertions(+), 20 deletions(-)
|
||||
|
||||
diff --git a/src/bin/jp2/opj_compress.c b/src/bin/jp2/opj_compress.c
|
||||
index 6827484..d8f894c 100644
|
||||
--- a/src/bin/jp2/opj_compress.c
|
||||
+++ b/src/bin/jp2/opj_compress.c
|
||||
@@ -543,8 +543,8 @@ static char * get_file_name(char *name)
|
||||
static char get_next_file(int imageno, dircnt_t *dirptr, img_fol_t *img_fol,
|
||||
opj_cparameters_t *parameters)
|
||||
{
|
||||
- char image_filename[OPJ_PATH_LEN], infilename[OPJ_PATH_LEN],
|
||||
- outfilename[OPJ_PATH_LEN], temp_ofname[OPJ_PATH_LEN];
|
||||
+ char image_filename[OPJ_PATH_LEN], infilename[OPJ_PATH_LEN * 2],
|
||||
+ outfilename[OPJ_PATH_LEN * 2], temp_ofname[OPJ_PATH_LEN];
|
||||
char *temp_p, temp1[OPJ_PATH_LEN] = "";
|
||||
|
||||
strcpy(image_filename, dirptr->filename[imageno]);
|
||||
@@ -553,7 +553,7 @@ static char get_next_file(int imageno, dircnt_t *dirptr, img_fol_t *img_fol,
|
||||
if (parameters->decod_format == -1) {
|
||||
return 1;
|
||||
}
|
||||
- sprintf(infilename, "%s/%s", img_fol->imgdirpath, image_filename);
|
||||
+ snprintf(infilename, OPJ_PATH_LEN * 2, "%s/%s", img_fol->imgdirpath, image_filename);
|
||||
if (opj_strcpy_s(parameters->infile, sizeof(parameters->infile),
|
||||
infilename) != 0) {
|
||||
return 1;
|
||||
@@ -566,7 +566,7 @@ static char get_next_file(int imageno, dircnt_t *dirptr, img_fol_t *img_fol,
|
||||
sprintf(temp1, ".%s", temp_p);
|
||||
}
|
||||
if (img_fol->set_out_format == 1) {
|
||||
- sprintf(outfilename, "%s/%s.%s", img_fol->imgdirpath, temp_ofname,
|
||||
+ snprintf(outfilename, OPJ_PATH_LEN * 2, "%s/%s.%s", img_fol->imgdirpath, temp_ofname,
|
||||
img_fol->out_format);
|
||||
if (opj_strcpy_s(parameters->outfile, sizeof(parameters->outfile),
|
||||
outfilename) != 0) {
|
||||
@@ -1910,9 +1910,9 @@ int main(int argc, char **argv)
|
||||
num_images = get_num_images(img_fol.imgdirpath);
|
||||
dirptr = (dircnt_t*)malloc(sizeof(dircnt_t));
|
||||
if (dirptr) {
|
||||
- dirptr->filename_buf = (char*)malloc(num_images * OPJ_PATH_LEN * sizeof(
|
||||
+ dirptr->filename_buf = (char*)calloc(num_images, OPJ_PATH_LEN * sizeof(
|
||||
char)); /* Stores at max 10 image file names*/
|
||||
- dirptr->filename = (char**) malloc(num_images * sizeof(char*));
|
||||
+ dirptr->filename = (char**) calloc(num_images, sizeof(char*));
|
||||
if (!dirptr->filename_buf) {
|
||||
ret = 0;
|
||||
goto fin;
|
||||
diff --git a/src/bin/jp2/opj_decompress.c b/src/bin/jp2/opj_decompress.c
|
||||
index 2634907..e54e54f 100644
|
||||
--- a/src/bin/jp2/opj_decompress.c
|
||||
+++ b/src/bin/jp2/opj_decompress.c
|
||||
@@ -455,13 +455,13 @@ const char* path_separator = "/";
|
||||
char get_next_file(int imageno, dircnt_t *dirptr, img_fol_t *img_fol,
|
||||
opj_decompress_parameters *parameters)
|
||||
{
|
||||
- char image_filename[OPJ_PATH_LEN], infilename[OPJ_PATH_LEN],
|
||||
- outfilename[OPJ_PATH_LEN], temp_ofname[OPJ_PATH_LEN];
|
||||
+ char image_filename[OPJ_PATH_LEN], infilename[OPJ_PATH_LEN * 2],
|
||||
+ outfilename[OPJ_PATH_LEN * 2], temp_ofname[OPJ_PATH_LEN];
|
||||
char *temp_p, temp1[OPJ_PATH_LEN] = "";
|
||||
|
||||
strcpy(image_filename, dirptr->filename[imageno]);
|
||||
fprintf(stderr, "File Number %d \"%s\"\n", imageno, image_filename);
|
||||
- sprintf(infilename, "%s%s%s", img_fol->imgdirpath, path_separator,
|
||||
+ snprintf(infilename, OPJ_PATH_LEN * 2, "%s%s%s", img_fol->imgdirpath, path_separator,
|
||||
image_filename);
|
||||
parameters->decod_format = infile_format(infilename);
|
||||
if (parameters->decod_format == -1) {
|
||||
@@ -479,7 +479,7 @@ char get_next_file(int imageno, dircnt_t *dirptr, img_fol_t *img_fol,
|
||||
sprintf(temp1, ".%s", temp_p);
|
||||
}
|
||||
if (img_fol->set_out_format == 1) {
