Package init

2019-12-25 16:00:06 +08:00 · 2019-12-25 16:00:06 +08:00 · 033447d134
commit 033447d134
parent 43e87c2c3a
3 changed files with 75 additions and 1 deletions
--- a/CVE-2016-10505.patch
+++ b/CVE-2016-10505.patch
@ -0,0 +1,45 @@
+diff -Nur openjpeg-2.3.1_bak/src/bin/common/color.c openjpeg-2.3.1/src/bin/common/color.c
+--- openjpeg-2.3.1_bak/src/bin/common/color.c	2019-10-14 06:31:49.372000000 -0400
+++ openjpeg-2.3.1/src/bin/common/color.c	2019-10-14 06:33:30.080000000 -0400
+@@ -126,6 +126,7 @@
+     d1 = g = (int*)opj_image_data_alloc(sizeof(int) * max);
+     d2 = b = (int*)opj_image_data_alloc(sizeof(int) * max);
+ 
+    if(y == NULL || cb == NULL || cr == NULL) goto fails;
+     if (r == NULL || g == NULL || b == NULL) {
+         goto fails;
+     }
+@@ -178,6 +179,7 @@
+     d1 = g = (int*)opj_image_data_alloc(sizeof(int) * max);
+     d2 = b = (int*)opj_image_data_alloc(sizeof(int) * max);
+ 
+    if(y == NULL || cb == NULL || cr == NULL) goto fails;
+     if (r == NULL || g == NULL || b == NULL) {
+         goto fails;
+     }
+@@ -1062,6 +1064,7 @@
+         (image->comps[0].dx != image->comps[2].dx)
+         || (image->comps[0].dy != image->comps[1].dy) ||
+         (image->comps[0].dy != image->comps[2].dy)
+	|| !image->comps [0].data || !image->comps [1].data || !image->comps [2].data
+     ) {
+         fprintf(stderr, "%s:%d:color_esycc_to_rgb\n\tCAN NOT CONVERT\n", __FILE__,
+                 __LINE__);
+diff -Nur openjpeg-2.3.1_bak/src/bin/jp2/convertbmp.c openjpeg-2.3.1/src/bin/jp2/convertbmp.c
+--- openjpeg-2.3.1_bak/src/bin/jp2/convertbmp.c	2019-10-14 06:31:49.372000000 -0400
+++ openjpeg-2.3.1/src/bin/jp2/convertbmp.c	2019-10-14 06:34:34.480000000 -0400
+@@ -889,6 +889,13 @@
+                 image->comps[0].prec);
+         return 1;
+     }
+
+    for (i = 0; i < image->numcomps; i++) {
+	    if (image->comps[i].data == NULL) {
+		    fprintf(stderr, "Missing image data\n");
+		    return 1;
+	    }
+    }
+     if (image->numcomps >= 3 && image->comps[0].dx == image->comps[1].dx
+             && image->comps[1].dx == image->comps[2].dx
+             && image->comps[0].dy == image->comps[1].dy
+
--- a/CVE-2016-7445.patch
+++ b/CVE-2016-7445.patch
@ -0,0 +1,23 @@
+diff -Nur openjpeg-2.3.1_old/src/bin/jpwl/convert.c openjpeg-2.3.1/src/bin/jpwl/convert.c
+--- openjpeg-2.3.1_old/src/bin/jpwl/convert.c	2019-10-15 16:06:40.623000000 +0800
+++ openjpeg-2.3.1/src/bin/jpwl/convert.c	2019-10-15 16:08:59.642000000 +0800
+@@ -1730,8 +1730,10 @@
+ 
+         if (!have_wh) {
+             s = skip_int(s, &ph->width);
+            if(s == NULL || *s == 0) return;
+ 
+             s = skip_int(s, &ph->height);
+            if(s == NULL || *s == 0) return;
+ 
+             have_wh = 1;
+ 
+@@ -1744,6 +1746,7 @@
+         if (format == 2 || format == 3 || format == 5 || format == 6) {
+             /* P2, P3, P5, P6: */
+             s = skip_int(s, &ph->maxval);
+            if(s == NULL || *s == 0) return;
+ 
+             if (ph->maxval > 65535) {
+                 return;
+
--- a/openjpeg2.spec
+++ b/openjpeg2.spec
@ -1,6 +1,6 @@
 Name:           openjpeg2
 Version:        2.3.1
-Release:        1
+Release:        2
 Summary:        C-Library for JPEG 2000
 License:        BSD and MIT
 URL:            https://github.com/uclouvain/openjpeg
@ -9,6 +9,9 @@ Source0:        https://github.com/uclouvain/openjpeg/archive/v%{version}/openjp
 Patch0:         openjpeg2_remove-thirdparty.patch
 Patch1:         openjpeg2_opj2.patch

+Patch6000:	CVE-2016-10505.patch
+Patch6001:	CVE-2016-7445.patch
+
 BuildRequires:  cmake gcc-c++ make zlib-devel libpng-devel libtiff-devel lcms2-devel doxygen

 Provides:       %{name}-tools
@ -83,5 +86,8 @@ mv %{buildroot}%{_mandir}/man1/opj_dump.1 %{buildroot}%{_mandir}/man1/opj2_dump.
 %{_mandir}/man3/*.3*

 %changelog
+* Thu Sep 19 2019 openEuler Buildteam <buildteam@openeuler.org> - 2.3.1-2
+- fix CVE-2016-10505 and CVE-2016-7445
+
 * Thu Sep 19 2019 openEuler Buildteam <buildteam@openeuler.org> - 2.3.1-1
 - Package init