diff options
author | Jonathan Scruggs <j.scruggs@gmail.com> | 2017-09-23 14:04:39 +0100 |
---|---|---|
committer | Alexis Ballier <aballier@gentoo.org> | 2017-09-28 14:45:07 +0200 |
commit | dd4ad81b5d8ba426b3d2d75b27f9993119f73e30 (patch) | |
tree | 37364d9ee45184e0e3740d3d7fa5c20972152171 /media-libs/openexr/files | |
parent | media-libs/ilmbase: Revision bump to 2.2.0-r1 (diff) | |
download | gentoo-dd4ad81b5d8ba426b3d2d75b27f9993119f73e30.tar.gz gentoo-dd4ad81b5d8ba426b3d2d75b27f9993119f73e30.tar.bz2 gentoo-dd4ad81b5d8ba426b3d2d75b27f9993119f73e30.zip |
media-libs/openexr: Revision bump to 2.2.0-r2
* Added patch to fix a typo in the C bindings
* Added patch to install the missing header files
* Added patch to fix security issues:
CVE-2017-9110, CVE-2017-9111, CVE-2017-9112, CVE-2017-9113,
CVE-2017-9114, CVE-2017-9115, CVE-2017-9116
* Fixed build system patch
* Added tabs in the metadata.xml file
Closes: https://bugs.gentoo.org/616996
Closes: https://bugs.gentoo.org/631382
Closes: https://bugs.gentoo.org/620324
Diffstat (limited to 'media-libs/openexr/files')
4 files changed, 186 insertions, 2 deletions
diff --git a/media-libs/openexr/files/openexr-2.2.0-CVE-2017-9110-to-9116-security-fixes.patch b/media-libs/openexr/files/openexr-2.2.0-CVE-2017-9110-to-9116-security-fixes.patch new file mode 100644 index 000000000000..0a37ee9c2d99 --- /dev/null +++ b/media-libs/openexr/files/openexr-2.2.0-CVE-2017-9110-to-9116-security-fixes.patch @@ -0,0 +1,98 @@ +From c2b32f21cbe2db7c7ef485d62ffe9bec8eaa5165 Mon Sep 17 00:00:00 2001 +From: Shawn Walker-Salas <shawn.walker@oracle.com> +Date: Tue, 30 May 2017 19:07:52 -0700 +Subject: [PATCH] CVE-2017-{9110,9111,9112,9113,9114,9115,9116} fixes + +--- + OpenEXR/IlmImf/ImfDwaCompressor.cpp | 7 ++++++- + OpenEXR/IlmImf/ImfHuf.cpp | 10 ++++++---- + OpenEXR/IlmImf/ImfPizCompressor.cpp | 6 ++++++ + 3 files changed, 18 insertions(+), 5 deletions(-) + +diff --git a/IlmImf/ImfDwaCompressor.cpp b/IlmImf/ImfDwaCompressor.cpp +index 1c1bd45..2ef8878 100644 +--- a/IlmImf/ImfDwaCompressor.cpp ++++ b/IlmImf/ImfDwaCompressor.cpp +@@ -2377,7 +2377,12 @@ DwaCompressor::uncompress + + const char *dataPtr = inPtr + NUM_SIZES_SINGLE * sizeof(Int64); + +- if (inSize < headerSize + compressedSize) ++ /* Both the sum and individual sizes are checked in case of overflow. */ ++ if (inSize < (headerSize + compressedSize) || ++ inSize < unknownCompressedSize || ++ inSize < acCompressedSize || ++ inSize < dcCompressedSize || ++ inSize < rleCompressedSize) + { + throw Iex::InputExc("Error uncompressing DWA data" + "(truncated file)."); +diff --git a/IlmImf/ImfHuf.cpp b/IlmImf/ImfHuf.cpp +index a375d05..97909a5 100644 +--- a/IlmImf/ImfHuf.cpp ++++ b/IlmImf/ImfHuf.cpp +@@ -822,7 +822,7 @@ hufEncode // return: output size (in bits) + } + + +-#define