Sync from SUSE:SLFO:Main openjpeg2 revision 6900b10d40a1b7d8f4d66cc587d6589d
This commit is contained in:
BIN
openjpeg-2.5.2.tar.gz
(Stored with Git LFS)
BIN
openjpeg-2.5.2.tar.gz
(Stored with Git LFS)
Binary file not shown.
BIN
openjpeg-2.5.3.tar.gz
(Stored with Git LFS)
Normal file
BIN
openjpeg-2.5.3.tar.gz
(Stored with Git LFS)
Normal file
Binary file not shown.
@@ -1,136 +0,0 @@
|
||||
From 98592ee6d6904f1b48e8207238779b89a63befa2 Mon Sep 17 00:00:00 2001
|
||||
From: Even Rouault <even.rouault@spatialys.com>
|
||||
Date: Mon, 25 Nov 2024 23:11:24 +0100
|
||||
Subject: [PATCH] sycc422_to_rgb(): fix out-of-bounds read accesses when 2 *
|
||||
width_component_1_or_2 + 1 == with_component_0
|
||||
|
||||
Fixes #1563
|
||||
|
||||
Also adjusts sycc420_to_rgb() for potential similar issue (amending
|
||||
commit 7bd884f8750892de4f50bf4642fcfbe7011c6bdf)
|
||||
---
|
||||
src/bin/common/color.c | 42 ++++++++++++++++++++++++++++++++----------
|
||||
1 file changed, 32 insertions(+), 10 deletions(-)
|
||||
|
||||
Index: openjpeg-2.5.2/src/bin/common/color.c
|
||||
===================================================================
|
||||
--- openjpeg-2.5.2.orig/src/bin/common/color.c
|
||||
+++ openjpeg-2.5.2/src/bin/common/color.c
|
||||
@@ -158,7 +158,7 @@ static void sycc422_to_rgb(opj_image_t *
|
||||
{
|
||||
int *d0, *d1, *d2, *r, *g, *b;
|
||||
const int *y, *cb, *cr;
|
||||
- size_t maxw, maxh, max, offx, loopmaxw;
|
||||
+ size_t maxw, maxh, max, offx, loopmaxw, comp12w;
|
||||
int offset, upb;
|
||||
size_t i;
|
||||
|
||||
@@ -167,6 +167,7 @@ static void sycc422_to_rgb(opj_image_t *
|
||||
upb = (1 << upb) - 1;
|
||||
|
||||
maxw = (size_t)img->comps[0].w;
|
||||
+ comp12w = (size_t)img->comps[1].w;
|
||||
maxh = (size_t)img->comps[0].h;
|
||||
max = maxw * maxh;
|
||||
|
||||
@@ -212,13 +213,19 @@ static void sycc422_to_rgb(opj_image_t *
|
||||
++cr;
|
||||
}
|
||||
if (j < loopmaxw) {
|
||||
- sycc_to_rgb(offset, upb, *y, *cb, *cr, r, g, b);
|
||||
+ if (j / 2 == comp12w) {
|
||||
+ sycc_to_rgb(offset, upb, *y, 0, 0, r, g, b);
|
||||
+ } else {
|
||||
+ sycc_to_rgb(offset, upb, *y, *cb, *cr, r, g, b);
|
||||
+ }
|
||||
++y;
|
||||
++r;
|
||||
++g;
|
||||
++b;
|
||||
- ++cb;
|
||||
- ++cr;
|
||||
+ if (j / 2 < comp12w) {
|
||||
+ ++cb;
|
||||
+ ++cr;
|
||||
+ }
|
||||
}
|
||||
}
|
||||
|
||||
@@ -246,7 +253,7 @@ static void sycc420_to_rgb(opj_image_t *
|
||||
{
|
||||
int *d0, *d1, *d2, *r, *g, *b, *nr, *ng, *nb;
|
||||
const int *y, *cb, *cr, *ny;
|
||||
- size_t maxw, maxh, max, offx, loopmaxw, offy, loopmaxh;
|
||||
+ size_t maxw, maxh, max, offx, loopmaxw, offy, loopmaxh, comp12w;
|
||||
int offset, upb;
|
||||
size_t i;
|
||||
|
||||
@@ -255,6 +262,7 @@ static void sycc420_to_rgb(opj_image_t *
