cpet/openbsd-ports
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Security:

Browse Source 
Fixes for heap overflows CVE-2011-4516, CVE-2011-4517.  From FreeBSD/Debian.

While here, trim DESCR, routine cleanups.
This commit is contained in:
naddy 2013-04-20 15:25:35 +00:00
parent 05d0c7e301
commit 74d775f0cd
5 changed files with 37 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
graphics/jasper/Makefile
View File

@ -1,13 +1,13 @@
# $OpenBSD: Makefile,v 1.16 2013/03/21 08:45:18 ajacoutot Exp $ # $OpenBSD: Makefile,v 1.17 2013/04/20 15:25:35 naddy Exp $
COMMENT = reference implementation of JPEG-2000 COMMENT = reference implementation of JPEG-2000
DISTNAME = jasper-1.900.1 DISTNAME = jasper-1.900.1
REVISION = 1 REVISION = 2
SHARED_LIBS = jasper 2.1 SHARED_LIBS = jasper 2.1
CATEGORIES = graphics CATEGORIES = graphics
MASTER_SITES = ${HOMEPAGE}software/ MASTER_SITES = http://www.ece.uvic.ca/~mdadams/jasper/software/
EXTRACT_SUFX = .zip EXTRACT_SUFX = .zip
HOMEPAGE = http://www.ece.uvic.ca/~mdadams/jasper/ HOMEPAGE = http://www.ece.uvic.ca/~mdadams/jasper/

36
graphics/jasper/patches/patch-src_libjasper_jpc_jpc_cs_c
View File

@ -1,6 +1,6 @@
$OpenBSD: patch-src_libjasper_jpc_jpc_cs_c,v 1.3 2008/05/17 09:32:16 espie Exp $ $OpenBSD: patch-src_libjasper_jpc_jpc_cs_c,v 1.4 2013/04/20 15:25:35 naddy Exp $
--- src/libjasper/jpc/jpc_cs.c.orig Fri May 16 21:00:25 2008 --- src/libjasper/jpc/jpc_cs.c.orig Fri Jan 19 22:43:07 2007
+++ src/libjasper/jpc/jpc_cs.c Fri May 16 21:05:18 2008 +++ src/libjasper/jpc/jpc_cs.c Fri Apr 19 18:32:09 2013
@@ -502,7 +502,7 @@ static int jpc_siz_getparms(jpc_ms_t *ms, jpc_cstate_t @@ -502,7 +502,7 @@ static int jpc_siz_getparms(jpc_ms_t *ms, jpc_cstate_t
!siz->tileheight || !siz->numcomps) { !siz->tileheight || !siz->numcomps) {
return -1; return -1;
@ -10,16 +10,32 @@ $OpenBSD: patch-src_libjasper_jpc_jpc_cs_c,v 1.3 2008/05/17 09:32:16 espie Exp $
return -1; return -1;
} }
for (i = 0; i < siz->numcomps; ++i) { for (i = 0; i < siz->numcomps; ++i) {
@@ -983,7 +983,7 @@ static int jpc_qcx_getcompparms(jpc_qcxcp_t *compparms @@ -744,6 +744,10 @@ static int jpc_cox_getcompparms(jpc_ms_t *ms, jpc_csta
return -1;
}
compparms->numrlvls = compparms->numdlvls + 1;
+ if (compparms->numrlvls > JPC_MAXRLVLS) {
+ jpc_cox_destroycompparms(compparms);
+ return -1;
+ }
if (prtflag) {
for (i = 0; i < compparms->numrlvls; ++i) {
if (jpc_getuint8(in, &tmp)) {
@@ -982,8 +986,12 @@ static int jpc_qcx_getcompparms(jpc_qcxcp_t *compparms
compparms->numstepsizes = (len - n) / 2;
break; break;
} }
+ if (compparms->numstepsizes > 3 * JPC_MAXRLVLS + 1) {
+ jpc_qcx_destroycompparms(compparms);
+ return -1;
+ }
if (compparms->numstepsizes > 0) { if (compparms->numstepsizes > 0) {
- compparms->stepsizes = jas_malloc(compparms->numstepsizes * - compparms->stepsizes = jas_malloc(compparms->numstepsizes *
+ compparms->stepsizes = jas_alloc2(compparms->numstepsizes, + compparms->stepsizes = jas_alloc2(compparms->numstepsizes,
sizeof(uint_fast16_t)); sizeof(uint_fast16_t));
assert(compparms->stepsizes); assert(compparms->stepsizes);
for (i = 0; i < compparms->numstepsizes; ++i) { for (i = 0; i < compparms->numstepsizes; ++i) {
@@ -1091,7 +1091,7 @@ static int jpc_ppm_getparms(jpc_ms_t *ms, jpc_cstate_t @@ -1091,7 +1099,7 @@ static int jpc_ppm_getparms(jpc_ms_t *ms, jpc_cstate_t
ppm->len = ms->len - 1; ppm->len = ms->len - 1;
if (ppm->len > 0) { if (ppm->len > 0) {
@ -28,7 +44,7 @@ $OpenBSD: patch-src_libjasper_jpc_jpc_cs_c,v 1.3 2008/05/17 09:32:16 espie Exp $
goto error; goto error;
} }
if (JAS_CAST(uint, jas_stream_read(in, ppm->data, ppm->len)) != ppm->len) { if (JAS_CAST(uint, jas_stream_read(in, ppm->data, ppm->len)) != ppm->len) {
@@ -1160,7 +1160,7 @@ static int jpc_ppt_getparms(jpc_ms_t *ms, jpc_cstate_t @@ -1160,7 +1168,7 @@ static int jpc_ppt_getparms(jpc_ms_t *ms, jpc_cstate_t
} }
ppt->len = ms->len - 1; ppt->len = ms->len - 1;
if (ppt->len > 0) { if (ppt->len > 0) {
@ -37,7 +53,7 @@ $OpenBSD: patch-src_libjasper_jpc_jpc_cs_c,v 1.3 2008/05/17 09:32:16 espie Exp $
goto error; goto error;
} }
if (jas_stream_read(in, (char *) ppt->data, ppt->len) != JAS_CAST(int, ppt->len)) { if (jas_stream_read(in, (char *) ppt->data, ppt->len) != JAS_CAST(int, ppt->len)) {
@@ -1223,7 +1223,7 @@ static int jpc_poc_getparms(jpc_ms_t *ms, jpc_cstate_t @@ -1223,7 +1231,7 @@ static int jpc_poc_getparms(jpc_ms_t *ms, jpc_cstate_t
uint_fast8_t tmp; uint_fast8_t tmp;
poc->numpchgs = (cstate->numcomps > 256) ? (ms->len / 9) : poc->numpchgs = (cstate->numcomps > 256) ? (ms->len / 9) :
(ms->len / 7); (ms->len / 7);
@ -46,16 +62,16 @@ $OpenBSD: patch-src_libjasper_jpc_jpc_cs_c,v 1.3 2008/05/17 09:32:16 espie Exp $
goto error; goto error;
} }
for (pchgno = 0, pchg = poc->pchgs; pchgno < poc->numpchgs; ++pchgno, for (pchgno = 0, pchg = poc->pchgs; pchgno < poc->numpchgs; ++pchgno,
@@ -1328,7 +1328,7 @@ static int jpc_crg_getparms(jpc_ms_t *ms, jpc_cstate_t @@ -1328,7 +1336,7 @@ static int jpc_crg_getparms(jpc_ms_t *ms, jpc_cstate_t
jpc_crgcomp_t *comp; jpc_crgcomp_t *comp;
uint_fast16_t compno; uint_fast16_t compno;
crg->numcomps = cstate->numcomps; crg->numcomps = cstate->numcomps;
- if (!(crg->comps = jas_malloc(cstate->numcomps * sizeof(uint_fast16_t)))) { - if (!(crg->comps = jas_malloc(cstate->numcomps * sizeof(uint_fast16_t)))) {
+ if (!(crg->comps = jas_alloc2(cstate->numcomps, sizeof(uint_fast16_t)))) { + if (!(crg->comps = jas_alloc2(cstate->numcomps, sizeof(jpc_crgcomp_t)))) {
return -1; return -1;
} }
for (compno = 0, comp = crg->comps; compno < cstate->numcomps; for (compno = 0, comp = crg->comps; compno < cstate->numcomps;
@@ -1467,7 +1467,7 @@ static int jpc_unk_getparms(jpc_ms_t *ms, jpc_cstate_t @@ -1467,7 +1475,7 @@ static int jpc_unk_getparms(jpc_ms_t *ms, jpc_cstate_t
cstate = 0; cstate = 0;
if (ms->len > 0) { if (ms->len > 0) {