|
||||
- sprintf(outfilename, "%s/%s.%s", img_fol->imgdirpath, temp_ofname,
|
||||
+ snprintf(outfilename, OPJ_PATH_LEN * 2, "%s/%s.%s", img_fol->imgdirpath, temp_ofname,
|
||||
img_fol->out_format);
|
||||
if (opj_strcpy_s(parameters->outfile, sizeof(parameters->outfile),
|
||||
outfilename) != 0) {
|
||||
@@ -1357,14 +1357,13 @@ int main(int argc, char **argv)
|
||||
return EXIT_FAILURE;
|
||||
}
|
||||
/* Stores at max 10 image file names */
|
||||
- dirptr->filename_buf = (char*)malloc(sizeof(char) *
|
||||
- (size_t)num_images * OPJ_PATH_LEN);
|
||||
+ dirptr->filename_buf = calloc((size_t) num_images, sizeof(char) * OPJ_PATH_LEN);
|
||||
if (!dirptr->filename_buf) {
|
||||
failed = 1;
|
||||
goto fin;
|
||||
}
|
||||
|
||||
- dirptr->filename = (char**) malloc((size_t)num_images * sizeof(char*));
|
||||
+ dirptr->filename = (char**) calloc((size_t) num_images, sizeof(char*));
|
||||
|
||||
if (!dirptr->filename) {
|
||||
failed = 1;
|
||||
diff --git a/src/bin/jp2/opj_dump.c b/src/bin/jp2/opj_dump.c
|
||||
index 6e15fee..4e19c61 100644
|
||||
--- a/src/bin/jp2/opj_dump.c
|
||||
+++ b/src/bin/jp2/opj_dump.c
|
||||
@@ -201,8 +201,8 @@ static int get_file_format(const char *filename)
|
||||
static char get_next_file(int imageno, dircnt_t *dirptr, img_fol_t *img_fol,
|
||||
opj_dparameters_t *parameters)
|
||||
{
|
||||
- char image_filename[OPJ_PATH_LEN], infilename[OPJ_PATH_LEN],
|
||||
- outfilename[OPJ_PATH_LEN], temp_ofname[OPJ_PATH_LEN];
|
||||
+ char image_filename[OPJ_PATH_LEN], infilename[OPJ_PATH_LEN * 2],
|
||||
+ outfilename[OPJ_PATH_LEN * 2], temp_ofname[OPJ_PATH_LEN];
|
||||
char *temp_p, temp1[OPJ_PATH_LEN] = "";
|
||||
|
||||
strcpy(image_filename, dirptr->filename[imageno]);
|
||||
@@ -211,7 +211,7 @@ static char get_next_file(int imageno, dircnt_t *dirptr, img_fol_t *img_fol,
|
||||
if (parameters->decod_format == -1) {
|
||||
return 1;
|
||||
}
|
||||
- sprintf(infilename, "%s/%s", img_fol->imgdirpath, image_filename);
|
||||
+ snprintf(infilename, OPJ_PATH_LEN * 2, "%s/%s", img_fol->imgdirpath, image_filename);
|
||||
if (opj_strcpy_s(parameters->infile, sizeof(parameters->infile),
|
||||
infilename) != 0) {
|
||||
return 1;
|
||||
@@ -224,7 +224,7 @@ static char get_next_file(int imageno, dircnt_t *dirptr, img_fol_t *img_fol,
|
||||
sprintf(temp1, ".%s", temp_p);
|
||||
}
|
||||
if (img_fol->set_out_format == 1) {
|
||||
- sprintf(outfilename, "%s/%s.%s", img_fol->imgdirpath, temp_ofname,
|
||||
+ snprintf(outfilename, OPJ_PATH_LEN * 2, "%s/%s.%s", img_fol->imgdirpath, temp_ofname,
|
||||
img_fol->out_format);
|
||||
if (opj_strcpy_s(parameters->outfile, sizeof(parameters->outfile),
|
||||
outfilename) != 0) {
|
||||
@@ -457,7 +457,7 @@ int main(int argc, char *argv[])
|
||||
opj_codestream_info_v2_t* cstr_info = NULL;
|
||||
opj_codestream_index_t* cstr_index = NULL;
|
||||
|
||||
- OPJ_INT32 num_images, imageno;
|
||||
+ int num_images, imageno;
|
||||
img_fol_t img_fol;
|
||||
dircnt_t *dirptr = NULL;
|
||||
|
||||
@@ -486,13 +486,13 @@ int main(int argc, char *argv[])
|
||||
if (!dirptr) {
|
||||
return EXIT_FAILURE;
|
||||
}
|
||||
- dirptr->filename_buf = (char*)malloc((size_t)num_images * OPJ_PATH_LEN * sizeof(
|
||||
+ dirptr->filename_buf = (char*) calloc((size_t) num_images, OPJ_PATH_LEN * sizeof(
|
||||
char)); /* Stores at max 10 image file names*/
|
||||
if (!dirptr->filename_buf) {
|
||||
free(dirptr);
|
||||
return EXIT_FAILURE;
|
||||
}
|
||||
- dirptr->filename = (char**) malloc((size_t)num_images * sizeof(char*));
|
||||
+ dirptr->filename = (char**) calloc((size_t) num_images, sizeof(char*));
|
||||
|
||||
if (!dirptr->filename) {
|
||||
goto fails;
|
||||
--
|
||||
2.31.1
|
||||
|
35
