Djam/libjpeg-turbo
1
0
Fork 0
mirror of https://abf.rosa.ru/djam/libjpeg-turbo.git synced 2025-02-24 03:12:57 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Updated to release 1.5.3 and added P0 to fix CVE-2017-15232

Browse source
This commit is contained in:
Giovanni Mariani 2018-03-05 12:13:56 +01:00
parent a5ed9049db
commit ff8aca6fe3
3 changed files with 72 additions and 12 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
.abf.yml
View file

@ -1,2 +1,2 @@
sources: sources:
libjpeg-turbo-1.5.0.tar.gz: 9adc21b927e48e4c6889e77079f6c1f3eecf98ab libjpeg-turbo-1.5.3.tar.gz: 87ebf4cab2bb27fcb8e7ccb18ec4eb680e1f2c2d

53
libjpeg-turbo-1.5.2-CVE-2017-15232.patch Normal file
View file

@ -0,0 +1,53 @@
From 1ecd9a5729d78518397889a630e3534bd9d963a8 Mon Sep 17 00:00:00 2001
From: Kornel <kornel@geekhood.net>
Date: Sat, 30 Sep 2017 12:05:53 +0100
Subject: [PATCH] Handle NULL buffer when discarding rows
---
jdpostct.c | 5 +++++
jquant1.c | 4 ++++
2 files changed, 9 insertions(+)
diff --git a/jdpostct.c b/jdpostct.c
index 601fc2a79..a24202ca9 100644
--- a/jdpostct.c
+++ b/jdpostct.c
@@ -132,6 +132,11 @@ post_process_1pass (j_decompress_ptr cinfo,
my_post_ptr post = (my_post_ptr) cinfo->post;
JDIMENSION num_rows, max_rows;
+ /* read_and_discard_scanlines may call it with rows "available", but no buffer */
+ if (output_buf == NULL) {
+ return;
+ }
+
/* Fill the buffer, but not more than what we can dump out in one go. */
/* Note we rely on the upsampler to detect bottom of image. */
max_rows = out_rows_avail - *out_row_ctr;
diff --git a/jquant1.c b/jquant1.c
index e7814815e..ba2ea9b80 100644
--- a/jquant1.c
+++ b/jquant1.c
@@ -531,6 +531,10 @@ quantize_ord_dither (j_decompress_ptr cinfo, JSAMPARRAY input_buf,
JDIMENSION col;
JDIMENSION width = cinfo->output_width;
+ if (output_buf == NULL && num_rows) {
+ ERREXIT(cinfo, JERR_BAD_PARAM);
+ }
+
for (row = 0; row < num_rows; row++) {
/* Initialize output values to 0 so can process components separately */
jzero_far((void *) output_buf[row], (size_t) (width * sizeof(JSAMPLE)));
Index: libjpeg-turbo-1.5.2/jerror.h
===================================================================
--- libjpeg-turbo-1.5.2.orig/jerror.h 2017-07-07 22:31:10.000000000 +0200
+++ libjpeg-turbo-1.5.2/jerror.h 2017-10-12 13:24:01.349954012 +0200
@@ -208,6 +208,7 @@ JMESSAGE(JERR_NO_ARITH_TABLE, "Arithmeti
JMESSAGE(JWRN_ARITH_BAD_CODE, "Corrupt JPEG data: bad arithmetic code")
#endif
#endif
+JMESSAGE(JERR_BAD_PARAM, "Bogus parameter")
#ifdef JMAKE_ENUM_LIST

