Compare commits
10 Commits
359483f939
...
fb20b7e521
Author | SHA1 | Date | |
---|---|---|---|
|
fb20b7e521 | ||
|
f9f5ef43b5 | ||
|
2ac40afca2 | ||
|
be3b9c8d4d | ||
|
242036c5d5 | ||
|
df0ae8d43e | ||
|
d40ef124e9 | ||
|
39168a9614 | ||
|
f56fc8f556 | ||
|
b6898f73c1 |
1
.gitignore
vendored
1
.gitignore
vendored
@ -7,3 +7,4 @@
|
|||||||
/openjpeg-2.2.0.tar.gz
|
/openjpeg-2.2.0.tar.gz
|
||||||
/openjpeg-2.3.0.tar.gz
|
/openjpeg-2.3.0.tar.gz
|
||||||
/openjpeg-2.3.1.tar.gz
|
/openjpeg-2.3.1.tar.gz
|
||||||
|
/openjpeg-2.4.0.tar.gz
|
||||||
|
1
.openjpeg2.metadata
Normal file
1
.openjpeg2.metadata
Normal file
@ -0,0 +1 @@
|
|||||||
|
bbbf4dc4d9ce95286843cd39ac2febd3fd516c9d openjpeg-2.4.0.tar.gz
|
7
gating.yaml
Normal file
7
gating.yaml
Normal file
@ -0,0 +1,7 @@
|
|||||||
|
--- !Policy
|
||||||
|
product_versions:
|
||||||
|
- rhel-9
|
||||||
|
decision_context: osci_compose_gate
|
||||||
|
rules:
|
||||||
|
- !PassingTestCaseRule {test_case_name: osci.brew-build.tier0.functional}
|
||||||
|
- !PassingTestCaseRule {test_case_name: baseos-ci.brew-build.tier1.functional}
|
165
openjpeg2-CVE-2021-29338.patch
Normal file
165
openjpeg2-CVE-2021-29338.patch
Normal file
@ -0,0 +1,165 @@
|
|||||||
|
From efbfbbb723e100cfbcea287a30958bf678e83458 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Ariadne Conill <ariadne@dereferenced.org>
|
||||||
|
Date: Tue, 27 Apr 2021 09:37:40 -0600
|
||||||
|
Subject: [PATCH] opj_{compress,decompress,dump}: fix possible buffer overflows
|
||||||
|
in path manipulation functions
|
||||||
|
|
||||||
|
---
|
||||||
|
src/bin/jp2/opj_compress.c | 12 ++++++------
|
||||||
|
src/bin/jp2/opj_decompress.c | 13 ++++++-------
|
||||||
|
src/bin/jp2/opj_dump.c | 14 +++++++-------
|
||||||
|
3 files changed, 19 insertions(+), 20 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/src/bin/jp2/opj_compress.c b/src/bin/jp2/opj_compress.c
|
||||||
|
index 6827484..d8f894c 100644
|
||||||
|
--- a/src/bin/jp2/opj_compress.c
|
||||||
|
+++ b/src/bin/jp2/opj_compress.c
|
||||||
|
@@ -543,8 +543,8 @@ static char * get_file_name(char *name)
|
||||||
|
static char get_next_file(int imageno, dircnt_t *dirptr, img_fol_t *img_fol,
|
||||||
|
opj_cparameters_t *parameters)
|
||||||
|
{
|
||||||
|
- char image_filename[OPJ_PATH_LEN], infilename[OPJ_PATH_LEN],
|
||||||
|
- outfilename[OPJ_PATH_LEN], temp_ofname[OPJ_PATH_LEN];
|
||||||
|
+ char image_filename[OPJ_PATH_LEN], infilename[OPJ_PATH_LEN * 2],
|
||||||
|
+ outfilename[OPJ_PATH_LEN * 2], temp_ofname[OPJ_PATH_LEN];
|
||||||
|
char *temp_p, temp1[OPJ_PATH_LEN] = "";
|
||||||
|
|
||||||
|
strcpy(image_filename, dirptr->filename[imageno]);
|
||||||
|
@@ -553,7 +553,7 @@ static char get_next_file(int imageno, dircnt_t *dirptr, img_fol_t *img_fol,