openjpeg2-CVE-2021-3575.patch
Normal file
35
openjpeg2-CVE-2021-3575.patch
Normal file
@ -0,0 +1,35 @@
|
||||
From 409907d89878222cf9dea80f0add8f73e9383834 Mon Sep 17 00:00:00 2001
|
||||
From: Mehdi Sabwat <mehdisabwat@gmail.com>
|
||||
Date: Fri, 7 May 2021 01:50:37 +0200
|
||||
Subject: [PATCH] fix heap buffer overflow #1347
|
||||
|
||||
---
|
||||
src/bin/common/color.c | 9 ++++++---
|
||||
1 file changed, 6 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/src/bin/common/color.c b/src/bin/common/color.c
|
||||
index 27f15f1..935fa44 100644
|
||||
--- a/src/bin/common/color.c
|
||||
+++ b/src/bin/common/color.c
|
||||
@@ -368,12 +368,15 @@ static void sycc420_to_rgb(opj_image_t *img)
|
||||
|
||||
sycc_to_rgb(offset, upb, *y, *cb, *cr, r, g, b);
|
||||
|
||||
- ++y;
|
||||
+ if (*y != img->comps[0].data[loopmaxh])
|
||||
+ ++y;
|
||||
++r;
|
||||
++g;
|
||||
++b;
|
||||
- ++cb;
|
||||
- ++cr;
|
||||
+ if (*cb != img->comps[1].data[loopmaxh])
|
||||
+ ++cb;
|
||||
+ if (*cr != img->comps[2].data[loopmaxh])
|
||||
+ ++cr;
|
||||
}
|
||||
if (j < maxw) {
|
||||
sycc_to_rgb(offset, upb, *y, *cb, *cr, r, g, b);
|
||||
--
|
||||
2.31.1
|
||||
|
489
openjpeg2.spec
Normal file
489
openjpeg2.spec
Normal file
@ -0,0 +1,489 @@
|
||||
# Conformance tests disabled by default since it requires 1 GB of test data
|
||||
#global runcheck 1
|
||||
|
||||
#global optional_components 1
|
||||
|
||||
Name: openjpeg2
|
||||
Version: 2.4.0
|
||||
Release: 4%{?dist}
|
||||
Summary: C-Library for JPEG 2000
|
||||
|
||||
# windirent.h is MIT, the rest is BSD
|
||||
License: BSD and MIT
|
||||
URL: https://github.com/uclouvain/openjpeg
|
||||
Source0: https://github.com/uclouvain/openjpeg/archive/v%{version}/openjpeg-%{version}.tar.gz
|
||||
%if 0%{?runcheck}
|
||||
# git clone git@github.com:uclouvain/openjpeg-data.git
|
||||
Source1: data.tar.xz
|
||||
%endif
|
||||
|
||||
# Rename tool names to avoid conflicts with openjpeg-1.x
|
||||
Patch0: openjpeg2_opj2.patch
|
||||
|
||||
# Fix Coverity issues
|
||||
Patch1: openjpeg2_coverity.patch
|
||||
|
||||
# Fix CVE-2021-29338
|
||||
Patch2: openjpeg2-CVE-2021-29338.patch
|
||||
# Fix CVE-2021-3575
|
||||
Patch3: openjpeg2-CVE-2021-3575.patch
|
||||
|
||||
BuildRequires: cmake
|
||||
BuildRequires: gcc
|
||||
BuildRequires: make
|
||||
BuildRequires: zlib-devel
|
||||
BuildRequires: libpng-devel
|
||||
BuildRequires: libtiff-devel
|
||||
BuildRequires: lcms2-devel
|
||||
BuildRequires: doxygen
|
||||
|
||||
%if 0%{?optional_components}
|
||||
BuildRequires: java-devel
|
||||
BuildRequires: xerces-j2
|
||||
%endif
|
||||
|
||||
%description
|
||||
The OpenJPEG library is an open-source JPEG 2000 library developed in order to
|
||||
promote the use of JPEG 2000.
|
||||
|
||||
This package contains
|
||||
* JPEG 2000 codec compliant with the Part 1 of the standard (Class-1 Profile-1
|
||||
compliance).
|
||||
* JP2 (JPEG 2000 standard Part 2 - Handling of JP2 boxes and extended multiple
|
||||
component transforms for multispectral and hyperspectral imagery)
|
||||
|
||||
|
||||
%package devel
|
||||
Summary: Development files for OpenJPEG 2
|
||||
Requires: %{name}%{?_isa} = %{version}-%{release}
|
||||
# OpenJPEGTargets.cmake refers to the tools
|
||||
Requires: %{name}-tools%{?_isa} = %{version}-%{release}
|
||||
|
||||
%description devel
|
||||
The %{name}-devel package contains libraries and header files for developing
|
||||
applications that use OpenJPEG 2.
|
||||
|
||||
|
||||
%package devel-docs
|
||||
Summary: Developer documentation for OpenJPEG 2
|
||||
BuildArch: noarch
|
||||
|
||||
%description devel-docs
|
||||
The %{name}-devel-docs package contains documentation files for developing
|
||||
applications that use OpenJPEG 2.