29
libjpeg-turbo.spec
View file

@ -1,20 +1,20 @@
%define major 8 %define major 8
%define libname %mklibname jpeg %{major} %define libname %mklibname jpeg %{major}
%define devname %mklibname jpeg -d %define devname %mklibname jpeg -d
%define sdevname %mklibname jpeg -d -s %define sdevname %mklibname jpeg -d -s
%define majorturbo 0 %define majorturbo 0
%define libturbo %mklibname turbojpeg %{majorturbo} %define libturbo %mklibname turbojpeg %{majorturbo}
%define major62 62 %define major62 62
%define libname62 %mklibname jpeg %{major62} %define libname62 %mklibname jpeg %{major62}
Summary: A MMX/SSE2 accelerated library for manipulating JPEG image files Summary: A MMX/SSE2 accelerated library for manipulating JPEG image files
Name: libjpeg-turbo Name: libjpeg-turbo
Epoch: 1 Epoch: 1
Version: 1.5.0 Version: 1.5.3
Release: 3 Release: 1
License: wxWidgets Library License License: wxWindows Library License
Group: System/Libraries Group: System/Libraries
Url: http://www.libjpeg-turbo.org Url: http://www.libjpeg-turbo.org
Source0: https://sourceforge.net/projects/libjpeg-turbo/files/%{version}/%{name}-%{version}.tar.gz Source0: https://sourceforge.net/projects/libjpeg-turbo/files/%{version}/%{name}-%{version}.tar.gz
@ -25,6 +25,7 @@ Source0: https://sourceforge.net/projects/libjpeg-turbo/files/%{version}/%{name}
Source2: http://jpegclub.org/jpegexiforient.c Source2: http://jpegclub.org/jpegexiforient.c
Source3: http://jpegclub.org/exifautotran.txt Source3: http://jpegclub.org/exifautotran.txt
Patch0: jpeg-6b-c++fixes.patch Patch0: jpeg-6b-c++fixes.patch
Patch1: %{name}-1.5.2-CVE-2017-15232.patch
BuildRequires: libtool >= 1.4 BuildRequires: libtool >= 1.4
%ifarch %{ix86} x86_64 %ifarch %{ix86} x86_64
BuildRequires: nasm BuildRequires: nasm
@ -62,6 +63,7 @@ This package contains the library needed to run programs dynamically linked
with libjpeg. with libjpeg.
%files -n %{libname62} %files -n %{libname62}
%doc LICENSE.md
%{_libdir}/libjpeg.so.%{major62}* %{_libdir}/libjpeg.so.%{major62}*
#---------------------------------------------------------------------------- #----------------------------------------------------------------------------
@ -75,6 +77,7 @@ This package contains the library needed to run programs dynamically linked
with libturbojpeg. with libturbojpeg.
%files -n %{libturbo} %files -n %{libturbo}
%doc LICENSE.md
%{_libdir}/libturbojpeg.so.%{majorturbo}* %{_libdir}/libturbojpeg.so.%{majorturbo}*
#---------------------------------------------------------------------------- #----------------------------------------------------------------------------
@ -120,6 +123,7 @@ for developing programs which will manipulate JPEG files using the libjpeg
library. library.
%files -n %{sdevname} %files -n %{sdevname}
%doc LICENSE.md
%{_libdir}/libjpeg.a %{_libdir}/libjpeg.a
%{_libdir}/libturbojpeg.a %{_libdir}/libturbojpeg.a
@ -154,10 +158,12 @@ have orientation markings in the EXIF data.
%prep %prep
%setup -q %setup -q
%patch0 -p0 %patch0 -p0
%patch1 -p1
cp %{SOURCE2} jpegexiforient.c cp %{SOURCE2} jpegexiforient.c
cp %{SOURCE3} exifautotran cp %{SOURCE3} exifautotran
%build %build
CONFIGURE_TOP="$PWD" CONFIGURE_TOP="$PWD"
@ -182,6 +188,7 @@ popd
%__cc %{optflags} %{ldflags} -o jpegexiforient jpegexiforient.c %__cc %{optflags} %{ldflags} -o jpegexiforient jpegexiforient.c
%install %install
make install-libLTLIBRARIES DESTDIR=%{buildroot} -C jpeg62 make install-libLTLIBRARIES DESTDIR=%{buildroot} -C jpeg62
%makeinstall_std -C jpeg8 %makeinstall_std -C jpeg8