OBS-URL: https://build.opensuse.org/package/show/graphics/dcraw?expand=0&rev=53

2022-04-12 13:10:30 +00:00 · 2022-04-12 13:10:30 +00:00 · 1d2b5bc64c
commit 1d2b5bc64c
parent 03d5eb364f
4 changed files with 2674 additions and 1 deletions
--- a/dcraw-CVE-2021-3624.patch
+++ b/dcraw-CVE-2021-3624.patch
@ -0,0 +1,17 @@
+--- dcraw/dcraw.c	2022-04-12 14:29:23.791896447 +0200
+++ dcraw/dcraw.c	2022-04-12 14:59:50.767180929 +0200
+@@ -3289,7 +3289,13 @@
+     }
+   } else if (type == 4) {
+     free (meta_data);
+-    meta_data = (char *) malloc (meta_length = wide*high*3/2);
+    meta_data = NULL;
+    meta_length =  wide*high*3/2;
+    if (meta_length/wide != high*3/2) {
+        fprintf(stderr, "Potential buffer overflow (meta_length %u, wide %u, high %u). Bailing out...\n", meta_length, wide, high);
+        longjmp(failure, 2);
+    }
+    meta_data = (char *) malloc (meta_length);
+     merror (meta_data, "foveon_load_camf()");
+     foveon_huff (huff);
+     get4();
--- a/dcraw.changes
+++ b/dcraw.changes
@ -1,3 +1,19 @@
+-------------------------------------------------------------------
+Tue Apr 12 11:30:56 UTC 2022 - Fridrich Strba <fstrba@suse.com>
+
+- Added patches:
+  * iowrappers.patch
+    + Written wrappers of fread(),fwrite(),fseek() library functions
+      which check their return values. If an input/output failure is
+      detected, dcraw immediately exits with non-zero status and
+      prints a descriptive message (bsc#1097973, CVE-2018-5805;
+      bsc#1097974, CVE-2018-5806; bsc#1117622, CVE-2018-19565;
+      bsc#1117517, CVE-2018-19566; bsc#1117512, CVE-2018-19567;
+      bsc#1117436, CVE-2018-19568)
+  * dcraw-CVE-2021-3624.patch
+    + Bail out if integer overflow happened and the allocated buffer
+      would be too small (bsc#1189642, CVE-2021-3624)
+
 -------------------------------------------------------------------
 Sun Aug 16 22:39:47 UTC 2020 - Matthias Eliasson <elimat@opensuse.org>

--- a/dcraw.spec
+++ b/dcraw.spec
@ -1,7 +1,7 @@
 #
 # spec file for package dcraw
 #
-# Copyright (c) 2020 SUSE LLC
+# Copyright (c) 2022 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@ -45,6 +45,8 @@ Patch2:         dcraw-CVE-2017-14608.patch
 Patch3:         dcraw-CVE-2018-19655.patch
 # PATCH-FIX-UPSTREAM dcraw-CVE-2018-5801.patch
 Patch4:         dcraw-CVE-2018-5801.patch
+Patch5:         iowrappers.patch
+Patch6:         dcraw-CVE-2021-3624.patch
 BuildRequires:  gettext-runtime
 BuildRequires:  libjpeg-devel
 BuildRequires:  liblcms2-devel
@ -63,6 +65,8 @@ cp -a %{SOURCE3} %{SOURCE4} %{SOURCE5} %{SOURCE6} .
 %patch2 -p1
 %patch3 -p1
 %patch4 -p1
+%patch5 -p1
+%patch6 -p1

 %build
 export CFLAGS="%{optflags} -fno-strict-aliasing -fstack-protector-all"
--- a/iowrappers.patch
+++ b/iowrappers.patch