|
||||||
|
if (parameters->decod_format == -1) {
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
- sprintf(infilename, "%s/%s", img_fol->imgdirpath, image_filename);
|
||||||
|
+ snprintf(infilename, OPJ_PATH_LEN * 2, "%s/%s", img_fol->imgdirpath, image_filename);
|
||||||
|
if (opj_strcpy_s(parameters->infile, sizeof(parameters->infile),
|
||||||
|
infilename) != 0) {
|
||||||
|
return 1;
|
||||||
|
@@ -566,7 +566,7 @@ static char get_next_file(int imageno, dircnt_t *dirptr, img_fol_t *img_fol,
|
||||||
|
sprintf(temp1, ".%s", temp_p);
|
||||||
|
}
|
||||||
|
if (img_fol->set_out_format == 1) {
|
||||||
|
- sprintf(outfilename, "%s/%s.%s", img_fol->imgdirpath, temp_ofname,
|
||||||
|
+ snprintf(outfilename, OPJ_PATH_LEN * 2, "%s/%s.%s", img_fol->imgdirpath, temp_ofname,
|
||||||
|
img_fol->out_format);
|
||||||
|
if (opj_strcpy_s(parameters->outfile, sizeof(parameters->outfile),
|
||||||
|
outfilename) != 0) {
|
||||||
|
@@ -1910,9 +1910,9 @@ int main(int argc, char **argv)
|
||||||
|
num_images = get_num_images(img_fol.imgdirpath);
|
||||||
|
dirptr = (dircnt_t*)malloc(sizeof(dircnt_t));
|
||||||
|
if (dirptr) {
|
||||||
|
- dirptr->filename_buf = (char*)malloc(num_images * OPJ_PATH_LEN * sizeof(
|
||||||
|
+ dirptr->filename_buf = (char*)calloc(num_images, OPJ_PATH_LEN * sizeof(
|
||||||
|
char)); /* Stores at max 10 image file names*/
|
||||||
|
- dirptr->filename = (char**) malloc(num_images * sizeof(char*));
|
||||||
|
+ dirptr->filename = (char**) calloc(num_images, sizeof(char*));
|
||||||
|
if (!dirptr->filename_buf) {
|
||||||
|
ret = 0;
|
||||||
|
goto fin;
|
||||||
|
diff --git a/src/bin/jp2/opj_decompress.c b/src/bin/jp2/opj_decompress.c
|
||||||
|
index 2634907..e54e54f 100644
|
||||||
|
--- a/src/bin/jp2/opj_decompress.c
|
||||||
|
+++ b/src/bin/jp2/opj_decompress.c
|
||||||
|
@@ -455,13 +455,13 @@ const char* path_separator = "/";
|
||||||
|
char get_next_file(int imageno, dircnt_t *dirptr, img_fol_t *img_fol,
|
||||||
|
opj_decompress_parameters *parameters)
|
||||||
|
{
|
||||||
|
- char image_filename[OPJ_PATH_LEN], infilename[OPJ_PATH_LEN],
|
||||||
|
- outfilename[OPJ_PATH_LEN], temp_ofname[OPJ_PATH_LEN];
|
||||||
|
+ char image_filename[OPJ_PATH_LEN], infilename[OPJ_PATH_LEN * 2],
|
||||||
|
+ outfilename[OPJ_PATH_LEN * 2], temp_ofname[OPJ_PATH_LEN];
|
||||||
|
char *temp_p, temp1[OPJ_PATH_LEN] = "";
|
||||||
|
|
||||||
|
strcpy(image_filename, dirptr->filename[imageno]);
|
||||||
|
fprintf(stderr, "File Number %d \"%s\"\n", imageno, image_filename);
|
||||||
|
- sprintf(infilename, "%s%s%s", img_fol->imgdirpath, path_separator,
|
||||||
|
+ snprintf(infilename, OPJ_PATH_LEN * 2, "%s%s%s", img_fol->imgdirpath, path_separator,
|
||||||
|
image_filename);
|