|
||||
|
||||
|
||||
%package tools
|
||||
Summary: OpenJPEG 2 command line tools
|
||||
Requires: %{name}%{?_isa} = %{version}-%{release}
|
||||
|
||||
%description tools
|
||||
Command line tools for JPEG 2000 file manipulation, using OpenJPEG2:
|
||||
* opj2_compress
|
||||
* opj2_decompress
|
||||
* opj2_dump
|
||||
|
||||
%if 0%{?optional_components}
|
||||
##### MJ2 #####
|
||||
|
||||
%package mj2
|
||||
Summary: OpenJPEG2 MJ2 module
|
||||
Requires: %{name}%{?_isa} = %{version}-%{release}
|
||||
|
||||
%description mj2
|
||||
The OpenJPEG library is an open-source JPEG 2000 library developed in order to
|
||||
promote the use of JPEG 2000.
|
||||
|
||||
This package contains the MJ2 module (JPEG 2000 standard Part 3)
|
||||
|
||||
|
||||
%package mj2-devel
|
||||
Summary: Development files for OpenJPEG2 MJ2 module
|
||||
Requires: %{name}-devel%{?_isa} = %{version}-%{release}
|
||||
Requires: %{name}-mj2%{?_isa} = %{version}-%{release}
|
||||
|
||||
%description mj2-devel
|
||||
Development files for OpenJPEG2 MJ2 module
|
||||
|
||||
|
||||
%package mj2-tools
|
||||
Summary: OpenJPEG2 MJ2 module command line tools
|
||||
Requires: %{name}-mj2%{?_isa} = %{version}-%{release}
|
||||
|
||||
%description mj2-tools
|
||||
OpenJPEG2 MJ2 module command line tools
|
||||
|
||||
##### JPWL #####
|
||||
|
||||
%package jpwl
|
||||
Summary: OpenJPEG2 JPWL module
|
||||
Requires: %{name}%{?_isa} = %{version}-%{release}
|
||||
|
||||
%description jpwl
|
||||
The OpenJPEG library is an open-source JPEG 2000 library developed in order to
|
||||
promote the use of JPEG 2000.
|
||||
|
||||
This package contains the JPWL (JPEG 2000 standard Part 11 - Jpeg 2000 Wireless)
|
||||
|
||||
|
||||
%package jpwl-devel
|
||||
Summary: Development files for OpenJPEG2 JPWL module
|
||||
Requires: %{name}-devel%{?_isa} = %{version}-%{release}
|
||||
Requires: %{name}-jpwl%{?_isa} = %{version}-%{release}
|
||||
|
||||
%description jpwl-devel
|
||||
Development files for OpenJPEG2 JPWL module
|
||||
|
||||
|
||||
%package jpwl-tools
|
||||
Summary: OpenJPEG2 JPWL module command line tools
|
||||
Requires: %{name}-jpwl%{?_isa} = %{version}-%{release}
|
||||
|
||||
%description jpwl-tools
|
||||
OpenJPEG2 JPWL module command line tools
|
||||
|
||||
##### JPIP #####
|
||||
|
||||
%package jpip
|
||||
Summary: OpenJPEG2 JPIP module
|
||||
Requires: %{name}%{?_isa} = %{version}-%{release}
|
||||
|
||||
%description jpip
|
||||
The OpenJPEG library is an open-source JPEG 2000 library developed in order to
|
||||
promote the use of JPEG 2000.
|
||||
|
||||
This package contains the JPWL (JPEG 2000 standard Part 9 - Jpeg 2000 Interactive Protocol)
|
||||
|
||||
|
||||
%package jpip-devel
|
||||
Summary: Development files for OpenJPEG2 JPIP module
|
||||
Requires: %{name}-devel%{?_isa} = %{version}-%{release}
|
||||
Requires: %{name}-jpwl%{?_isa} = %{version}-%{release}
|
||||
|
||||
%description jpip-devel
|
||||
Development files for OpenJPEG2 JPIP module
|
||||
|
||||
|
||||
%package jpip-tools
|
||||
Summary: OpenJPEG2 JPIP module command line tools
|
||||
Requires: %{name}-jpip%{?_isa} = %{version}-%{release}
|
||||
Requires: jpackage-utils
|
||||
Requires: java
|
||||
|
||||
%description jpip-tools
|
||||
OpenJPEG2 JPIP module command line tools
|
||||
|
||||
##### JP3D #####
|
||||
|
||||
%package jp3d
|
||||
Summary: OpenJPEG2 JP3D module
|
||||
Requires: %{name}%{?_isa} = %{version}-%{release}
|
||||
|
||||
%description jp3d
|
||||
The OpenJPEG library is an open-source JPEG 2000 library developed in order to
|
||||
promote the use of JPEG 2000.
|
||||
|
||||
This package contains the JP3D (JPEG 2000 standard Part 10 - Jpeg 2000 3D)
|
||||
|
||||
|
||||
%package jp3d-devel
|
||||
Summary: Development files for OpenJPEG2 JP3D module
|
||||
Requires: %{name}-devel%{?_isa} = %{version}-%{release}
|
||||
Requires: %{name}-jp3d%{?_isa} = %{version}-%{release}
|
||||
|
||||
%description jp3d-devel
|
||||
Development files for OpenJPEG2 JP3D module
|
||||
|
||||
|
||||
%package jp3d-tools
|
||||
Summary: OpenJPEG2 JP3D module command line tools
|
||||
Requires: %{name}-jp3d%{?_isa} = %{version}-%{release}
|
||||
|
||||
%description jp3d-tools
|
||||
OpenJPEG2 JP3D module command line tools
|
||||
%endif
|
||||
|
||||
|
||||
%prep
|
||||
%autosetup -p1 -n openjpeg-%{version} %{?runcheck:-a 1}
|
||||
|
||||
# Remove all third party libraries just to be sure
|
||||
find thirdparty/ -mindepth 1 -maxdepth 1 -type d -exec rm -rf {} \;
|
||||
|
||||
|
||||
%build
|
||||
mkdir %{_target_platform}
|
||||
pushd %{_target_platform}
|
||||
# TODO: Consider
|
||||
# -DBUILD_JPIP_SERVER=ON -DBUILD_JAVA=ON
|
||||
%cmake -DCMAKE_BUILD_TYPE=RelWithDebInfo -DOPENJPEG_INSTALL_LIB_DIR=%{_lib} \
|
||||
%{?optional_components:-DBUILD_MJ2=ON -DBUILD_JPWL=ON -DBUILD_JPIP=ON -DBUILD_JP3D=ON} \
|
||||
-DBUILD_DOC=ON \
|
||||
-DBUILD_STATIC_LIBS=OFF \
|
||||
-DBUILD_SHARED_LIBS=ON \
|
||||
%{?runcheck:-DBUILD_TESTING:BOOL=ON -DOPJ_DATA_ROOT=$PWD/../data} \
|
||||
..