getCode(po, rlc, c, lc, in, out, oe) \ ++#define getCode(po, rlc, c, lc, in, out, ob, oe)\ + { \ + if (po == rlc) \ + { \ +@@ -835,6 +835,8 @@ hufEncode // return: output size (in bits) + \ + if (out + cs > oe) \ + tooMuchData(); \ ++ else if (out - 1 < ob) \ ++ notEnoughData(); \ + \ + unsigned short s = out[-1]; \ + \ +@@ -895,7 +897,7 @@ hufDecode + // + + lc -= pl.len; +- getCode (pl.lit, rlc, c, lc, in, out, oe); ++ getCode (pl.lit, rlc, c, lc, in, out, outb, oe); + } + else + { +@@ -925,7 +927,7 @@ hufDecode + // + + lc -= l; +- getCode (pl.p[j], rlc, c, lc, in, out, oe); ++ getCode (pl.p[j], rlc, c, lc, in, out, outb, oe); + break; + } + } +@@ -952,7 +954,7 @@ hufDecode + if (pl.len) + { + lc -= pl.len; +- getCode (pl.lit, rlc, c, lc, in, out, oe); ++ getCode (pl.lit, rlc, c, lc, in, out, outb, oe); + } + else + { +diff --git a/IlmImf/ImfPizCompressor.cpp b/IlmImf/ImfPizCompressor.cpp +index 46c6fba..8b3ee38 100644 +--- a/IlmImf/ImfPizCompressor.cpp ++++ b/IlmImf/ImfPizCompressor.cpp +@@ -573,6 +573,12 @@ PizCompressor::uncompress (const char *inPtr, + int length; + Xdr::read <CharPtrIO> (inPtr, length); + ++ if (length > inSize) ++ { ++ throw InputExc ("Error in header for PIZ-compressed data " ++ "(invalid array length)."); ++ } ++ + hufUncompress (inPtr, length, _tmpBuffer, tmpBufferEnd - _tmpBuffer); + + // +-- +2.14.1 + diff --git a/media-libs/openexr/files/openexr-2.2.0-Fix-typo-in-C-bindings.patch b/media-libs/openexr/files/openexr-2.2.0-Fix-typo-in-C-bindings.patch new file mode 100644 index 000000000000..966e95e72c3c --- /dev/null +++ b/media-libs/openexr/files/openexr-2.2.0-Fix-typo-in-C-bindings.patch @@ -0,0 +1,26 @@ +From c229dfe63380f41dfae1e977b10dfc7c49c7efc7 Mon Sep 17 00:00:00 2001 +From: Edward Kmett <ekmett@gmail.com> +Date: Wed, 9 Dec 2015 12:15:48 -0500 +Subject: [PATCH] Fix typo in C bindings (Close #140) + +IMF_RAMDOM_Y should be IMF_RANDOM_Y +--- + OpenEXR/IlmImf/ImfCRgbaFile.h | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/IlmImf/ImfCRgbaFile.h b/IlmImf/ImfCRgbaFile.h +index 5ac2bf8..db58247 100644 +--- a/IlmImf/ImfCRgbaFile.h ++++ b/IlmImf/ImfCRgbaFile.h +@@ -98,7 +98,7 @@ typedef struct ImfRgba ImfRgba; + + #define IMF_INCREASING_Y 0 + #define IMF_DECREASING_Y 1 +-#define IMF_RAMDOM_Y 2 ++#define IMF_RANDOM_Y 2 + + + /* +-- +2.14.1 + diff --git a/media-libs/openexr/files/openexr-2.2.0-Install-missing-header-files.patch b/media-libs/openexr/files/openexr-2.2.0-Install-missing-header-files.patch new file mode 100644 index 000000000000..1075cd9a30fa --- /dev/null +++ b/media-libs/openexr/files/openexr-2.2.0-Install-missing-header-files.patch @@ -0,0 +1,60 @@ +From a018f82655402421a995565dd4a5192259cbc207 Mon Sep 17 00:00:00 2001 +From: Jonathan Scruggs <j.scruggs@gmail.com> +Date: Sat, 23 Sep 2017 10:36:40 +0100 +Subject: [PATCH] OpenEXR: Install