|
||||
upb = (1 << upb) - 1;
|
||||
|
||||
maxw = (size_t)img->comps[0].w;
|
||||
+ comp12w = (size_t)img->comps[1].w;
|
||||
maxh = (size_t)img->comps[0].h;
|
||||
max = maxw * maxh;
|
||||
|
||||
@@ -336,19 +344,29 @@ static void sycc420_to_rgb(opj_image_t *
|
||||
++cr;
|
||||
}
|
||||
if (j < loopmaxw) {
|
||||
- sycc_to_rgb(offset, upb, *y, *cb, *cr, r, g, b);
|
||||
+ if (j / 2 == comp12w) {
|
||||
+ sycc_to_rgb(offset, upb, *y, 0, 0, r, g, b);
|
||||
+ } else {
|
||||
+ sycc_to_rgb(offset, upb, *y, *cb, *cr, r, g, b);
|
||||
+ }
|
||||
++y;
|
||||
++r;
|
||||
++g;
|
||||
++b;
|
||||
|
||||
- sycc_to_rgb(offset, upb, *ny, *cb, *cr, nr, ng, nb);
|
||||
+ if (j / 2 == comp12w) {
|
||||
+ sycc_to_rgb(offset, upb, *ny, 0, 0, nr, ng, nb);
|
||||
+ } else {
|
||||
+ sycc_to_rgb(offset, upb, *ny, *cb, *cr, nr, ng, nb);
|
||||
+ }
|
||||
++ny;
|
||||
++nr;
|
||||
++ng;
|
||||
++nb;
|
||||
- ++cb;
|
||||
- ++cr;
|
||||
+ if (j / 2 < comp12w) {
|
||||
+ ++cb;
|
||||
+ ++cr;
|
||||
+ }
|
||||
}
|
||||
y += maxw;
|
||||
r += maxw;
|
||||
@@ -384,7 +402,11 @@ static void sycc420_to_rgb(opj_image_t *
|
||||
++cr;
|
||||
}
|
||||
if (j < loopmaxw) {
|
||||
- sycc_to_rgb(offset, upb, *y, *cb, *cr, r, g, b);
|
||||
+ if (j / 2 == comp12w) {
|
||||
+ sycc_to_rgb(offset, upb, *y, 0, 0, r, g, b);
|
||||
+ } else {
|
||||
+ sycc_to_rgb(offset, upb, *y, *cb, *cr, r, g, b);
|
||||
+ }
|
||||
}
|
||||
}
|
||||
|
||||
Index: openjpeg-2.5.2/src/lib/openjp2/j2k.c
|
||||
===================================================================
|
||||
--- openjpeg-2.5.2.orig/src/lib/openjp2/j2k.c
|
||||
+++ openjpeg-2.5.2/src/lib/openjp2/j2k.c
|
||||
@@ -8390,7 +8390,8 @@ static OPJ_BOOL opj_j2k_add_tlmarker(OPJ
|
||||
if (type == J2K_MS_SOT) {
|
||||
OPJ_UINT32 l_current_tile_part = cstr_index->tile_index[tileno].current_tpsno;
|
||||
|
||||
- if (cstr_index->tile_index[tileno].tp_index) {
|
||||
+ if (cstr_index->tile_index[tileno].tp_index &&
|
||||
+ l_current_tile_part < cstr_index->tile_index[tileno].nb_tps) {
|
||||
cstr_index->tile_index[tileno].tp_index[l_current_tile_part].start_pos = pos;
|
||||
}
|
||||
|
@@ -1,10 +1,32 @@
|
||||
-------------------------------------------------------------------
|
||||
Fri Jan 3 12:46:26 UTC 2025 - pgajdos@suse.com
|
||||
Mon Dec 16 11:15:35 UTC 2024 - Michael Vetter <mvetter@suse.com>
|
||||
|
||||
- security update
|
||||
- added patches
|
||||
fix CVE-2024-56826 [bsc#1235029], heap buffer overflow in bin/common/color.c
|
||||
+ openjpeg2-CVE-2024-56826.patch
|
||||
- Update to 2.5.3:
|
||||
* No API/ABI break compared to v2.5.2
|
||||
New Features:
|
||||
* Use TLM (Tile Length Marker) segments to optimize decoding #1538
|
||||