|
||||
popd
|
||||
|
||||
%make_build VERBOSE=1 -C %{_target_platform}
|
||||
|
||||
|
||||
%install
|
||||
%make_install -C %{_target_platform}
|
||||
|
||||
mv %{buildroot}%{_mandir}/man1/opj_compress.1 %{buildroot}%{_mandir}/man1/opj2_compress.1
|
||||
mv %{buildroot}%{_mandir}/man1/opj_decompress.1 %{buildroot}%{_mandir}/man1/opj2_decompress.1
|
||||
mv %{buildroot}%{_mandir}/man1/opj_dump.1 %{buildroot}%{_mandir}/man1/opj2_dump.1
|
||||
|
||||
# Docs are installed through %%doc
|
||||
rm -rf %{buildroot}%{_datadir}/doc/
|
||||
|
||||
%if 0%{?optional_components}
|
||||
# Move the jar to the correct place
|
||||
mkdir -p %{buildroot}%{_javadir}
|
||||
mv %{buildroot}%{_datadir}/opj_jpip_viewer.jar %{buildroot}%{_javadir}/opj2_jpip_viewer.jar
|
||||
cat > %{buildroot}%{_bindir}/opj2_jpip_viewer <<EOF
|
||||
java -jar %{_javadir}/opj2_jpip_viewer.jar "$@"
|
||||
EOF
|
||||
chmod +x %{buildroot}%{_bindir}/opj2_jpip_viewer
|
||||
%endif
|
||||
|
||||
|
||||
%ldconfig_scriptlets
|
||||
|
||||
|
||||
%check
|
||||
%if 0%{?runcheck}
|
||||
make test -C %{_target_platform}
|
||||
%endif
|
||||
|
||||
|
||||
%files
|
||||
%{!?_licensedir:%global license %doc}
|
||||
%license LICENSE
|
||||
%doc AUTHORS.md NEWS.md README.md THANKS.md
|
||||
%{_libdir}/libopenjp2.so.*
|
||||
%{_mandir}/man3/libopenjp2.3*
|
||||
|
||||
%files devel
|
||||
%dir %{_includedir}/openjpeg-2.4/
|
||||
%{_includedir}/openjpeg-2.4/openjpeg.h
|
||||
%{_includedir}/openjpeg-2.4/opj_config.h
|
||||
%{_includedir}/openjpeg-2.4/opj_stdint.h
|
||||
%{_libdir}/libopenjp2.so
|
||||
%{_libdir}/openjpeg-2.4/
|
||||
%{_libdir}/pkgconfig/libopenjp2.pc
|
||||
|
||||
%files devel-docs
|
||||
%doc %{_target_platform}/doc/html
|
||||
|
||||
%files tools
|
||||
%{_bindir}/opj2_compress
|
||||
%{_bindir}/opj2_decompress
|
||||
%{_bindir}/opj2_dump
|
||||
%{_mandir}/man1/opj2_compress.1*
|
||||
%{_mandir}/man1/opj2_decompress.1*
|
||||
%{_mandir}/man1/opj2_dump.1*
|
||||
|
||||
%if 0%{?optional_components}
|
||||
%files mj2
|
||||
%{_libdir}/libopenmj2.so.*
|
||||
|
||||
%files mj2-devel
|
||||
%{_libdir}/libopenmj2.so
|
||||
|
||||
%files mj2-tools
|
||||
%{_bindir}/opj2_mj2*
|
||||
|
||||
%files jpwl
|
||||
%{_libdir}/libopenjpwl.so.*
|
||||
|
||||
%files jpwl-devel
|
||||
%{_libdir}/libopenjpwl.so
|
||||
%{_libdir}/pkgconfig/libopenjpwl.pc
|
||||
|
||||
%files jpwl-tools
|
||||
%{_bindir}/opj2_jpwl*
|
||||
|
||||
%files jpip
|
||||
%{_libdir}/libopenjpip.so.*
|
||||
|
||||
%files jpip-devel
|
||||
%{_libdir}/libopenjpip.so
|
||||
%{_libdir}/pkgconfig/libopenjpip.pc
|
||||
|
||||
%files jpip-tools
|
||||
%{_bindir}/opj2_jpip*
|
||||
%{_bindir}/opj2_dec_server
|
||||
%{_javadir}/opj2_jpip_viewer.jar
|
||||
|
||||
%files jp3d
|
||||
%{_libdir}/libopenjp3d.so.*
|
||||
|
||||
%files jp3d-devel
|
||||
%{_includedir}/openjpeg-2.0/openjp3d.h
|
||||
%{_libdir}/libopenjp3d.so
|
||||
%{_libdir}/pkgconfig/libopenjp3d.pc
|
||||
|
||||
%files jp3d-tools
|
||||
%{_bindir}/opj2_jp3d*
|
||||
%endif
|
||||
|
||||
|
||||
%changelog
|
||||
* Fri Jul 02 2021 Nikola Forró <nforro@redhat.com> - 2.4.0-4
|
||||
- Fix Covscan defect
|
||||
|
||||
* Wed Jun 09 2021 Nikola Forró <nforro@redhat.com> - 2.4.0-3
|
||||
- Fix CVE-2021-3575 (#1969279)
|
||||
- Fix resource leak identified by Covscan
|
||||
|
||||
* Wed Jun 02 2021 Nikola Forró <nforro@redhat.com> - 2.4.0-2
|
||||
- Fix CVE-2021-29338 (#1951332)
|
||||
|
||||
* Mon Mar 01 2021 Nikola Forró <nforro@redhat.com> - 2.4.0-1
|
||||
- Rebase to 2.4.0
|
||||
