pool/zbar
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 1140634 from Application:Geo

Browse Source 
OBS-URL: https://build.opensuse.org/request/show/1140634
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/zbar?expand=0&rev=20
This commit is contained in:
Ana Guerrero 2024-01-24 18:04:06 +00:00 committed by Git OBS Bridge
commit 752c685439
9 changed files with 124 additions and 155 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

60
py311.patch
View File

@ -1,60 +0,0 @@
From 9bb0cc43f7f9e9c676e07b2e511f03bfa1c491cb Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=C4=90o=C3=A0n=20Tr=E1=BA=A7n=20C=C3=B4ng=20Danh?=
<congdanhqx@gmail.com>
Date: Wed, 21 Sep 2022 10:32:11 +0700
Subject: [PATCH] python: enum: fix build for Python 3.11
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Python 3.9 introduced Py_SET_SIZE function to set size instead of
relying on Py_SIZE() as a macro [3.9].
Python 3.10 started to encourage to use Py_SET_SIZE instead of
assigning into return value of Py_SIZE [3.10].
Python 3.11 flips the switch, turn Py_SIZE into a function [3.11],
thus Py_SIZE(obj) will be a rvalue. We need to use Py_SET_SIZE
to set size now.
[3.9]: https://docs.python.org/3.9/c-api/structures.html#c.Py_SET_SIZE
[3.10]: https://docs.python.org/3.10/c-api/structures.html#c.Py_SIZE
[3.11]: https://docs.python.org/3.11/c-api/structures.html#c.Py_SIZE
Signed-off-by: Đoàn Trần Công Danh <congdanhqx@gmail.com>
Signed-off-by: Mauro Carvalho Chehab <mchehab@kernel.org>
---
python/enum.c | 8 ++++++++
1 file changed, 8 insertions(+)
Index: zbar-0.23.90/python/enum.c
===================================================================
--- zbar-0.23.90.orig/python/enum.c
+++ zbar-0.23.90/python/enum.c
@@ -49,10 +49,13 @@ enumitem_new (PyTypeObject *type,
Py_DECREF(self);
return(NULL);
}
-
/* we assume the "fast path" for a single-digit ints (see longobject.c) */
/* this also holds if we get a small_int preallocated long */
+#if PY_VERSION_HEX >= 0x030900A4
+ Py_SET_SIZE(&self->val, Py_SIZE(longval));
+#else
Py_SIZE(&self->val) = Py_SIZE(longval);
+#endif
self->val.ob_digit[0] = longval->ob_digit[0];
Py_DECREF(longval);
#else
@@ -143,7 +146,11 @@ zbarEnumItem_New (PyObject *byname,
/* we assume the "fast path" for a single-digit ints (see longobject.c) */
/* this also holds if we get a small_int preallocated long */
+#if PY_VERSION_HEX >= 0x030900A4
+ Py_SET_SIZE(&self->val, Py_SIZE(longval));
+#else
Py_SIZE(&self->val) = Py_SIZE(longval);
+#endif
self->val.ob_digit[0] = longval->ob_digit[0];
Py_DECREF(longval);

3
zbar-0.23.90.tar.bz2
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:9152c8fb302b3891e1cb9cc719883d2f4ccd2483e3430783a2cf2d93bd5901ad
size 1199323

BIN
zbar-0.23.93.tar.bz2 (Stored with Git LFS) Normal file
View File

Binary file not shown.

16
zbar-CVE-2023-40889.patch
View File

@ -1,16 +0,0 @@
https://salsa.debian.org/debian/zbar/-/commit/1c3ddc8d7d828d68688c7f4f2ea35a2eee18594c
Index: zbar-0.23.1/zbar/qrcode/qrdec.c
===================================================================
--- zbar-0.23.1.orig/zbar/qrcode/qrdec.c
+++ zbar-0.23.1/zbar/qrcode/qrdec.c
@@ -3900,8 +3900,8 @@ void qr_reader_match_centers(qr_reader *
/*TODO: We might be able to accelerate this step significantly by
considering the remaining finder centers in a more intelligent order,
based on the first finder center we just chose.*/
- for(j=i+1;!mark[i]&&j<_ncenters;j++){
- for(k=j+1;!mark[j]&&k<_ncenters;k++)if(!mark[k]){
+ for (j=i+1;i<_ncenters&&!mark[i]&&j<_ncenters;j++) {
+ for (k=j+1;j<_ncenters&&!mark[j]&&k<_ncenters;k++)if(!mark[k]) {
qr_finder_center *c[3];
qr_code_data qrdata;
int version;

