diff options
| author | Francesco Colista <fcolista@alpinelinux.org> | 2017-08-23 14:06:41 +0000 |
|---|---|---|
| committer | Francesco Colista <fcolista@alpinelinux.org> | 2017-08-23 14:06:41 +0000 |
| commit | ca47c2c59eed9062267feefc2004f5d70e7e615e (patch) | |
| tree | 3e010a23c137b60b8d2e8e28e2736733e4116183 | |
| parent | ca6c9a992fc67b7c2948f7ef0a11b167b18d5543 (diff) | |
| download | aports-ca47c2c59eed9062267feefc2004f5d70e7e615e.tar.bz2 aports-ca47c2c59eed9062267feefc2004f5d70e7e615e.tar.xz | |
main/openjpeg: fixed patch for CVE-2017-12982
| -rw-r--r-- | main/openjpeg/APKBUILD | 8 | ||||
| -rw-r--r-- | main/openjpeg/CVE-2017-12982.patch | 32 |
2 files changed, 15 insertions, 25 deletions
diff --git a/main/openjpeg/APKBUILD b/main/openjpeg/APKBUILD index 7f8c248fb1..d8f871f700 100644 --- a/main/openjpeg/APKBUILD +++ b/main/openjpeg/APKBUILD @@ -1,5 +1,5 @@ # Contributor: William Pitcock <nenolod@dereferenced.org> -# Maintainer: +# Maintainer: Francesco Colista <fcolista@alpinelinux.org> pkgname=openjpeg pkgver=2.1.2 pkgrel=2 @@ -48,10 +48,10 @@ tools() { md5sums="40a7bfdcc66280b3c1402a0eb1a27624 openjpeg-2.1.2.tar.gz a5971d486b670e76d5e473ff15e65405 CVE-2016-9580-9581.patch -8dac6b8c8cb72f43e59ce785ea07eb32 CVE-2017-12982.patch" +ff72cc9d76f3c16f726b5aee962dd0b8 CVE-2017-12982.patch" sha256sums="4ce77b6ef538ef090d9bde1d5eeff8b3069ab56c4906f083475517c2c023dfa7 openjpeg-2.1.2.tar.gz e352e9480925a31804d965c673545eeaa32d0a47605abaaa09b515ca956058ba CVE-2016-9580-9581.patch -2693934f4e57a57ec28f9b4fa7664c79e8a200910ef7fbe41a72b8cf1e5b711f CVE-2017-12982.patch" +efb6192af82350afcdfce195fcc461dfa451f1a022f3a5e422529b8018c1fbc6 CVE-2017-12982.patch" sha512sums="411067e33c8e4da9921d0281e932a4ac2af592cf822bfad828daea9e2b9c414859455bcec6d912ce76460ea462fa4cbd94a401333bda5716ec017d18b8e5942c openjpeg-2.1.2.tar.gz bffe1126c18296fdc1e7f98437e2b468b8b16c4903d504dc9abf24a9b8e02f18e86200038c5a59c061c40d41b42f6b378776ed0040559bb362a3a592928941d7 CVE-2016-9580-9581.patch -0e0ce7bdf53c4b6f1b2e9e5f855186763a1bea39b70bdc1fd5b60a5516036a04562cb43030e9946972009e3733d0efadb8ba4825939e32ba6b9419d6428ee9ad CVE-2017-12982.patch" +8c1124e79a7229d1f62924c39b4656a243a2f19e861b794b42d0e66f0dddd8818db477bb628332dabec5dd677c0b5274a7daeba85e6e12194d0522652a2a821b CVE-2017-12982.patch" diff --git a/main/openjpeg/CVE-2017-12982.patch b/main/openjpeg/CVE-2017-12982.patch index 724cf602d1..9938205545 100644 --- a/main/openjpeg/CVE-2017-12982.patch +++ b/main/openjpeg/CVE-2017-12982.patch @@ -1,25 +1,15 @@ -From baf0c1ad4572daa89caa3b12985bdd93530f0dd7 Mon Sep 17 00:00:00 2001 -From: Even Rouault <even.rouault@spatialys.com> -Date: Mon, 14 Aug 2017 17:26:58 +0200 -Subject: [PATCH] bmp_read_info_header(): reject bmp files with biBitCount == 0 - (#983) - ---- - src/bin/jp2/convertbmp.c | 4 ++++ - 1 file changed, 4 insertions(+) - diff --git a/src/bin/jp2/convertbmp.c b/src/bin/jp2/convertbmp.c -index b49e7a080..2715fdf24 100644 +index ae83077..1ac813e 100644 --- a/src/bin/jp2/convertbmp.c +++ b/src/bin/jp2/convertbmp.c -@@ -392,6 +392,10 @@ static OPJ_BOOL bmp_read_info_header(FILE* IN, OPJ_BITMAPINFOHEADER* header) - - header->biBitCount = (OPJ_UINT16)getc(IN); - header->biBitCount |= (OPJ_UINT16)((OPJ_UINT32)getc(IN) << 8); -+ if (header->biBitCount == 0) { -+ fprintf(stderr, "Error, invalid biBitCount %d\n", 0); -+ return OPJ_FALSE; +@@ -379,6 +379,10 @@ static OPJ_BOOL bmp_read_info_header(FILE* IN, OPJ_BITMAPINFOHEADER* header) + + header->biBitCount = (OPJ_UINT16)getc(IN); + header->biBitCount |= (OPJ_UINT16)((OPJ_UINT32)getc(IN) << 8); ++ if (header->biBitCount == 0) { ++ fprintf(stderr, "Error, invalid biBitCount %d\n", 0); ++ return OPJ_FALSE; + } - - if (header->biSize >= 40U) { - header->biCompression = (OPJ_UINT32)getc(IN); + + if(header->biSize >= 40U) { + header->biCompression = (OPJ_UINT32)getc(IN); |