||||||
|
parameters->decod_format = infile_format(infilename);
|
||||||
|
if (parameters->decod_format == -1) {
|
||||||
|
@@ -479,7 +479,7 @@ char get_next_file(int imageno, dircnt_t *dirptr, img_fol_t *img_fol,
|
||||||
|
sprintf(temp1, ".%s", temp_p);
|
||||||
|
}
|
||||||
|
if (img_fol->set_out_format == 1) {
|
||||||
|
- sprintf(outfilename, "%s/%s.%s", img_fol->imgdirpath, temp_ofname,
|
||||||
|
+ snprintf(outfilename, OPJ_PATH_LEN * 2, "%s/%s.%s", img_fol->imgdirpath, temp_ofname,
|
||||||
|
img_fol->out_format);
|
||||||
|
if (opj_strcpy_s(parameters->outfile, sizeof(parameters->outfile),
|
||||||
|
outfilename) != 0) {
|
||||||
|
@@ -1357,14 +1357,13 @@ int main(int argc, char **argv)
|
||||||
|
return EXIT_FAILURE;
|
||||||
|
}
|
||||||
|
/* Stores at max 10 image file names */
|
||||||
|
- dirptr->filename_buf = (char*)malloc(sizeof(char) *
|
||||||
|
- (size_t)num_images * OPJ_PATH_LEN);
|
||||||
|
+ dirptr->filename_buf = calloc((size_t) num_images, sizeof(char) * OPJ_PATH_LEN);
|
||||||
|
if (!dirptr->filename_buf) {
|
||||||
|
failed = 1;
|
||||||
|
goto fin;
|
||||||
|
}
|
||||||
|
|
||||||
|
- dirptr->filename = (char**) malloc((size_t)num_images * sizeof(char*));
|
||||||
|
+ dirptr->filename = (char**) calloc((size_t) num_images, sizeof(char*));
|
||||||
|
|
||||||
|
if (!dirptr->filename) {
|
||||||
|
failed = 1;
|
||||||
|
diff --git a/src/bin/jp2/opj_dump.c b/src/bin/jp2/opj_dump.c
|
||||||
|
index 6e15fee..4e19c61 100644
|
||||||
|
--- a/src/bin/jp2/opj_dump.c
|
||||||
|
+++ b/src/bin/jp2/opj_dump.c
|
||||||
|
@@ -201,8 +201,8 @@ static int get_file_format(const char *filename)
|
||||||
|
static char get_next_file(int imageno, dircnt_t *dirptr, img_fol_t *img_fol,
|
||||||
|
opj_dparameters_t *parameters)
|
||||||
|
{
|
||||||
|
- char image_filename[OPJ_PATH_LEN], infilename[OPJ_PATH_LEN],
|
||||||
|
- outfilename[OPJ_PATH_LEN], temp_ofname[OPJ_PATH_LEN];
|
||||||
|
+ char image_filename[OPJ_PATH_LEN], infilename[OPJ_PATH_LEN * 2],
|
||||||
|
+ outfilename[OPJ_PATH_LEN * 2], temp_ofname[OPJ_PATH_LEN];
|
||||||
|
char *temp_p, temp1[OPJ_PATH_LEN] = "";
|
||||||
|
|
||||||
|
strcpy(image_filename, dirptr->filename[imageno]);
|
||||||
|
@@ -211,7 +211,7 @@ static char get_next_file(int imageno, dircnt_t *dirptr, img_fol_t *img_fol,
|
||||||
|
if (parameters->decod_format == -1) {
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
- sprintf(infilename, "%s/%s", img_fol->imgdirpath, image_filename);
|
||||||
|
+ snprintf(infilename, OPJ_PATH_LEN * 2, "%s/%s", img_fol->imgdirpath, image_filename);
|
||||||
|
if (opj_strcpy_s(parameters->infile, sizeof(parameters->infile),
|
||||||
|
infilename) != 0) {
|
||||||
|
return 1;
|
||||||
|