68
zbar-CVE-2023-40890.patch
View File

@ -1,68 +0,0 @@
https://salsa.debian.org/debian/zbar/-/blob/master/debian/patches/0004-Add-bounds-check-for-CVE-2023-40890.patch
Index: zbar-0.23.1/zbar/decoder/databar.c
===================================================================
--- zbar-0.23.1.orig/zbar/decoder/databar.c
+++ zbar-0.23.1/zbar/decoder/databar.c
@@ -23,6 +23,8 @@
#include <config.h>
#include <zbar.h>
+#include <stdlib.h>
+#include <stdio.h>
#ifdef DEBUG_DATABAR
# define DEBUG_LEVEL (DEBUG_DATABAR)
@@ -663,10 +665,11 @@ match_segment (zbar_decoder_t *dcode,
return(ZBAR_DATABAR);
}
-static inline unsigned
+static inline signed
lookup_sequence (databar_segment_t *seg,
int fixed,
- int seq[22])
+ int seq[22],
+ const size_t maxsize)
{
unsigned n = seg->data / 211, i;
const unsigned char *p;
@@ -676,6 +679,13 @@ lookup_sequence (databar_segment_t *seg,
dbprintf(2, " {%d,%d:", i, n);
p = exp_sequences + i;
+ if (n >= maxsize-1) {
+ // The loop below checks i<n and increments i by one within the loop
+ // when accessing seq[22]. For this to be safe, n needs to be < 21.
+ // See CVE-2023-40890.
+ return -1;
+ }
+
fixed >>= 1;
seq[0] = 0;
seq[1] = 1;
@@ -755,10 +765,15 @@ match_segment_exp (zbar_decoder_t *dcode
}
if(!i) {
- if(!lookup_sequence(seg, fixed, seq)) {
+ signed int lu = lookup_sequence(seg, fixed, seq, sizeof(seq)/sizeof(seq[0]));
+ if(!lu) {
dbprintf(2, "[nf]");
continue;
}
+ if(lu < 0) {
+ dbprintf(1, " [aborted]\n");
+ goto abort;
+ }
width = seg->width;
dbprintf(2, " A00@%d", j);
}
@@ -829,6 +844,8 @@ match_segment_exp (zbar_decoder_t *dcode
dcode->direction = (1 - 2 * (seg->side ^ seg->color)) * dir;
dcode->modifiers = MOD(ZBAR_MOD_GS1);
return(ZBAR_DATABAR_EXP);
+abort:
+ return (ZBAR_NONE);
}
#undef IDX

26
zbar-configure.patch Normal file
View File

@ -0,0 +1,26 @@
From a549566ea11eb03622bd4458a1728ffe3f589163 Mon Sep 17 00:00:00 2001
From: Boyuan Yang <byang@debian.org>
Date: Wed, 10 Jan 2024 10:57:29 -0500
Subject: [PATCH] configure.ac: Use old way to detect Qt5
Bug: https://github.com/mchehab/zbar/issues/277
Signed-off-by: Mauro Carvalho Chehab <mchehab@kernel.org>
---
configure.ac | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/configure.ac b/configure.ac
index a2251e3d..0e5641e5 100644
--- a/configure.ac
+++ b/configure.ac
@@ -675,8 +675,8 @@ AS_IF([test "x$with_qt" != "xno"],
AS_IF([test "x$with_qt6" = "xno"],
[PKG_CHECK_MODULES([QT],
[Qt5Core >= 5 Qt5Gui >= 5 Qt5Widgets >= 5.0 Qt5X11Extras >= 5.0],
- [MOC=`$PKG_CONFIG Qt5 --variable=moc`
- QT_VERSION=`$PKG_CONFIG Qt5 --modversion`
+ [AC_CHECK_PROGS([MOC], [moc-qt5 moc])
+ QT_VERSION=`$PKG_CONFIG Qt5Gui --modversion`;
qt_pkgconfig_file="zbar-qt5.pc"
],
[with_qt="no"])])

49
zbar-pkgconfig.patch Normal file
View File

@ -0,0 +1,49 @@
From 368571ffa1a0f6cc41f708dd0d27f9b6e9409df8 Mon Sep 17 00:00:00 2001
From: Boyuan Yang <byang@debian.org>
Date: Tue, 9 Jan 2024 07:56:32 -0500
Subject: [PATCH] configure.ac: Do not use hardcoded pkg-config command
Use overridable $PKG_CONFIG instead.
Also fixes some M4 grammar errors in configure.ac.
Signed-off-by: Mauro Carvalho Chehab <mchehab@kernel.org>
---
configure.ac | 14 +++++++-------
1 file changed, 7 insertions(+), 7 deletions(-)
diff --git a/configure.ac b/configure.ac
index f0f9723c..a2251e3d 100644
--- a/configure.ac
+++ b/configure.ac
@@ -663,23 +663,23 @@ AC_ARG_WITH([qt6],
AS_IF([test "x$with_qt" != "xno"],
[AS_IF([test "x$with_qt6" != "xno"],
- PKG_CHECK_MODULES([QT],
+ [PKG_CHECK_MODULES([QT],
[Qt6],
- [MOC=`pkg-config Qt6 --variable=moc`
+ [MOC=`$PKG_CONFIG Qt6 --variable=moc`
QT_VERSION=`$PKG_CONFIG Qt6 --modversion`
- QT6_HEADERS=`pkg-config Qt6 --variable=headerdir`
+ QT6_HEADERS=`$PKG_CONFIG Qt6 --variable=headerdir`
CPPFLAGS="$CPPFLAGS -I$QT6_HEADERS -I$QT6_HEADERS/QtWidgets -I$QT6_HEADERS/QtCore -I$QT6_HEADERS/QtGui"
qt_pkgconfig_file="zbar-qt5.pc"
],
- [with_qt6="no"]))
+ [with_qt6="no"])])
AS_IF([test "x$with_qt6" = "xno"],
- PKG_CHECK_MODULES([QT],
+ [PKG_CHECK_MODULES([QT],
[Qt5Core >= 5 Qt5Gui >= 5 Qt5Widgets >= 5.0 Qt5X11Extras >= 5.0],
- [MOC=`pkg-config Qt5 --variable=moc`
+ [MOC=`$PKG_CONFIG Qt5 --variable=moc`
QT_VERSION=`$PKG_CONFIG Qt5 --modversion`
qt_pkgconfig_file="zbar-qt5.pc"
],
- [with_qt="no"]))
+ [with_qt="no"])])
])
AC_ARG_VAR([MOC], [full path to Qt moc program])

