diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..9e613a3 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +/openjpeg-2.4.0.tar.gz diff --git a/EMPTY b/EMPTY deleted file mode 100644 index 0519ecb..0000000 --- a/EMPTY +++ /dev/null @@ -1 +0,0 @@ - \ No newline at end of file diff --git a/openjpeg2-CVE-2021-29338.patch b/openjpeg2-CVE-2021-29338.patch new file mode 100644 index 0000000..49bf268 --- /dev/null +++ b/openjpeg2-CVE-2021-29338.patch @@ -0,0 +1,165 @@ +From efbfbbb723e100cfbcea287a30958bf678e83458 Mon Sep 17 00:00:00 2001 +From: Ariadne Conill +Date: Tue, 27 Apr 2021 09:37:40 -0600 +Subject: [PATCH] opj_{compress,decompress,dump}: fix possible buffer overflows + in path manipulation functions + +--- + src/bin/jp2/opj_compress.c | 12 ++++++------ + src/bin/jp2/opj_decompress.c | 13 ++++++------- + src/bin/jp2/opj_dump.c | 14 +++++++------- + 3 files changed, 19 insertions(+), 20 deletions(-) + +diff --git a/src/bin/jp2/opj_compress.c b/src/bin/jp2/opj_compress.c +index 6827484..d8f894c 100644 +--- a/src/bin/jp2/opj_compress.c ++++ b/src/bin/jp2/opj_compress.c +@@ -543,8 +543,8 @@ static char * get_file_name(char *name) + static char get_next_file(int imageno, dircnt_t *dirptr, img_fol_t *img_fol, + opj_cparameters_t *parameters) + { +- char image_filename[OPJ_PATH_LEN], infilename[OPJ_PATH_LEN], +- outfilename[OPJ_PATH_LEN], temp_ofname[OPJ_PATH_LEN]; ++ char image_filename[OPJ_PATH_LEN], infilename[OPJ_PATH_LEN * 2], ++ outfilename[OPJ_PATH_LEN * 2], temp_ofname[OPJ_PATH_LEN]; + char *temp_p, temp1[OPJ_PATH_LEN] = ""; + + strcpy(image_filename, dirptr->filename[imageno]); +@@ -553,7 +553,7 @@ static char get_next_file(int imageno, dircnt_t *dirptr, img_fol_t *img_fol, + if (parameters->decod_format == -1) { + return 1; + } +- sprintf(infilename, "%s/%s", img_fol->imgdirpath, image_filename); ++ snprintf(infilename, OPJ_PATH_LEN * 2, "%s/%s", img_fol->imgdirpath, image_filename); + if (opj_strcpy_s(parameters->infile, sizeof(parameters->infile), + infilename) != 0) { + return 1; +@@ -566,7 +566,7 @@ static char get_next_file(int imageno, dircnt_t *dirptr, img_fol_t *img_fol, + sprintf(temp1, ".%s", temp_p); + } + if (img_fol->set_out_format == 1) { +- sprintf(outfilename, "%s/%s.%s", img_fol->imgdirpath, temp_ofname, ++ snprintf(outfilename, OPJ_PATH_LEN * 2, "%s/%s.%s", img_fol->imgdirpath, temp_ofname, + img_fol->out_format); + if (opj_strcpy_s(parameters->outfile, sizeof(parameters->outfile), + outfilename) != 0) { +@@ -1910,9 +1910,9 @@ int main(int argc, char **argv) + num_images = get_num_images(img_fol.imgdirpath); + dirptr = (dircnt_t*)malloc(sizeof(dircnt_t)); + if (dirptr) { +- dirptr->filename_buf = (char*)malloc(num_images * OPJ_PATH_LEN * sizeof( ++ dirptr->filename_buf = (char*)calloc(num_images, OPJ_PATH_LEN * sizeof( + char)); /* Stores at max 10 image file names*/ +- dirptr->filename = (char**) malloc(num_images * sizeof(char*)); ++ dirptr->filename = (char**) calloc(num_images, sizeof(char*)); + if (!dirptr->filename_buf) { + ret = 0; + goto fin; +diff --git a/src/bin/jp2/opj_decompress.c