- Resolves: CVE-2018-5727 (#1538467)
|
||||
- Resolves: CVE-2018-5785 (#1538556)
|
||||
- Resolves: CVE-2018-20845 (#1730679)
|
||||
- Resolves: CVE-2018-20847 (#1734337)
|
||||
- Resolves: CVE-2019-12973 (#1739076)
|
||||
- Resolves: CVE-2020-15389 (#1855115)
|
||||
- Resolves: CVE-2020-27814 (#1908965)
|
||||
- Resolves: CVE-2020-27823 (#1906222)
|
||||
- Resolves: CVE-2020-27824 (#1906216)
|
||||
- Resolves: CVE-2020-27842 (#1908165)
|
||||
- Resolves: CVE-2020-27843 (#1908164)
|
||||
- Resolves: CVE-2020-27845 (#1908168)
|
||||
|
||||
* Mon Feb 10 2020 Nikola Forró <nforro@redhat.com> - 2.3.1-6
|
||||
- Fix CVE-2020-8112 (#1801034)
|
||||
|
||||
* Tue Jan 14 2020 Nikola Forró <nforro@redhat.com> - 2.3.1-5
|
||||
- Fix CVE-2020-6851 (#1790590)
|
||||
|
||||
* Wed Dec 04 2019 Nikola Forró <nforro@redhat.com> - 2.3.1-4
|
||||
- Add upstream test suite and enable it in gating
|
||||
|
||||
* Fri Nov 29 2019 Nikola Forró <nforro@redhat.com> - 2.3.1-3
|
||||
- Fix Coverity issues
|
||||
|
||||
* Wed Nov 20 2019 Nikola Forró <nforro@redhat.com> - 2.3.1-2
|
||||
- Fix unbundling third party libraries (#1757823)
|
||||
|
||||
* Fri May 31 2019 Nikola Forró <nforro@redhat.com> - 2.3.1-1
|
||||
- Rebase to 2.3.1 (#1704255)
|
||||
|
||||
* Tue Oct 16 2018 Nikola Forró <nforro@redhat.com> - 2.3.0-8
|
||||
- Fix important Covscan defects (#1602643)
|
||||
|
||||
* Mon Oct 15 2018 Nikola Forró <nforro@redhat.com> - 2.3.0-7
|
||||
- Fix CVE-2018-18088 (#1638562)
|
||||
|
||||
* Mon Feb 19 2018 Sandro Mani <manisandro@gmail.com> - 2.3.0-6
|
||||
- Add missing BR: gcc, make
|
||||
|
||||
* Thu Feb 08 2018 Fedora Release Engineering <releng@fedoraproject.org> - 2.3.0-5
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
|
||||
|
||||
* Sat Feb 03 2018 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 2.3.0-4
|
||||
- Switch to %%ldconfig_scriptlets
|
||||
|
||||
* Mon Dec 25 2017 Sandro Mani <manisandro@gmail.com> - 2.3.0-3
|
||||
- Rename tool names at cmake level to ensure OpenJPEGTargets.cmake refers to the renamed files
|
||||
|
||||
* Mon Dec 25 2017 Sandro Mani <manisandro@gmail.com> - 2.3.0-2
|
||||
- Use BUILD_STATIC_LIBS=OFF instead of deleting the static library after build
|
||||
|
||||
* Thu Oct 05 2017 Sandro Mani <manisandro@gmail.com> - 2.3.0-1
|
||||
- Update to 2.3.0
|
||||
|
||||
* Thu Sep 07 2017 Sandro Mani <manisandro@gmail.com> - 2.2.0-4
|
||||
- Backport fix for CVE-2017-14039
|
||||
|
||||
* Thu Aug 31 2017 Sandro Mani <manisandro@gmail.com> - 2.2.0-3
|
||||
- Backport more security fixes, including for CVE-2017-14041 and CVE-2017-14040
|
||||
|
||||
* Thu Aug 31 2017 Sandro Mani <manisandro@gmail.com> - 2.2.0-2
|
||||
- Backport patch for CVE-2017-12982
|
||||
|
||||
* Thu Aug 10 2017 Sandro Mani <manisandro@gmail.com> - 2.2.0-1
|
||||
- Update to 2.2.0
|
||||
|
||||
* Thu Aug 03 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2.1.2-6
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
|
||||
|
||||
* Thu Jul 27 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2.1.2-5
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
|
||||
|
||||
* Sat Feb 11 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2.1.2-4
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
|
||||
|
||||
* Sat Dec 17 2016 Sandro Mani <manisandro@gmail.com> - 2.1.2-3
|
||||
- Add patch for CVE-2016-9580 (#1405128) and CVE-2016-9581 (#1405135)
|
||||
|
||||
* Thu Dec 08 2016 Sandro Mani <manisandro@gmail.com> - 2.1.2-2
|
||||
- Add patch for CVE-2016-9572 (#1402714) and CVE-2016-9573 (#1402711)