@@ -224,7 +224,7 @@ static char get_next_file(int imageno, dircnt_t *dirptr, img_fol_t *img_fol,
|
||||||
|
sprintf(temp1, ".%s", temp_p);
|
||||||
|
}
|
||||||
|
if (img_fol->set_out_format == 1) {
|
||||||
|
- sprintf(outfilename, "%s/%s.%s", img_fol->imgdirpath, temp_ofname,
|
||||||
|
+ snprintf(outfilename, OPJ_PATH_LEN * 2, "%s/%s.%s", img_fol->imgdirpath, temp_ofname,
|
||||||
|
img_fol->out_format);
|
||||||
|
if (opj_strcpy_s(parameters->outfile, sizeof(parameters->outfile),
|
||||||
|
outfilename) != 0) {
|
||||||
|
@@ -457,7 +457,7 @@ int main(int argc, char *argv[])
|
||||||
|
opj_codestream_info_v2_t* cstr_info = NULL;
|
||||||
|
opj_codestream_index_t* cstr_index = NULL;
|
||||||
|
|
||||||
|
- OPJ_INT32 num_images, imageno;
|
||||||
|
+ int num_images, imageno;
|
||||||
|
img_fol_t img_fol;
|
||||||
|
dircnt_t *dirptr = NULL;
|
||||||
|
|
||||||
|
@@ -486,13 +486,13 @@ int main(int argc, char *argv[])
|
||||||
|
if (!dirptr) {
|
||||||
|
return EXIT_FAILURE;
|
||||||
|
}
|
||||||
|
- dirptr->filename_buf = (char*)malloc((size_t)num_images * OPJ_PATH_LEN * sizeof(
|
||||||
|
+ dirptr->filename_buf = (char*) calloc((size_t) num_images, OPJ_PATH_LEN * sizeof(
|
||||||
|
char)); /* Stores at max 10 image file names*/
|
||||||
|
if (!dirptr->filename_buf) {
|
||||||
|
free(dirptr);
|
||||||
|
return EXIT_FAILURE;
|
||||||
|
}
|
||||||
|
- dirptr->filename = (char**) malloc((size_t)num_images * sizeof(char*));
|
||||||
|
+ dirptr->filename = (char**) calloc((size_t) num_images, sizeof(char*));
|
||||||
|
|
||||||
|
if (!dirptr->filename) {
|
||||||
|
goto fails;
|
||||||
|
--
|
||||||
|
2.31.1
|
||||||
|
|
35
openjpeg2-CVE-2021-3575.patch
Normal file
35
openjpeg2-CVE-2021-3575.patch
Normal file
@ -0,0 +1,35 @@
|
|||||||
|
From 409907d89878222cf9dea80f0add8f73e9383834 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Mehdi Sabwat <mehdisabwat@gmail.com>
|
||||||
|
Date: Fri, 7 May 2021 01:50:37 +0200
|
||||||
|
Subject: [PATCH] fix heap buffer overflow #1347
|
||||||
|
|
||||||
|
---
|
||||||
|
src/bin/common/color.c | 9 ++++++---
|
||||||
|
1 file changed, 6 insertions(+), 3 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/src/bin/common/color.c b/src/bin/common/color.c
|
||||||
|
index 27f15f1..935fa44 100644
|
||||||
|
--- a/src/bin/common/color.c
|
||||||
|
+++ b/src/bin/common/color.c
|
||||||
|
@@ -368,12 +368,15 @@ static void sycc420_to_rgb(opj_image_t *img)
|
||||||
|
|
||||||
|
sycc_to_rgb(offset, upb, *y, *cb, *cr, r, g, b);
|
||||||
|
|
||||||
|
- ++y;
|
||||||
|
+ if (*y != img->comps[0].data[loopmaxh])
|
||||||
|
+ ++y;
|
||||||
|
++r;
|
||||||
|
++g;
|
||||||
|
++b;
|
||||||
|
- ++cb;
|
||||||
|
- ++cr;
|
||||||
|
+ if (*cb != img->comps[1].data[loopmaxh])
|
||||||
|
+ ++cb;
|
||||||
|
