- security update

- added patches
  fix CVE-2021-45942 [bsc#1194333], heap-based buffer overflow in Imf_3_1:LineCompositeTask:execute
  + openexr-CVE-2021-45942.patch

OBS-URL: https://build.opensuse.org/package/show/graphics/openexr?expand=0&rev=79
This commit is contained in:
Petr Gajdos 2022-01-05 12:55:43 +00:00 committed by Git OBS Bridge
parent 2cfaf38996
commit 4a1b52b0c1
3 changed files with 43 additions and 1 deletions

View File

@ -0,0 +1,32 @@
diff --git a/src/lib/OpenEXR/ImfDeepScanLineInputFile.cpp b/src/lib/OpenEXR/ImfDeepScanLineInputFile.cpp
index 0acbed04b..364a1f04b 100644
--- a/src/lib/OpenEXR/ImfDeepScanLineInputFile.cpp
+++ b/src/lib/OpenEXR/ImfDeepScanLineInputFile.cpp
@@ -1961,14 +1961,20 @@ readSampleCountForLineBlock(InputStreamMutex* streamData,
// @TODO refactor the compressor code to ensure full 64-bit support.
//
- int compressorMaxDataSize = std::numeric_limits<int>::max();
- if (sampleCountTableDataSize > uint64_t(compressorMaxDataSize))
+ uint64_t compressorMaxDataSize = static_cast<uint64_t>(std::numeric_limits<int>::max());
+ if (packedDataSize > compressorMaxDataSize ||
+ unpackedDataSize > compressorMaxDataSize ||
+ sampleCountTableDataSize > compressorMaxDataSize)
{
- THROW (IEX_NAMESPACE::ArgExc, "This version of the library does not "
- << "support the allocation of data with size > "
- << compressorMaxDataSize
- << " file table size :" << sampleCountTableDataSize << ".\n");
+ THROW (IEX_NAMESPACE::ArgExc, "This version of the library does not"
+ << "support the allocation of data with size > "
+ << compressorMaxDataSize
+ << " file table size :" << sampleCountTableDataSize
+ << " file unpacked size :" << unpackedDataSize
+ << " file packed size :" << packedDataSize << ".\n");
}
+
+
streamData->is->read(data->sampleCountTableBuffer, static_cast<int>(sampleCountTableDataSize));
const char* readPtr;

View File

@ -1,3 +1,11 @@
-------------------------------------------------------------------
Wed Jan 5 12:55:27 UTC 2022 - pgajdos@suse.com
- security update
- added patches
fix CVE-2021-45942 [bsc#1194333], heap-based buffer overflow in Imf_3_1:LineCompositeTask:execute
+ openexr-CVE-2021-45942.patch
------------------------------------------------------------------- -------------------------------------------------------------------
Tue Nov 9 10:15:53 UTC 2021 - pgajdos@suse.com Tue Nov 9 10:15:53 UTC 2021 - pgajdos@suse.com

View File

@ -1,7 +1,7 @@
# #
# spec file for package openexr # spec file for package openexr
# #
# Copyright (c) 2021 SUSE LLC # Copyright (c) 2022 SUSE LLC
# #
# All modifications and additions to the file contributed by third parties # All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed # remain the property of their copyright owners, unless otherwise agreed
@ -30,6 +30,8 @@ Group: Development/Libraries/C and C++
URL: https://www.openexr.com/ URL: https://www.openexr.com/
Source0: https://github.com/openexr/openexr/archive/v%{version}.tar.gz Source0: https://github.com/openexr/openexr/archive/v%{version}.tar.gz
Source2: baselibs.conf Source2: baselibs.conf
# CVE-2021-45942 [bsc#1194333], heap-based buffer overflow in Imf_3_1:LineCompositeTask:execute
Patch0: openexr-CVE-2021-45942.patch
BuildRequires: cmake >= 3.12 BuildRequires: cmake >= 3.12
BuildRequires: fltk-devel BuildRequires: fltk-devel
BuildRequires: freeglut-devel BuildRequires: freeglut-devel