|
||||
|
||||
* Wed Sep 28 2016 Sandro Mani <manisandro@gmail.com> - 2.1.2-1
|
||||
- Update to 2.1.2
|
||||
- Fixes: CVE-2016-7445
|
||||
|
||||
* Fri Sep 09 2016 Sandro Mani <manisandro@gmail.com> - 2.1.1-3
|
||||
- Backport: Add sanity check for tile coordinates (#1374337)
|
||||
|
||||
* Fri Sep 09 2016 Sandro Mani <manisandro@gmail.com> - 2.1.1-2
|
||||
- Backport fixes for CVE-2016-7163
|
||||
|
||||
* Wed Jul 06 2016 Sandro Mani <manisandro@gmail.com> - 2.1.1-1
|
||||
- Update to 2.1.1
|
||||
- Fixes: CVE-2016-3183, CVE-2016-3181, CVE-2016-3182, CVE-2016-4796, CVE-2016-4797, CVE-2015-8871
|
||||
|
||||
* Thu Feb 04 2016 Fedora Release Engineering <releng@fedoraproject.org> - 2.1.0-8
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
|
||||
|
||||
* Thu Oct 01 2015 Sandro Mani <manisandro@gmail.com> - 2.1.0-7
|
||||
- Backport fix for possible double-free (#1267983)
|
||||
|
||||
* Tue Sep 15 2015 Sandro Mani <manisandro@gmail.com> - 2.1.0-6
|
||||
- Backport fix for use after free vulnerability (#1263359)
|
||||
|
||||
* Thu Jun 25 2015 Sandro Mani <manisandro@gmail.com> - 2.1.0-5
|
||||
- Add openjpeg2_bigendian.patch (#1232739)
|
||||
|
||||
* Wed Jun 17 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.1.0-4
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
|
||||
|
||||
* Sun Aug 17 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.1.0-3
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
|
||||
|
||||
* Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.1.0-2
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
|
||||
|
||||
* Tue May 27 2014 Sandro Mani <manisandro@gmail.com> - 2.1.0-1
|
||||
- Update to 2.1.0
|
||||
|
||||
* Wed Apr 16 2014 Sandro Mani <manisandro@gmail.com> - 2.0.0-5
|
||||
- Switch to official 2.0 release and backport pkg-config patch
|
||||
|
||||
* Thu Apr 10 2014 Sandro Mani <manisandro@gmail.com> - 2.0.0-4.svn20140403
|
||||
- Replace define with global
|
||||
- Fix #define optional_components 1S typo
|
||||
- Fix %%(pwd) -> $PWD for test data
|
||||
- Added some BR for optional components
|
||||
- Include opj2_jpip_viewer.jar in %%files
|
||||
|
||||
* Wed Apr 09 2014 Sandro Mani <manisandro@gmail.com> - 2.0.0-3.svn20140403
|
||||
- Fix source url
|
||||
- Fix mixed tabs and spaces
|
||||
- Fix description too long
|
||||
|
||||
* Wed Apr 09 2014 Sandro Mani <manisandro@gmail.com> - 2.0.0-2.svn20140403
|
||||
- Remove thirdparty libraries folder in prep
|
||||
- Own %%{_libdir}/openjpeg-2.0/
|
||||
- Fix Requires
|
||||
- Add missing ldconfig
|
||||
- Add possibility to run conformance tests if desired
|
||||
|
||||
* Thu Apr 03 2014 Sandro Mani <manisandro@gmail.com> - 2.0.0-1.svn20140403
|
||||
- Initial package
|
74
openjpeg2_coverity.patch
Normal file
74
openjpeg2_coverity.patch
Normal file
@ -0,0 +1,74 @@
|
||||
diff --git a/src/bin/jp2/convertpng.c b/src/bin/jp2/convertpng.c
|
||||
index 00f596e..af3f91e 100644
|
||||
--- a/src/bin/jp2/convertpng.c
|
||||
+++ b/src/bin/jp2/convertpng.c
|
||||
@@ -75,10 +75,10 @@ opj_image_t *pngtoimage(const char *read_idf, opj_cparameters_t * params)
|
||||
png_uint_32 width, height = 0U;
|
||||
int color_type;
|
||||
FILE *reader = NULL;
|
||||
- OPJ_BYTE** rows = NULL;
|
||||
- OPJ_INT32* row32s = NULL;
|
||||
+ OPJ_BYTE** volatile rows = NULL;
|
||||
+ OPJ_INT32* volatile row32s = NULL;
|
||||
/* j2k: */
|
||||
- opj_image_t *image = NULL;
|
||||
+ opj_image_t* volatile image = NULL;
|
||||
opj_image_cmptparm_t cmptparm[4];