+ if (*cr != img->comps[2].data[loopmaxh])
|
||||||
|
+ ++cr;
|
||||||
|
}
|
||||||
|
if (j < maxw) {
|
||||||
|
sycc_to_rgb(offset, upb, *y, *cb, *cr, r, g, b);
|
||||||
|
--
|
||||||
|
2.31.1
|
||||||
|
|
26
openjpeg2-CVE-2022-1122.patch
Normal file
26
openjpeg2-CVE-2022-1122.patch
Normal file
@ -0,0 +1,26 @@
|
|||||||
|
From 0afbdcf3e6d0d2bd2e16a0c4d513ee3cf86e460d Mon Sep 17 00:00:00 2001
|
||||||
|
From: xiaoxiaoafeifei <lliangliang2007@163.com>
|
||||||
|
Date: Wed, 14 Jul 2021 09:35:13 +0800
|
||||||
|
Subject: [PATCH] Fix segfault in src/bin/jp2/opj_decompress.c due to
|
||||||
|
uninitialized pointer (fixes #1368) (#1369)
|
||||||
|
|
||||||
|
---
|
||||||
|
src/bin/jp2/opj_decompress.c | 2 +-
|
||||||
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/src/bin/jp2/opj_decompress.c b/src/bin/jp2/opj_decompress.c
|
||||||
|
index 0e028735..18ead672 100644
|
||||||
|
--- a/src/bin/jp2/opj_decompress.c
|
||||||
|
+++ b/src/bin/jp2/opj_decompress.c
|
||||||
|
@@ -1356,7 +1356,7 @@ int main(int argc, char **argv)
|
||||||
|
int it_image;
|
||||||
|
num_images = get_num_images(img_fol.imgdirpath);
|
||||||
|
|
||||||
|
- dirptr = (dircnt_t*)malloc(sizeof(dircnt_t));
|
||||||
|
+ dirptr = (dircnt_t*)calloc(1, sizeof(dircnt_t));
|
||||||
|
if (!dirptr) {
|
||||||
|
destroy_parameters(¶meters);
|
||||||
|
return EXIT_FAILURE;
|
||||||
|
--
|
||||||
|
2.34.1
|
||||||
|
|
@ -7,8 +7,8 @@
|
|||||||
%global _target_platform %{_vendor}-%{_target_os}
|
%global _target_platform %{_vendor}-%{_target_os}
|
||||||
|
|
||||||
Name: openjpeg2
|
Name: openjpeg2
|
||||||
Version: 2.3.1
|
Version: 2.4.0
|
||||||
Release: 8%{?dist}
|
Release: 7%{?dist}
|
||||||
Summary: C-Library for JPEG 2000
|
Summary: C-Library for JPEG 2000
|
||||||
|
|
||||||
# windirent.h is MIT, the rest is BSD
|
# windirent.h is MIT, the rest is BSD
|
||||||
@ -22,16 +22,11 @@ Source1: data.tar.xz
|
|||||||
|
|
||||||
# Rename tool names to avoid conflicts with openjpeg-1.x
|
# Rename tool names to avoid conflicts with openjpeg-1.x
|
||||||
Patch0: openjpeg2_opj2.patch
|
Patch0: openjpeg2_opj2.patch
|
||||||
# Backport patch for CVE 2020-6851
|
# Fix CVE-2021-29338
|
||||||
# https://github.com/uclouvain/openjpeg/issues/1228
|
Patch1: openjpeg2-CVE-2021-29338.patch
|
||||||
Patch1: openjpeg2_CVE-2020-6851.patch
|
# Fix CVE-2021-3575
|
||||||
# Backport patch for CVE 2020-8112
|
Patch2: openjpeg2-CVE-2021-3575.patch
|
||||||
# https://github.com/uclouvain/openjpeg/pull/1232/commits/05f9b91e60debda0e83977e5e63b2e66486f7074
|
Patch3: openjpeg2-CVE-2022-1122.patch
|
||||||
Patch2: openjpeg2_CVE-2020-8112.patch
|
|
||||||
# Backport patch for CVE-2020-27814
|
|
||||||
# https://github.com/uclouvain/openjpeg/commit/eaa098b59b346cb88e4d10d505061f669d7134fc
|
|
