wallenstein/void-packages
1
0
Fork 0
mirror of https://github.com/void-linux/void-packages.git synced 2025-07-29 17:02:56 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

openjpeg2: add patches (CVE-2016-7163)

Browse source
This commit is contained in:
Duncaen 2016-09-21 17:49:08 +02:00
parent 388792257c
commit 711ff95cee
3 changed files with 60 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

33
srcpkgs/openjpeg2/patches/CVE-2016-7163-1.patch Normal file
View file

@ -0,0 +1,33 @@
From c16bc057ba3f125051c9966cf1f5b68a05681de4 Mon Sep 17 00:00:00 2001
From: trylab <trylab@users.noreply.github.com>
Date: Tue, 6 Sep 2016 13:55:49 +0800
Subject: [PATCH] Fix an integer overflow issue (#809)
Prevent an integer overflow issue in function opj_pi_create_decode of
pi.c.
---
src/lib/openjp2/pi.c | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/src/lib/openjp2/pi.c b/src/lib/openjp2/pi.c
index cffad66..36e2ff0 100644
--- src/lib/openjp2/pi.c
+++ src/lib/openjp2/pi.c
@@ -1237,7 +1237,13 @@ opj_pi_iterator_t *opj_pi_create_decode(opj_image_t *p_image,
l_current_pi = l_pi;
/* memory allocation for include */
- l_current_pi->include = (OPJ_INT16*) opj_calloc((l_tcp->numlayers +1) * l_step_l, sizeof(OPJ_INT16));
+ /* prevent an integer overflow issue */
+ l_current_pi->include = 00;
+ if (l_step_l <= (SIZE_MAX / (l_tcp->numlayers + 1U)))
+ {
+ l_current_pi->include = (OPJ_INT16*) opj_calloc((l_tcp->numlayers +1) * l_step_l, sizeof(OPJ_INT16));
+ }
+
if
(!l_current_pi->include)
{
--
2.10.0

26
srcpkgs/openjpeg2/patches/CVE-2016-7163-2.patch Normal file
View file

@ -0,0 +1,26 @@
From ef01f18dfc6780b776d0674ed3e7415c6ef54d24 Mon Sep 17 00:00:00 2001
From: Matthieu Darbois <mayeut@users.noreply.github.com>
Date: Thu, 8 Sep 2016 07:34:46 +0200
Subject: [PATCH] Cast to size_t before multiplication
Need to cast to size_t before multiplication otherwise overflow check is useless.
---
src/lib/openjp2/pi.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/lib/openjp2/pi.c b/src/lib/openjp2/pi.c
index 36e2ff0..809b33d 100644
--- src/lib/openjp2/pi.c
+++ src/lib/openjp2/pi.c
@@ -1241,7 +1241,7 @@ opj_pi_iterator_t *opj_pi_create_decode(opj_image_t *p_image,
l_current_pi->include = 00;
if (l_step_l <= (SIZE_MAX / (l_tcp->numlayers + 1U)))
{
- l_current_pi->include = (OPJ_INT16*) opj_calloc((l_tcp->numlayers +1) * l_step_l, sizeof(OPJ_INT16));
+ l_current_pi->include = (OPJ_INT16*) opj_calloc((size_t)(l_tcp->numlayers + 1U) * l_step_l, sizeof(OPJ_INT16));
}
if
--
2.10.0

2
srcpkgs/openjpeg2/template
View file

@ -1,7 +1,7 @@
# Template file for 'openjpeg2' # Template file for 'openjpeg2'
pkgname=openjpeg2 pkgname=openjpeg2
version=2.1.1 version=2.1.1
revision=1 revision=2
wrksrc="openjpeg-${version}" wrksrc="openjpeg-${version}"
build_style=cmake build_style=cmake
maintainer="Dominik Honnef <dominik@honnef.co>" maintainer="Dominik Honnef <dominik@honnef.co>"