|
||||
OPJ_UINT32 nr_comp;
|
||||
OPJ_BYTE sigbuf[8];
|
||||
diff --git a/src/bin/jp2/converttif.c b/src/bin/jp2/converttif.c
|
||||
index 9d1037a..8d5002a 100644
|
||||
--- a/src/bin/jp2/converttif.c
|
||||
+++ b/src/bin/jp2/converttif.c
|
||||
@@ -720,7 +720,7 @@ int imagetotif(opj_image_t * image, const char *outfile)
|
||||
TIFFClose(tif);
|
||||
return 1;
|
||||
}
|
||||
- rowStride = (int64_t)((width * numcomps * bps + 7U) / 8U);
|
||||
+ rowStride = ((int64_t)width * numcomps * bps + 7U) / 8U;
|
||||
if (rowStride != strip_size) {
|
||||
fprintf(stderr, "Invalid TIFF strip size\n");
|
||||
TIFFClose(tif);
|
||||
@@ -1283,8 +1283,6 @@ opj_image_t* tiftoimage(const char *filename, opj_cparameters_t *parameters)
|
||||
TIFFGetField(tif, TIFFTAG_SAMPLESPERPIXEL, &tiSpp);
|
||||
TIFFGetField(tif, TIFFTAG_PHOTOMETRIC, &tiPhoto);
|
||||
TIFFGetField(tif, TIFFTAG_PLANARCONFIG, &tiPC);
|
||||
- w = (int)tiWidth;
|
||||
- h = (int)tiHeight;
|
||||
|
||||
if (tiSpp == 0 || tiSpp > 4) { /* should be 1 ... 4 */
|
||||
fprintf(stderr, "tiftoimage: Bad value for samples per pixel == %d.\n"
|
||||
@@ -1451,7 +1449,7 @@ opj_image_t* tiftoimage(const char *filename, opj_cparameters_t *parameters)
|
||||
return NULL;
|
||||
}
|
||||
|
||||
- rowStride = (int64_t)((tiWidth * tiSpp * tiBps + 7U) / 8U);
|
||||
+ rowStride = ((int64_t)tiWidth * tiSpp * tiBps + 7U) / 8U;
|
||||
buffer32s = (OPJ_INT32 *)malloc(sizeof(OPJ_INT32) * tiWidth * tiSpp);
|
||||
if (buffer32s == NULL) {
|
||||
_TIFFfree(buf);
|
||||
diff --git a/src/lib/openjp2/j2k.c b/src/lib/openjp2/j2k.c
|
||||
index 8e343ab..c13d229 100644
|
||||
--- a/src/lib/openjp2/j2k.c
|
||||
+++ b/src/lib/openjp2/j2k.c
|
||||
@@ -7075,7 +7075,7 @@ static OPJ_BOOL opj_j2k_is_imf_compliant(opj_cparameters_t *parameters,
|
||||
/* Validate sublevel */
|
||||
assert(sizeof(tabMaxSubLevelFromMainLevel) ==
|
||||
(OPJ_IMF_MAINLEVEL_MAX + 1) * sizeof(tabMaxSubLevelFromMainLevel[0]));
|
||||
- if (sublevel > tabMaxSubLevelFromMainLevel[mainlevel]) {
|
||||
+ if (mainlevel <= OPJ_IMF_MAINLEVEL_MAX && sublevel > tabMaxSubLevelFromMainLevel[mainlevel]) {
|
||||
opj_event_msg(p_manager, EVT_WARNING,
|
||||
"IMF profile require sublevel <= %d for mainlevel = %d.\n"
|
||||
"-> %d is thus not compliant\n"
|
||||
diff --git a/src/lib/openjp2/t2.c b/src/lib/openjp2/t2.c
|
||||
index 1481e16..d46bfb4 100644
|
||||
--- a/src/lib/openjp2/t2.c
|
||||
+++ b/src/lib/openjp2/t2.c
|
||||
@@ -821,6 +821,7 @@ static OPJ_BOOL opj_t2_encode_packet(OPJ_UINT32 tileno,
|
||||
opj_event_msg(p_manager, EVT_ERROR,
|
||||
"opj_t2_encode_packet(): accessing precno=%u >= %u\n",
|
||||
precno, res->pw * res->ph);
|
||||
+ opj_bio_destroy(bio);
|
||||
return OPJ_FALSE;
|
||||
}
|
||||
|
13
openjpeg2_opj2.patch
Normal file
13
openjpeg2_opj2.patch
Normal file
@ -0,0 +1,13 @@
|
||||
diff --git a/src/bin/jp2/CMakeLists.txt b/src/bin/jp2/CMakeLists.txt
|
||||
index 4d4bd95..619ea51 100644
|
||||
--- a/src/bin/jp2/CMakeLists.txt
|
||||
+++ b/src/bin/jp2/CMakeLists.txt
|
||||
@@ -44,6 +44,8 @@ endif()
|
||||
# Loop over all executables:
|
||||
foreach(exe opj_decompress opj_compress opj_dump)
|
||||
add_executable(${exe} ${exe}.c ${common_SRCS})
|
||||
+ string(REPLACE "opj_" "opj2_" exe2 ${exe})
|
||||
+ set_target_properties(${exe} PROPERTIES OUTPUT_NAME ${exe2})
|
||||
if(NOT ${CMAKE_VERSION} VERSION_LESS "2.8.12")
|
||||
target_compile_options(${exe} PRIVATE ${OPENJP2_COMPILE_OPTIONS})
|
||||
endif()
|
Loading…
Reference in New Issue
Block a user