||||||
Patch3: openjpeg2_CVE-2020-27814.patch
|
|
||||||
|
|
||||||
|
|
||||||
BuildRequires: cmake
|
BuildRequires: cmake
|
||||||
# The library itself is C only, but there is some optional C++ stuff, hence the project is not marked as C-only in cmake and hence cmake looks for a c++ compiler
|
# The library itself is C only, but there is some optional C++ stuff, hence the project is not marked as C-only in cmake and hence cmake looks for a c++ compiler
|
||||||
@ -268,12 +263,12 @@ chmod +x %{buildroot}%{_bindir}/opj2_jpip_viewer
|
|||||||
%{_mandir}/man3/libopenjp2.3*
|
%{_mandir}/man3/libopenjp2.3*
|
||||||
|
|
||||||
%files devel
|
%files devel
|
||||||
%dir %{_includedir}/openjpeg-2.3/
|
%dir %{_includedir}/openjpeg-2.4/
|
||||||
%{_includedir}/openjpeg-2.3/openjpeg.h
|
%{_includedir}/openjpeg-2.4/openjpeg.h
|
||||||
%{_includedir}/openjpeg-2.3/opj_config.h
|
%{_includedir}/openjpeg-2.4/opj_config.h
|
||||||
%{_includedir}/openjpeg-2.3/opj_stdint.h
|
%{_includedir}/openjpeg-2.4/opj_stdint.h
|
||||||
%{_libdir}/libopenjp2.so
|
%{_libdir}/libopenjp2.so
|
||||||
%{_libdir}/openjpeg-2.3/
|
%{_libdir}/openjpeg-2.4/
|
||||||
%{_libdir}/pkgconfig/libopenjp2.pc
|
%{_libdir}/pkgconfig/libopenjp2.pc
|
||||||
|
|
||||||
%files devel-docs
|
%files devel-docs
|
||||||
@ -333,6 +328,34 @@ chmod +x %{buildroot}%{_bindir}/opj2_jpip_viewer
|
|||||||
|
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Wed Jun 15 2022 Matej Mužila <mmuzila@redhat.com> - 2.4.0-7
|
||||||
|
- Fix CVE-2022-1122
|
||||||
|
|
||||||
|
* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 2.4.0-6
|
||||||
|
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
|
||||||
|
Related: rhbz#1991688
|
||||||
|
|
||||||
|
* Fri Jun 25 2021 Nikola Forró <nforro@redhat.com> - 2.4.0-5
|
||||||
|
- Fix CVE-2021-3575 (#1969280)
|
||||||
|
|
||||||
|
* Fri Jun 25 2021 Nikola Forró <nforro@redhat.com> - 2.4.0-4
|
||||||
|
- Fix CVE-2021-29338 (#1951333)
|
||||||
|
|
||||||
|
* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 2.4.0-3
|
||||||
|
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
|
||||||
|
|
||||||
|
* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 2.4.0-2
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
|
||||||
|
|
||||||
|
* Tue Dec 29 2020 Sandro Mani <manisandro@gmail.com> - 2.4.0-1
|
||||||
|
- Update to 2.4.0
|
||||||
|
|
||||||
|
* Thu Dec 17 2020 Sandro Mani <manisandro@gmail.com> - 2.3.1-10
|
||||||
|
* Backport patches for CVE-2020-27841, CVE-2020-27842, CVE-2020-27843, CVE-2020-27845
|
||||||
|
|
||||||
|
* Thu Dec 10 2020 Sandro Mani <manisandro@gmail.com> - 2.3.1-9
|
||||||
|
* Backport patches for CVE-2020-27824 and CVE-2020-27823
|
||||||
|
|
||||||
* Sat Nov 28 2020 Sandro Mani <manisandro@gmail.com> - 2.3.1-8