b/src/bin/jp2/opj_decompress.c +index 2634907..e54e54f 100644 +--- a/src/bin/jp2/opj_decompress.c ++++ b/src/bin/jp2/opj_decompress.c +@@ -455,13 +455,13 @@ const char* path_separator = "/"; + char get_next_file(int imageno, dircnt_t *dirptr, img_fol_t *img_fol, + opj_decompress_parameters *parameters) + { +- char image_filename[OPJ_PATH_LEN], infilename[OPJ_PATH_LEN], +- outfilename[OPJ_PATH_LEN], temp_ofname[OPJ_PATH_LEN]; ++ char image_filename[OPJ_PATH_LEN], infilename[OPJ_PATH_LEN * 2], ++ outfilename[OPJ_PATH_LEN * 2], temp_ofname[OPJ_PATH_LEN]; + char *temp_p, temp1[OPJ_PATH_LEN] = ""; + + strcpy(image_filename, dirptr->filename[imageno]); + fprintf(stderr, "File Number %d \"%s\"\n", imageno, image_filename); +- sprintf(infilename, "%s%s%s", img_fol->imgdirpath, path_separator, ++ snprintf(infilename, OPJ_PATH_LEN * 2, "%s%s%s", img_fol->imgdirpath, path_separator, + image_filename); + parameters->decod_format = infile_format(infilename); + if (parameters->decod_format == -1) { +@@ -479,7 +479,7 @@ char get_next_file(int imageno, dircnt_t *dirptr, img_fol_t *img_fol, + sprintf(temp1, ".%s", temp_p); + } + if (img_fol->set_out_format == 1) { +- sprintf(outfilename, "%s/%s.%s", img_fol->imgdirpath, temp_ofname, ++ snprintf(outfilename, OPJ_PATH_LEN * 2, "%s/%s.%s", img_fol->imgdirpath, temp_ofname, + img_fol->out_format); + if (opj_strcpy_s(parameters->outfile, sizeof(parameters->outfile), + outfilename) != 0) { +@@ -1357,14 +1357,13 @@ int main(int argc, char **argv) + return EXIT_FAILURE; + } + /* Stores at max 10 image file names */ +- dirptr->filename_buf = (char*)malloc(sizeof(char) * +- (size_t)num_images * OPJ_PATH_LEN); ++ dirptr->filename_buf = calloc((size_t) num_images, sizeof(char) * OPJ_PATH_LEN); + if (!dirptr->filename_buf) { + failed = 1; + goto fin; + } + +- dirptr->filename = (char**) malloc((size_t)num_images * sizeof(char*)); ++ dirptr->filename = (char**) calloc((size_t) num_images, sizeof(char*)); + + if (!dirptr->filename) { + failed = 1; +diff --git a/src/bin/jp2/opj_dump.c b/src/bin/jp2/opj_dump.c +index 6e15fee..4e19c61 100644 +--- a/src/bin/jp2/opj_dump.c ++++ b/src/bin/jp2/opj_dump.c +@@ -201,8 +201,8 @@ static int get_file_format(const char *filename) + static char get_next_file(int imageno, dircnt_t *dirptr, img_fol_t *img_fol, + opj_dparameters_t *parameters) + { +- char image_filename[OPJ_PATH_LEN], infilename[OPJ_PATH_LEN], +- outfilename[OPJ_PATH_LEN], temp_ofname[OPJ_PATH_LEN]; ++ char image_filename[OPJ_PATH_LEN], infilename[OPJ_PATH_LEN * 2], ++ outfilename[OPJ_PATH_LEN * 2], temp_ofname[OPJ_PATH_LEN]; + char *temp_p, temp1[OPJ_PATH_LEN] = ""; + + strcpy(image_filename, dirptr->filename[imageno]); +@@ -211,7 +211,7 @@ static char get_next_file(int imageno, dircnt_t *dirptr, img_fol_t *img_fol, + if (parameters->decod_format == -1) { + return 1; + } +- sprintf(infilename, "%s/%s", img_fol->imgdirpath, image_filename); ++ snprintf(infilename, OPJ_PATH_LEN * 2, "%s/%s", img_fol->imgdirpath, image_filename); + if (opj_strcpy_s(parameters->infile, sizeof(parameters->infile), + infilename) != 0) { + return 1; +@@ -224,7 +224,7 @@ static char get_next_file(int imageno, dircnt_t *dirptr, img_fol_t *img_fol, + sprintf(temp1, ".