cpet/freebsd-ports
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

MFH: r497122

Browse Source 
Fix CVE-2018-5727

- Bump PORTREVISION for possible package change

Obtained from:	d6b8aed561
Security:	5efd7a93-2dfb-11e9-9549-e980e869c2e9

Approved by:	ports-secteam (joneum)
This commit is contained in:
Sunpoet Po-Chuan Hsieh 2019-03-30 22:05:26 +00:00
parent 57bef2d69a
commit f62947fbd7
Notes: svn2git 2021-03-31 03:12:20 +00:00 
svn path=/branches/2019Q1/; revision=497363
2 changed files with 27 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
graphics/openjpeg/Makefile
View File

@ -3,8 +3,8 @@
PORTNAME= openjpeg
PORTVERSION= 2.3.0
PORTREVISION= 3
DISTVERSIONPREFIX= v
PORTREVISION= 4
CATEGORIES= graphics
MAINTAINER= sunpoet@FreeBSD.org
@ -18,9 +18,10 @@ LIB_DEPENDS= liblcms2.so:graphics/lcms2 \
libpng.so:graphics/png \
libtiff.so:graphics/tiff
USE_LDCONFIG= yes
USES= cmake cpe pkgconfig
USE_LDCONFIG= yes
PLIST_SUB= PORTVERSION=${PORTVERSION} VER=${PORTVERSION:R}
GH_ACCOUNT= uclouvain

24
graphics/openjpeg/files/patch-src-lib-openjp2-t1.c Normal file
View File

@ -0,0 +1,24 @@
Obtained from: https://github.com/uclouvain/openjpeg/commit/d6b8aed5612e6be6d3a4053867fbd2ae0cb7c8af
--- src/lib/openjp2/t1.c.orig 2017-10-04 22:23:14 UTC
+++ src/lib/openjp2/t1.c
@@ -2168,9 +2168,18 @@ OPJ_BOOL opj_t1_encode_cblks(opj_t1_t *t
t1->data = tiledp;
t1->data_stride = tile_w;
if (tccp->qmfbid == 1) {
+ /* Do multiplication on unsigned type, even if the
+ * underlying type is signed, to avoid potential
+ * int overflow on large value (the output will be
+ * incorrect in such situation, but whatever...)
+ * This assumes complement-to-2 signed integer
+ * representation
+ * Fixes https://github.com/uclouvain/openjpeg/issues/1053
+ */
+ OPJ_UINT32* OPJ_RESTRICT tiledp_u = (OPJ_UINT32*) tiledp;
for (j = 0; j < cblk_h; ++j) {
for (i = 0; i < cblk_w; ++i) {
- tiledp[tileIndex] *= (1 << T1_NMSEDEC_FRACBITS);
+ tiledp_u[tileIndex] <<= T1_NMSEDEC_FRACBITS;
tileIndex++;
}
tileIndex += tileLineAdvance;