|
* Sat Nov 28 2020 Sandro Mani <manisandro@gmail.com> - 2.3.1-8
|
||||||
- Backport patch for CVE-2020-27814
|
- Backport patch for CVE-2020-27814
|
||||||
|
|
||||||
|
@ -1,16 +0,0 @@
|
|||||||
diff -rupN --no-dereference openjpeg-2.3.1/src/lib/openjp2/tcd.c openjpeg-2.3.1-new/src/lib/openjp2/tcd.c
|
|
||||||
--- openjpeg-2.3.1/src/lib/openjp2/tcd.c 2020-11-28 23:29:38.701863373 +0100
|
|
||||||
+++ openjpeg-2.3.1-new/src/lib/openjp2/tcd.c 2020-11-28 23:29:38.704863383 +0100
|
|
||||||
@@ -1235,9 +1235,11 @@ static OPJ_BOOL opj_tcd_code_block_enc_a
|
|
||||||
|
|
||||||
/* +1 is needed for https://github.com/uclouvain/openjpeg/issues/835 */
|
|
||||||
/* and actually +2 required for https://github.com/uclouvain/openjpeg/issues/982 */
|
|
||||||
+ /* and +7 for https://github.com/uclouvain/openjpeg/issues/1283 (-M 3) */
|
|
||||||
+ /* and +26 for https://github.com/uclouvain/openjpeg/issues/1283 (-M 7) */
|
|
||||||
/* TODO: is there a theoretical upper-bound for the compressed code */
|
|
||||||
/* block size ? */
|
|
||||||
- l_data_size = 2 + (OPJ_UINT32)((p_code_block->x1 - p_code_block->x0) *
|
|
||||||
+ l_data_size = 26 + (OPJ_UINT32)((p_code_block->x1 - p_code_block->x0) *
|
|
||||||
(p_code_block->y1 - p_code_block->y0) * (OPJ_INT32)sizeof(OPJ_UINT32));
|
|
||||||
|
|
||||||
if (l_data_size > p_code_block->data_size) {
|
|
@ -1,18 +0,0 @@
|
|||||||
diff -rupN --no-dereference openjpeg-2.3.1/src/lib/openjp2/j2k.c openjpeg-2.3.1-new/src/lib/openjp2/j2k.c
|
|
||||||
--- openjpeg-2.3.1/src/lib/openjp2/j2k.c 2019-04-02 14:45:15.000000000 +0200
|
|
||||||
+++ openjpeg-2.3.1-new/src/lib/openjp2/j2k.c 2020-11-28 23:29:38.618863089 +0100
|
|
||||||
@@ -9236,6 +9236,14 @@ static OPJ_BOOL opj_j2k_update_image_dim
|
|
||||||
l_img_comp = p_image->comps;
|
|
||||||
for (it_comp = 0; it_comp < p_image->numcomps; ++it_comp) {
|
|
||||||
OPJ_INT32 l_h, l_w;
|
|
||||||
+ if (p_image->x0 > (OPJ_UINT32)INT_MAX ||
|
|
||||||
+ p_image->y0 > (OPJ_UINT32)INT_MAX ||
|
|
||||||
+ p_image->x1 > (OPJ_UINT32)INT_MAX ||
|
|
||||||
+ p_image->y1 > (OPJ_UINT32)INT_MAX) {
|
|
||||||
+ opj_event_msg(p_manager, EVT_ERROR,
|
|
||||||
+ "Image coordinates above INT_MAX are not supported\n");
|
|
||||||
+ return OPJ_FALSE;
|
|
||||||
+ }
|
|
||||||
|
|
||||||
l_img_comp->x0 = (OPJ_UINT32)opj_int_ceildiv((OPJ_INT32)p_image->x0,
|
|
||||||
(OPJ_INT32)l_img_comp->dx);
|
|
@ -1,30 +0,0 @@
|
|||||||
diff -rupN --no-dereference openjpeg-2.3.1/src/lib/openjp2/tcd.c openjpeg-2.3.1-new/src/lib/openjp2/tcd.c
|
|
||||||
--- openjpeg-2.3.1/src/lib/openjp2/tcd.c 2019-04-02 14:45:15.000000000 +0200
|
|
||||||
+++ openjpeg-2.3.1-new/src/lib/openjp2/tcd.c 2020-11-28 23:29:38.662863239 +0100
|
|
||||||