%s", temp_p); + } + if (img_fol->set_out_format == 1) { +- sprintf(outfilename, "%s/%s.%s", img_fol->imgdirpath, temp_ofname, ++ snprintf(outfilename, OPJ_PATH_LEN * 2, "%s/%s.%s", img_fol->imgdirpath, temp_ofname, + img_fol->out_format); + if (opj_strcpy_s(parameters->outfile, sizeof(parameters->outfile), + outfilename) != 0) { +@@ -457,7 +457,7 @@ int main(int argc, char *argv[]) + opj_codestream_info_v2_t* cstr_info = NULL; + opj_codestream_index_t* cstr_index = NULL; + +- OPJ_INT32 num_images, imageno; ++ int num_images, imageno; + img_fol_t img_fol; + dircnt_t *dirptr = NULL; + +@@ -486,13 +486,13 @@ int main(int argc, char *argv[]) + if (!dirptr) { + return EXIT_FAILURE; + } +- dirptr->filename_buf = (char*)malloc((size_t)num_images * OPJ_PATH_LEN * sizeof( ++ dirptr->filename_buf = (char*) calloc((size_t) num_images, OPJ_PATH_LEN * sizeof( + char)); /* Stores at max 10 image file names*/ + if (!dirptr->filename_buf) { + free(dirptr); + return EXIT_FAILURE; + } +- dirptr->filename = (char**) malloc((size_t)num_images * sizeof(char*)); ++ dirptr->filename = (char**) calloc((size_t) num_images, sizeof(char*)); + + if (!dirptr->filename) { + goto fails; +-- +2.31.1 + diff --git a/openjpeg2-CVE-2021-3575.patch b/openjpeg2-CVE-2021-3575.patch new file mode 100644 index 0000000..6aaae29 --- /dev/null +++ b/openjpeg2-CVE-2021-3575.patch @@ -0,0 +1,35 @@ +From 409907d89878222cf9dea80f0add8f73e9383834 Mon Sep 17 00:00:00 2001 +From: Mehdi Sabwat +Date: Fri, 7 May 2021 01:50:37 +0200 +Subject: [PATCH] fix heap buffer overflow #1347 + +--- + src/bin/common/color.c | 9 ++++++--- + 1 file changed, 6 insertions(+), 3 deletions(-) + +diff --git a/src/bin/common/color.c b/src/bin/common/color.c +index 27f15f1..935fa44 100644 +--- a/src/bin/common/color.c ++++ b/src/bin/common/color.c +@@ -368,12 +368,15 @@ static void sycc420_to_rgb(opj_image_t *img) + + sycc_to_rgb(offset, upb, *y, *cb, *cr, r, g, b); + +- ++y; ++ if (*y != img->comps[0].data[loopmaxh]) ++ ++y; + ++r; + ++g; + ++b; +- ++cb; +- ++cr; ++ if (*cb != img->comps[1].data[loopmaxh]) ++ ++cb; ++ if (*cr != img->comps[2].data[loopmaxh]) ++ ++cr; + } + if (j < maxw) { + sycc_to_rgb(offset, upb, *y, *cb, *cr, r, g, b); +-- +2.31.1 + diff --git a/openjpeg2.spec b/openjpeg2.spec new file mode 100644 index 0000000..9f51c8e --- /dev/null +++ b/openjpeg2.spec @@ -0,0 +1,489 @@ +# Conformance tests disabled by default since it requires 1 GB of test data +#global runcheck 1 + +#global optional_components 1 + +Name: openjpeg2 +Version: 2.4.0 +Release: 4%{?dist} +Summary: C-Library for JPEG 2000 + +# windirent.h is MIT, the rest is BSD +License: BSD and MIT +URL: https://github.com/uclouvain/openjpeg +Source0: https://github.com/uclouvain/openjpeg/archive/v%{version}/openjpeg-%{version}.tar.gz +%if 0%{?runcheck} +# git clone git@github.com:uclouvain/openjpeg-data.git +Source1: data.tar.xz +%endif + +# Rename tool names to avoid conflicts with openjpeg-1.x +Patch0: openjpeg2_opj2.patch + +# Fix Coverity issues +Patch1: openjpeg2_coverity.patch + +# Fix CVE-2021-29338 +Patch2: openjpeg2-CVE-2021-29338.patch +# Fix CVE-2021-3575 +Patch3: openjpeg2-CVE-2021-3575.patch + +BuildRequires: cmake +BuildRequires: gcc +BuildRequires: make +BuildRequires: zlib-devel +BuildRequires: libpng-devel +BuildRequires: libtiff-devel +BuildRequires: lcms2-devel +BuildRequires: doxygen + +%if 0%{?optional_components} +BuildRequires: java-devel +BuildRequires: xerces-j2 +%endif + +%description +The OpenJPEG library is an open-source JPEG 2000 library developed in order to +promote the use of JPEG 2000. + +This package contains +* JPEG 2000 codec compliant with the Part 1 of the standard (Class-1 Profile-1 + compliance). +* JP2 (JPEG 2000 standard Part 2 - Handling of JP2 boxes and extended multiple + component transforms for multispectral and hyperspectral imagery) + + +%package devel +Summary: Development files for OpenJPEG 2 +Requires: %{name}%{?_isa} = %{version}-%{release} +# OpenJPEGTargets.cmake refers to the tools +Requires: %{name}-tools%{?_isa} = %{version}-%{release} + +%description devel +The %{name}-devel package contains libraries and header files for developing +applications that use OpenJPEG 2. + + +%package devel-docs +Summary: Developer documentation for OpenJPEG 2 +BuildArch: noarch + +%description devel-docs +The %{name}-devel-docs package contains documentation files for developing +applications that use OpenJPEG 2. + + +%package tools +Summary: OpenJPEG 2 command line tools +Requires: %{name}%{?_isa} = %{version}-%{release} + +%description tools +Command line tools for JPEG 2000 file manipulation, using OpenJPEG2: + * opj2_compress + * opj2_decompress + * opj2_dump + +%if 0%{?optional_components} +##### MJ2 ##### + +%package mj2 +Summary: OpenJPEG2 MJ2 module +Requires: %{name}%{?_isa} = %{version}-%{release} + +%description mj2 +The OpenJPEG library is an open-source JPEG 2000 library developed in order to +promote the use of JPEG 2000. + +This package contains the MJ2 module (JPEG 2000 standard Part 3) + + +%package mj2-devel +Summary: Development files for OpenJPEG2 MJ2 module +Requires: %{name}-devel%{?_isa} = %{version}-%{release} +Requires: %{name}-mj2%{?_isa} = %{version}-%{release} + +%description mj2-devel +Development files for OpenJPEG2 MJ2 module + + +%package mj2-tools +Summary: OpenJPEG2 MJ2 module command line tools +Requires: %{name}-mj2%{?_isa} = %{version}-%{release} + +%description mj2-tools +OpenJPEG2 MJ2 module command line tools + +##### JPWL ##### + +%package jpwl +Summary: OpenJPEG2 JPWL module +Requires: %{name}%{?_isa} = %{version}-%{release} + +%description jpwl +The OpenJPEG library is an open-source JPEG 2000 library developed in order to +promote the use of JPEG 2000. + +This package contains the JPWL (JPEG 2000 standard Part 11 - Jpeg 2000 Wireless) + + +%package jpwl-devel +Summary: Development files for OpenJPEG2 JPWL module +Requires: %{name}-devel%{?_isa} = %{version}-%{release} +Requires: %{name}-jpwl%{?