missing header files + +Some header files are not installed via Autotools, but are with +CMake which breaks compatibility with certain programs. This patch +enables Autotools to install these header files. + +Signed-off by: Jonathan Scruggs <j.scruggs@gmail.com> +--- + OpenEXR/IlmImf/Makefile.am | 3 ++- + OpenEXR/IlmImfUtil/Makefile.am | 17 +++++++++++++++++ + 2 files changed, 19 insertions(+), 1 deletion(-) + +diff --git a/IlmImf/Makefile.am b/IlmImf/Makefile.am +index a7c219c..b7b96ac 100644 +--- a/IlmImf/Makefile.am ++++ b/IlmImf/Makefile.am +@@ -162,7 +162,8 @@ libIlmImfinclude_HEADERS = ImfForward.h ImfAttribute.h ImfBoxAttribute.h \ + ImfMisc.h \ + ImfPartHelper.h \ + ImfDeepImageState.h \ +- ImfDeepImageStateAttribute.h ++ ImfDeepImageStateAttribute.h \ ++ ImfFloatVectorAttribute.h + + noinst_HEADERS = ImfCompressor.h \ + ImfRleCompressor.h \ +diff --git a/IlmImfUtil/Makefile.am b/IlmImfUtil/Makefile.am +index 8005ee1..e1d3674 100644 +--- a/IlmImfUtil/Makefile.am ++++ b/IlmImfUtil/Makefile.am +@@ -33,6 +33,23 @@ libIlmImfUtil_la_LIBADD = -L$(top_builddir)/IlmImf $(ILMBASE_LIBS) -lIlmImf + + libIlmImfUtilincludedir = $(includedir)/OpenEXR + ++libIlmImfUtilinclude_HEADERS = ImfFlatImage.h \ ++ ImfDeepImage.h \ ++ ImfDeepImageChannel.h \ ++ ImfImageLevel.h \ ++ ImfDeepImageLevel.h \ ++ ImfDeepImageIO.h \ ++ ImfImageChannelRenaming.h \ ++ ImfImageIO.h \ ++ ImfFlatImageChannel.h \ ++ ImfImage.h \ ++ ImfFlatImageLevel.h \ ++ ImfImageDataWindow.h \ ++ ImfSampleCountChannel.h \ ++ ImfFlatImageIO.h \ ++ ImfImageChannel.h ++ ++ + EXTRA_DIST = CMakeLists.txt + + INCLUDES = \ +-- +2.14.1 + diff --git a/media-libs/openexr/files/openexr-2.2.0-fix-build-system.patch b/media-libs/openexr/files/openexr-2.2.0-fix-build-system.patch index 446e4e53c872..3ccfb1da7ac5 100644 --- a/media-libs/openexr/files/openexr-2.2.0-fix-build-system.patch +++ b/media-libs/openexr/files/openexr-2.2.0-fix-build-system.patch @@ -69,8 +69,8 @@ -AC_DEFINE_UNQUOTED(OPENEXR_VERSION_MAJOR, ${OPENEXR_VERSION_MAJOR}) -AC_DEFINE_UNQUOTED(OPENEXR_VERSION_MINOR, ${OPENEXR_VERSION_MINOR}) -AC_DEFINE_UNQUOTED(OPENEXR_VERSION_PATCH, ${OPENEXR_VERSION_PATCH}) -+AC_DEFINE_UNQUOTED([OPENEXR_VERSION_STRING], [${VERSION}], [OpenEXR version string]) -+AC_DEFINE_UNQUOTED([OPENEXR_PACKAGE_STRING], [${PACKAGE_STRING}], [OpenEXR version string]) ++AC_DEFINE_UNQUOTED([OPENEXR_VERSION_STRING], ["${VERSION}"], [OpenEXR version string]) ++AC_DEFINE_UNQUOTED([OPENEXR_PACKAGE_STRING], ["${PACKAGE_STRING}"], [OpenEXR version string]) +AC_DEFINE_UNQUOTED([OPENEXR_VERSION_MAJOR], [${OPENEXR_VERSION_MAJOR}], [OpenEXR version string]) +AC_DEFINE_UNQUOTED([OPENEXR_VERSION_MINOR], [${OPENEXR_VERSION_MINOR}], [OpenEXR version string]) +AC_DEFINE_UNQUOTED([OPENEXR_VERSION_PATCH], [${OPENEXR_VERSION_PATCH}], [OpenEXR version string]) |