9
graphics/jasper/pkg/DESCR
View File

@ -1,7 +1,2 @@
The JasPer Project is a collaborative effort between Image Power, JasPer provides a reference implementation of the codec specified
Inc. and the University of British Columbia. The objective of this in the JPEG-2000 Part-1 standard (i.e., ISO/IEC 15444-1).
project is to develop a software-based reference implementation of
the codec specified in the JPEG-2000 Part-1 standard (i.e., ISO/IEC
15444-1). This software has also been submitted to the ISO for
inclusion in the JPEG-2000 Part-5 standard (as an official reference
implementation).

2
graphics/jasper/pkg/PFRAG.shared
View File

@ -1,2 +0,0 @@
@comment $OpenBSD: PFRAG.shared,v 1.5 2007/03/29 13:43:53 jasper Exp $
@lib lib/libjasper.so.${LIBjasper_VERSION}

12
graphics/jasper/pkg/PLIST
View File

@ -1,8 +1,8 @@
@comment $OpenBSD: PLIST,v 1.3 2007/03/29 13:43:53 jasper Exp $ @comment $OpenBSD: PLIST,v 1.4 2013/04/20 15:25:35 naddy Exp $
bin/imgcmp @bin bin/imgcmp
bin/imginfo @bin bin/imginfo
bin/jasper @bin bin/jasper
bin/tmrdemo @bin bin/tmrdemo
include/jasper/ include/jasper/
include/jasper/jas_cm.h include/jasper/jas_cm.h
include/jasper/jas_config.h include/jasper/jas_config.h
@ -25,7 +25,7 @@ include/jasper/jas_version.h
include/jasper/jasper.h include/jasper/jasper.h
lib/libjasper.a lib/libjasper.a
lib/libjasper.la lib/libjasper.la
%%SHARED%% @lib lib/libjasper.so.${LIBjasper_VERSION}
@man man/man1/imgcmp.1 @man man/man1/imgcmp.1
@man man/man1/imginfo.1 @man man/man1/imginfo.1
@man man/man1/jasper.1 @man man/man1/jasper.1