_isa} = %{version}-%{release} + +%description jpwl-devel +Development files for OpenJPEG2 JPWL module + + +%package jpwl-tools +Summary: OpenJPEG2 JPWL module command line tools +Requires: %{name}-jpwl%{?_isa} = %{version}-%{release} + +%description jpwl-tools +OpenJPEG2 JPWL module command line tools + +##### JPIP ##### + +%package jpip +Summary: OpenJPEG2 JPIP module +Requires: %{name}%{?_isa} = %{version}-%{release} + +%description jpip +The OpenJPEG library is an open-source JPEG 2000 library developed in order to +promote the use of JPEG 2000. + +This package contains the JPWL (JPEG 2000 standard Part 9 - Jpeg 2000 Interactive Protocol) + + +%package jpip-devel +Summary: Development files for OpenJPEG2 JPIP module +Requires: %{name}-devel%{?_isa} = %{version}-%{release} +Requires: %{name}-jpwl%{?_isa} = %{version}-%{release} + +%description jpip-devel +Development files for OpenJPEG2 JPIP module + + +%package jpip-tools +Summary: OpenJPEG2 JPIP module command line tools +Requires: %{name}-jpip%{?_isa} = %{version}-%{release} +Requires: jpackage-utils +Requires: java + +%description jpip-tools +OpenJPEG2 JPIP module command line tools + +##### JP3D ##### + +%package jp3d +Summary: OpenJPEG2 JP3D module +Requires: %{name}%{?_isa} = %{version}-%{release} + +%description jp3d +The OpenJPEG library is an open-source JPEG 2000 library developed in order to +promote the use of JPEG 2000. + +This package contains the JP3D (JPEG 2000 standard Part 10 - Jpeg 2000 3D) + + +%package jp3d-devel +Summary: Development files for OpenJPEG2 JP3D module +Requires: %{name}-devel%{?_isa} = %{version}-%{release} +Requires: %{name}-jp3d%{?_isa} = %{version}-%{release} + +%description jp3d-devel +Development files for OpenJPEG2 JP3D module + + +%package jp3d-tools +Summary: OpenJPEG2 JP3D module command line tools +Requires: %{name}-jp3d%{?_isa} = %{version}-%{release} + +%description jp3d-tools +OpenJPEG2 JP3D module command line tools +%endif + + +%prep +%autosetup -p1 -n openjpeg-%{version} %{?runcheck:-a 1} + +# Remove all third party libraries just to be sure +find thirdparty/ -mindepth 1 -maxdepth 1 -type d -exec rm -rf {} \; + + +%build +mkdir %{_target_platform} +pushd %{_target_platform} +# TODO: Consider +# -DBUILD_JPIP_SERVER=ON -DBUILD_JAVA=ON +%cmake -DCMAKE_BUILD_TYPE=RelWithDebInfo -DOPENJPEG_INSTALL_LIB_DIR=%{_lib} \ + %{?optional_components:-DBUILD_MJ2=ON -DBUILD_JPWL=ON -DBUILD_JPIP=ON -DBUILD_JP3D=ON} \ + -DBUILD_DOC=ON \ + -DBUILD_STATIC_LIBS=OFF \ + -DBUILD_SHARED_LIBS=ON \ + %{?runcheck:-DBUILD_TESTING:BOOL=ON -DOPJ_DATA_ROOT=$PWD/../data} \ + .. +popd + +%make_build VERBOSE=1 -C %{_target_platform} + + +%install +%make_install -C %{_target_platform} + +mv %{buildroot}%{_mandir}/man1/opj_compress.1 %{buildroot}%{_mandir}/man1/opj2_compress.1 +mv %{buildroot}%{_mandir}/man1/opj_decompress.1 %{buildroot}%{_mandir}/man1/opj2_decompress.1 +mv %{buildroot}%{_mandir}/man1/opj_dump.1 %{buildroot}%{_mandir}/man1/opj2_dump.1 + +# Docs are installed through %%doc +rm -rf %{buildroot}%{_datadir}/doc/ + +%if 0%{?optional_components} +# Move the jar to the correct place +mkdir -p %{buildroot}%{_javadir} +mv %{buildroot}%{_datadir}/opj_jpip_viewer.jar %{buildroot}%{_javadir}/opj2_jpip_viewer.jar +cat > %{buildroot}%{_bindir}/opj2_jpip_viewer < - 2.4.0-4 +- Fix Covscan defect + +* Wed Jun 09 2021 Nikola Forró - 2.4.0-3 +- Fix CVE-2021-3575 (#1969279) +- Fix resource leak identified by Covscan + +* Wed Jun 02 2021 Nikola Forró - 2.4.0-2 +- Fix CVE-2021-29338 (#1951332) + +* Mon Mar 01 2021 Nikola Forró - 2.4.0-1 +- Rebase to 2.4.0 +- Resolves: CVE-2018-5727 (#1538467) +- Resolves: CVE-2018-5785 (#1538556) +- Resolves: CVE-2018-20845 (#1730679) +- Resolves: CVE-2018-20847 (#1734337) +- Resolves: CVE-2019-12973 (#1739076) +- Resolves: CVE-2020-15389 (#1855115) +- Resolves: CVE-2020-27814 (#1908965) +- Resolves: CVE-2020-27823 (#1906222) +- Resolves: CVE-2020-27824 (#1906216) +- Resolves: CVE-2020-27842 (#1908165) +- Resolves: CVE-2020-27843 (#1908164) +- Resolves: CVE-2020-27845 (#1908168) + +* Mon Feb 10 2020 Nikola Forró - 2.3.1-6 +- Fix CVE-2020-8112 (#1801034) + +* Tue Jan 14 2020 Nikola Forró - 2.3.1-5 +- Fix CVE-2020-6851 (#1790590) + +* Wed Dec 04 2019 Nikola Forró - 2.3.1-4 +- Add upstream test suite and enable it in gating + +* Fri Nov 29 2019 Nikola Forró - 2.3.1-3 +- Fix Coverity issues + +* Wed Nov 20 2019 Nikola Forró - 2.3.1-2 +- Fix unbundling third party libraries (#1757823) + +* Fri May 31 2019 Nikola Forró - 2.3.1-1 +- Rebase to 2.3.1 (#1704255) + +* Tue Oct 16 2018 Nikola Forró - 2.3.0-8 +- Fix important Covscan defects (#1602643) + +* Mon Oct 15 2018 Nikola Forró - 2.3.0-7 +- Fix CVE-2018-18088 (#1638562) + +* Mon Feb 19 2018 Sandro Mani - 2.3.0-6 +- Add missing BR: gcc, make + +* Thu Feb 08 2018 Fedora Release Engineering - 2.3.0-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild + +* Sat Feb 03 2018 Igor Gnatenko - 2.3.0-4 +- Switch to %%ldconfig_scriptlets + +* Mon Dec 25 2017 Sandro Mani - 2.3.0-3 +- Rename tool names at cmake level to ensure OpenJPEGTargets.cmake refers to the renamed files + +* Mon Dec 25 2017 Sandro Mani - 2.3.0-2 +- Use BUILD_STATIC_LIBS=OFF instead of deleting the static library after build + +* Thu Oct 05 2017 Sandro Mani - 2.3.0-1 +- Update to 2.3.0 + +* Thu Sep 07 2017 Sandro Mani - 2.2.0-4 +- Backport fix for CVE-2017-14039 + +* Thu Aug 31 2017 Sandro Mani - 2.2.0-3 +- Backport more security fixes, including for CVE-2017-14041 and CVE-2017-14040 + +* Thu Aug 31 2017 Sandro Mani - 2.2.0-2 +- Backport patch for CVE-2017-12982 + +* Thu Aug 10 2017 Sandro Mani - 2.2.0-1 +- Update to 2.2.0 + +* Thu Aug 03 2017 Fedora Release Engineering - 2.1.2-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild + +* Thu Jul 27 2017 Fedora Release Engineering - 2.1.2-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild + +* Sat Feb 11 2017 Fedora Release Engineering - 2.1.2-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild + +* Sat Dec 17 2016 Sandro Mani - 2.1.2-3 +- Add patch for CVE-2016-9580 (#1405128) and CVE-2016-9581 (#1405135) + +* Thu Dec 08 2016 Sandro Mani - 2.1.2-2 +- Add patch for CVE-2016-9572 (#1402714) and CVE-2016-9573 (#1402711) + +* Wed Sep 28 2016 