39
zbar.changes
View File

@ -1,3 +1,42 @@
-------------------------------------------------------------------
Mon Jan 22 08:32:55 UTC 2024 - Michael Vetter <mvetter@suse.com>
- Update to 0.23.93:
* Set a better dpi resolution when parsing PDF files
* Fix memory recycle bug of empty symbols
* Fix compilation with python 3.11 and 3.12
* CVE-2023-40889: Fix array out-of-bounds access
* Stop ignoring non-binary entries that follow binary ones
* Increase allocated buffer memory for symbols
* barcodetest.py: fix error code print logic
* convert: Crash fixing while using camera
* Add some pod information for additional functions
* perl skip more tests if DISPLAY not set and set prereqs in Makefile.PL
* Fixes rt.cpan.org 122061 - test fails when DISPLAY not set
* Update Barcode::ZBar
* isaac: ensure proper order of parsing expression
* Enforce x11 backend even on wayland
* zbarimg: add the --polygon option
* xml output: Add polygon containing code bar.
* configure.ac: drop support for Qt4 and prepare for Qt6 support
* win: fix compiling error in Visual studio
* Enforce a coding style
* configure.ac: fix some issues with gtk parameter
* zbargtk: fix version check macros
* zbar: Address some header issues
* zbar, test: fix compilation issues with FreeBSD
* zbar: Function stdcall declaration issue.
* symbol: make it compatible with MSC
* zbar: change the code to make it c90 standard compatible
* test: fix decode test
- Drop upstreamed patches:
* zbar-CVE-2023-40889.patch
* zbar-CVE-2023-40890.patch
* py311.patch
- Add patch to fix build see gh#mchehab/zbar#277:
* zbar-configure.patch
* zbar-pkgconfig.patch
-------------------------------------------------------------------
Wed Dec 13 18:36:21 UTC 2023 - Michael Vetter <mvetter@suse.com>

15
zbar.spec
View File

@ -1,7 +1,7 @@
#
# spec file for package zbar
#
# Copyright (c) 2023 SUSE LLC
# Copyright (c) 2024 SUSE LLC
# Copyright (c) 2010 Carlos Goncalves <cgoncalves@opensuse.org>.
#
# All modifications and additions to the file contributed by third parties
@ -20,19 +20,18 @@
%define sover 0
%define libname lib%{name}%{sover}
Name: zbar
Version: 0.23.90
Version: 0.23.93
Release: 0
Summary: Bar code reader
License: LGPL-2.0-or-later
URL: https://github.com/mchehab/zbar
Source0: https://linuxtv.org/downloads/%{name}/%{name}-%{version}.tar.bz2
Source98: baselibs.conf
# PATCH-FIX-UPSTREAM: fix build against python 3.11 - https://github.com/mchehab/zbar/commit/9bb0cc43f7f9e9c676e07b2e511f03bfa1c491cb
Patch1: py311.patch
# PATCH-FIX-UPSTREAM -- mvetter@suse.com -- bsc#1214770
Patch2: zbar-CVE-2023-40889.patch
# PATCH-FIX-UPSTREAM -- mvetter@suse.com -- bsc#1214771
Patch3: zbar-CVE-2023-40890.patch
# https://github.com/mchehab/zbar/issues/277
Patch0: https://github.com/mchehab/zbar/commit/368571ffa1a0f6cc41f708dd0d27f9b6e9409df8.patch#/zbar-pkgconfig.patch
# https://github.com/mchehab/zbar/issues/277
Patch1: https://github.com/mchehab/zbar/commit/a549566ea11eb03622bd4458a1728ffe3f589163.patch#/zbar-configure.patch
BuildRequires: automake
BuildRequires: libjpeg-devel
BuildRequires: pkgconfig >= 0.9.0
BuildRequires: xmlto