@@ -905,8 +905,24 @@ static INLINE OPJ_BOOL opj_tcd_init_tile
|
|
||||||
/* p. 64, B.6, ISO/IEC FDIS15444-1 : 2000 (18 august 2000) */
|
|
||||||
l_tl_prc_x_start = opj_int_floordivpow2(l_res->x0, (OPJ_INT32)l_pdx) << l_pdx;
|
|
||||||
l_tl_prc_y_start = opj_int_floordivpow2(l_res->y0, (OPJ_INT32)l_pdy) << l_pdy;
|
|
||||||
- l_br_prc_x_end = opj_int_ceildivpow2(l_res->x1, (OPJ_INT32)l_pdx) << l_pdx;
|
|
||||||
- l_br_prc_y_end = opj_int_ceildivpow2(l_res->y1, (OPJ_INT32)l_pdy) << l_pdy;
|
|
||||||
+ {
|
|
||||||
+ OPJ_UINT32 tmp = ((OPJ_UINT32)opj_int_ceildivpow2(l_res->x1,
|
|
||||||
+ (OPJ_INT32)l_pdx)) << l_pdx;
|
|
||||||
+ if (tmp > (OPJ_UINT32)INT_MAX) {
|
|
||||||
+ opj_event_msg(manager, EVT_ERROR, "Integer overflow\n");
|
|
||||||
+ return OPJ_FALSE;
|
|
||||||
+ }
|
|
||||||
+ l_br_prc_x_end = (OPJ_INT32)tmp;
|
|
||||||
+ }
|
|
||||||
+ {
|
|
||||||
+ OPJ_UINT32 tmp = ((OPJ_UINT32)opj_int_ceildivpow2(l_res->y1,
|
|
||||||
+ (OPJ_INT32)l_pdy)) << l_pdy;
|
|
||||||
+ if (tmp > (OPJ_UINT32)INT_MAX) {
|
|
||||||
+ opj_event_msg(manager, EVT_ERROR, "Integer overflow\n");
|
|
||||||
+ return OPJ_FALSE;
|
|
||||||
+ }
|
|
||||||
+ l_br_prc_y_end = (OPJ_INT32)tmp;
|
|
||||||
+ }
|
|
||||||
/*fprintf(stderr, "\t\t\tprc_x_start=%d, prc_y_start=%d, br_prc_x_end=%d, br_prc_y_end=%d \n", l_tl_prc_x_start, l_tl_prc_y_start, l_br_prc_x_end ,l_br_prc_y_end );*/
|
|
||||||
|
|
||||||
l_res->pw = (l_res->x0 == l_res->x1) ? 0U : (OPJ_UINT32)((
|
|
@ -1,6 +1,6 @@
|
|||||||
diff -rupN --no-dereference openjpeg-2.3.1/src/bin/jp2/CMakeLists.txt openjpeg-2.3.1-new/src/bin/jp2/CMakeLists.txt
|
diff -rupN --no-dereference openjpeg-2.4.0/src/bin/jp2/CMakeLists.txt openjpeg-2.4.0-new/src/bin/jp2/CMakeLists.txt
|
||||||
--- openjpeg-2.3.1/src/bin/jp2/CMakeLists.txt 2019-04-02 14:45:15.000000000 +0200
|
--- openjpeg-2.4.0/src/bin/jp2/CMakeLists.txt 2020-12-28 21:59:39.000000000 +0100
|
||||||
+++ openjpeg-2.3.1-new/src/bin/jp2/CMakeLists.txt 2020-11-28 23:29:38.576862946 +0100
|
+++ openjpeg-2.4.0-new/src/bin/jp2/CMakeLists.txt 2020-12-29 15:45:09.466819414 +0100
|
||||||
@@ -44,6 +44,8 @@ endif()
|
@@ -44,6 +44,8 @@ endif()
|
||||||
# Loop over all executables:
|
# Loop over all executables:
|
||||||
foreach(exe opj_decompress opj_compress opj_dump)
|
foreach(exe opj_decompress opj_compress opj_dump)
|
||||||
|
2
sources
2
sources
@ -1 +1 @@
|
|||||||
SHA512 (openjpeg-2.3.1.tar.gz) = 339fbc899bddf2393d214df71ed5d6070a3a76b933b1e75576c8a0ae9dfcc4adec40bdc544f599e4b8d0bc173e4e9e7352408497b5b3c9356985605830c26c03
|
SHA512 (openjpeg-2.4.0.tar.gz) = 55daab47d33823af94e32e5d345b52c251a5410f0c8e0a13b693f17899eedc8b2bb107489ddcba9ab78ef17dfd7cd80d3c5ec80c1e429189cb041124b67e07a8
|
||||||
|
Loading…
Reference in New Issue
Block a user