Sandro Mani - 2.1.2-1 +- Update to 2.1.2 +- Fixes: CVE-2016-7445 + +* Fri Sep 09 2016 Sandro Mani - 2.1.1-3 +- Backport: Add sanity check for tile coordinates (#1374337) + +* Fri Sep 09 2016 Sandro Mani - 2.1.1-2 +- Backport fixes for CVE-2016-7163 + +* Wed Jul 06 2016 Sandro Mani - 2.1.1-1 +- Update to 2.1.1 +- Fixes: CVE-2016-3183, CVE-2016-3181, CVE-2016-3182, CVE-2016-4796, CVE-2016-4797, CVE-2015-8871 + +* Thu Feb 04 2016 Fedora Release Engineering - 2.1.0-8 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild + +* Thu Oct 01 2015 Sandro Mani - 2.1.0-7 +- Backport fix for possible double-free (#1267983) + +* Tue Sep 15 2015 Sandro Mani - 2.1.0-6 +- Backport fix for use after free vulnerability (#1263359) + +* Thu Jun 25 2015 Sandro Mani - 2.1.0-5 +- Add openjpeg2_bigendian.patch (#1232739) + +* Wed Jun 17 2015 Fedora Release Engineering - 2.1.0-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild + +* Sun Aug 17 2014 Fedora Release Engineering - 2.1.0-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild + +* Sat Jun 07 2014 Fedora Release Engineering - 2.1.0-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild + +* Tue May 27 2014 Sandro Mani - 2.1.0-1 +- Update to 2.1.0 + +* Wed Apr 16 2014 Sandro Mani - 2.0.0-5 +- Switch to official 2.0 release and backport pkg-config patch + +* Thu Apr 10 2014 Sandro Mani - 2.0.0-4.svn20140403 +- Replace define with global +- Fix #define optional_components 1S typo +- Fix %%(pwd) -> $PWD for test data +- Added some BR for optional components +- Include opj2_jpip_viewer.jar in %%files + +* Wed Apr 09 2014 Sandro Mani - 2.0.0-3.svn20140403 +- Fix source url +- Fix mixed tabs and spaces +- Fix description too long + +* Wed Apr 09 2014 Sandro Mani - 2.0.0-2.svn20140403 +- Remove thirdparty libraries folder in prep +- Own %%{_libdir}/openjpeg-2.0/ +- Fix Requires +- Add missing ldconfig +- Add possibility to run conformance tests if desired + +* Thu Apr 03 2014 Sandro Mani - 2.0.0-1.svn20140403 +- Initial package diff --git a/openjpeg2_coverity.patch b/openjpeg2_coverity.patch new file mode 100644 index 0000000..39314cd --- /dev/null +++ b/openjpeg2_coverity.patch @@ -0,0 +1,74 @@ +diff --git a/src/bin/jp2/convertpng.c b/src/bin/jp2/convertpng.c +index 00f596e..af3f91e 100644 +--- a/src/bin/jp2/convertpng.c ++++ b/src/bin/jp2/convertpng.c +@@ -75,10 +75,10 @@ opj_image_t *pngtoimage(const char *read_idf, opj_cparameters_t * params) + png_uint_32 width, height = 0U; + int color_type; + FILE *reader = NULL; +- OPJ_BYTE** rows = NULL; +- OPJ_INT32* row32s = NULL; ++ OPJ_BYTE** volatile rows = NULL; ++ OPJ_INT32* volatile row32s = NULL; + /* j2k: */ +- opj_image_t *image = NULL; ++ opj_image_t* volatile image = NULL; + opj_image_cmptparm_t cmptparm[4]; + OPJ_UINT32 nr_comp; + OPJ_BYTE sigbuf[8]; +diff --git a/src/bin/jp2/converttif.c b/src/bin/jp2/converttif.c +index 9d1037a..8d5002a 100644 +--- a/src/bin/jp2/converttif.c ++++ b/src/bin/jp2/converttif.c +@@ -720,7 +720,7 @@ int imagetotif(opj_image_t * image, const char *outfile) + TIFFClose(tif); + return 1; + } +- rowStride = (int64_t)((width * numcomps * bps + 7U) / 8U); ++ rowStride = ((int64_t)width * numcomps * bps + 7U) / 8U; + if (rowStride != strip_size) { + fprintf(stderr, "Invalid TIFF strip size\n"); + TIFFClose(tif); +@@ -1283,8 +1283,6 @@ opj_image_t* tiftoimage(const char *filename, opj_cparameters_t *parameters) + TIFFGetField(tif, TIFFTAG_SAMPLESPERPIXEL, &tiSpp); + TIFFGetField(tif, TIFFTAG_PHOTOMETRIC, &tiPhoto); + TIFFGetField(tif, TIFFTAG_PLANARCONFIG, &tiPC); +- w = (int)tiWidth; +- h = (int)tiHeight; + + if (tiSpp == 0 || tiSpp > 4) { /* should be 1 ... 4 */ + fprintf(stderr, "tiftoimage: Bad value for samples per pixel == %d.\n" +@@ -1451,7 +1449,7 @@ opj_image_t* tiftoimage(const char *filename, opj_cparameters_t *parameters) + return NULL; + } + +- rowStride = (int64_t)((tiWidth * tiSpp * tiBps + 7U) / 8U); ++ rowStride = ((int64_t)tiWidth * tiSpp * tiBps + 7U) / 8U; + buffer32s = (OPJ_INT32 *)malloc(sizeof(OPJ_INT32) * tiWidth * tiSpp); + if (buffer32s == NULL) { + _TIFFfree(buf); +diff --git a/src/lib/openjp2/j2k.c b/src/lib/openjp2/j2k.c +index 8e343ab..c13d229 100644 +--- a/src/lib/openjp2/j2k.c ++++ b/src/lib/openjp2/j2k.c +@@ -7075,7 +7075,7 @@ static OPJ_BOOL opj_j2k_is_imf_compliant(opj_cparameters_t *parameters, + /* Validate sublevel */ + assert(sizeof(tabMaxSubLevelFromMainLevel) == + (OPJ_IMF_MAINLEVEL_MAX + 1) * sizeof(tabMaxSubLevelFromMainLevel[0])); +- if (sublevel > tabMaxSubLevelFromMainLevel[mainlevel]) { ++ if (mainlevel <= OPJ_IMF_MAINLEVEL_MAX && sublevel > tabMaxSubLevelFromMainLevel[mainlevel]) { + opj_event_msg(p_manager, EVT_WARNING, + "IMF profile require sublevel <= %d for mainlevel = %d.\n" + "-> %d is thus not compliant\n" +diff --git a/src/lib/openjp2/t2.c b/src/lib/openjp2/t2.c +index 1481e16..d46bfb4 100644 +--- a/src/lib/openjp2/t2.c ++++ b/src/lib/openjp2/t2.c +@@ -821,6 +821,7 @@ static OPJ_BOOL opj_t2_encode_packet(OPJ_UINT32 tileno, + opj_event_msg(p_manager, EVT_ERROR, + "opj_t2_encode_packet(): accessing precno=%u >= %u\n", + precno, res->pw * res->ph); ++ opj_bio_destroy(bio); + return OPJ_FALSE; + } + diff --git a/openjpeg2_opj2.patch b/openjpeg2_opj2.patch new file mode 100644 index 0000000..0ee3302 --- /dev/null +++ b/openjpeg2_opj2.patch @@ -0,0 +1,13 @@ +diff --git a/src/bin/jp2/CMakeLists.txt b/src/bin/jp2/CMakeLists.txt +index 4d4bd95..619ea51 100644 +--- a/src/bin/jp2/CMakeLists.txt ++++ b/src/bin/jp2/CMakeLists.txt +@@ -44,6 +44,8 @@ endif() + # Loop over all executables: + foreach(exe opj_decompress opj_compress opj_dump) + add_executable(${exe} ${exe}.c ${common_SRCS}) ++ string(REPLACE "opj_" "opj2_" exe2 ${exe}) ++ set_target_properties(${exe} PROPERTIES OUTPUT_NAME ${exe2}) + if(NOT ${CMAKE_VERSION} VERSION_LESS "2.8.12") + target_compile_options(${exe} PRIVATE ${OPENJP2_COMPILE_OPTIONS}) + endif() diff --git a/sources b/sources new file mode 100644 index 0000000..bfa7830 --- /dev/null +++ b/sources @@ -0,0 +1 @@ +SHA512 (openjpeg-2.4.0.tar.gz) = 55daab47d33823af94e32e5d345b52c251a5410f0c8e0a13b693f17899eedc8b2bb107489ddcba9ab78ef17dfd7cd80d3c5ec80c1e429189cb041124b67e07a8