* Add AVX2 and AVX512 optimization #1552
|
||||
* Support setting enumcs for CMYK and EYCC color space #1529
|
||||
Bug fixes:
|
||||
* Do not turn on 'TPsot==TNsot detection fix' when TNsot==1, and
|
||||
add a OPJ_DPARAMETERS_DISABLE_TPSOT_FIX flag to disable it #1560
|
||||
* opj_j2k_setup_encoder(): set numgbits = 1 for Cinema2K #1559
|
||||
* fix: when EPH markers are specified, they are required. #1547
|
||||
* sycc422_to_rgb(): fix out-of-bounds read accesses when 2 *
|
||||
width_component_1_or_2 + 1 == with_component_0 #1566
|
||||
* Avoid heap-buffer-overflow read on corrupted image in non-strict mode #1536
|
||||
* opj_j2k_read_sod(): validate opj_stream_read_data() return to
|
||||
avoid potential later heap-buffer-overflow in in opj_t1_decode_cblk when disabling strict mode #1534
|
||||
* fix integer Overflow at j2k.c:9614 #1530
|
||||
* Memory leak fixes in error code path of opj_compress #1567
|
||||
* opj_j2k_decode_tiles(): avoid use of uninitialized l_current_tile_no variable #1528
|
||||
* Do not allow header length to be zero in non-zero length packet #1526
|
||||
* Fix building on OpenBSD big endian hosts #1520
|
||||
Changes in third party components:
|
||||
* thirdparty/libz: update to zlib-1.3.1 #1542
|
||||
* thirdparty/libpng: update to libpng-1.6.43 #1541
|
||||
* thirdparty/libtiff: update to libtiff 4.6.0 #1540
|
||||
- fixes CVE-2024-56826 [bsc#1235029]
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri Aug 16 16:59:14 UTC 2024 - Manfred Hollstein <manfred.h@gmx.net>
|
||||
|
@@ -19,7 +19,7 @@
|
||||
%define library_name libopenjp2-7
|
||||
%define base_version 2.5
|
||||
Name: openjpeg2
|
||||
Version: 2.5.2
|
||||
Version: 2.5.3
|
||||
Release: 0
|
||||
Summary: Opensource JPEG 2000 Codec Implementation
|
||||
License: BSD-2-Clause
|
||||
@@ -27,8 +27,6 @@ Group: Productivity/Graphics/Other
|
||||
URL: https://www.openjpeg.org/
|
||||
Source0: https://github.com/uclouvain/openjpeg/archive/v%{version}.tar.gz#/openjpeg-%{version}.tar.gz
|
||||
Source1: baselibs.conf
|
||||
# CVE-2024-56826 [bsc#1235029], heap buffer overflow in bin/common/color.c
|
||||
Patch0: openjpeg2-CVE-2024-56826.patch
|
||||
BuildRequires: cmake > 3.5
|
||||
BuildRequires: doxygen
|
||||
BuildRequires: fdupes
|
||||
@@ -89,7 +87,7 @@ The OpenJPEG library is an open-source JPEG 2000 codec written in C language.
|
||||
This package provides the API documentation for %{name}.
|
||||
|
||||
%prep
|
||||
%autosetup -n openjpeg-%{version} -p1
|
||||
%autosetup -n openjpeg-%{version} -p0
|
||||
|
||||
# do not embed timestamps into html documentation
|
||||
sed -i 's|^HTML_TIMESTAMP[ =].*$|HTML_TIMESTAMP = NO|' doc/Doxyfile.dox.cmake.in
|
||||
|
Reference in New Issue
Block a user