packages/LibRaw
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: packages:28f3f52fb7d59ae6ba31ba988999979cf2d87d61
Branches Tags
packages:main
...
compare: packages:2c0fee8d8eab0632b49cee177cf0b64efaeb86ed
Branches Tags
packages:main

11 Commits
28f3f52fb7 ... 2c0fee8d8e

Author SHA1 Message Date
openeuler-ci-bot
2c0fee8d8e
!51 Fix CVE-2021-32142 
From: @starlet-dx 
Reviewed-by: @caodongxia 
Signed-off-by: @caodongxia
 2024-03-26 06:39:27 +00:00
starlet-dx
35c14b7096 Fix CVE-2021-32142 2024-03-26 14:15:25 +08:00
openeuler-ci-bot
bf4e625f59
!45 [sync] PR-44: Fix CVE-2023-1729 
From: @openeuler-sync-bot 
Reviewed-by: @lyn1001 
Signed-off-by: @lyn1001
 2023-05-15 07:44:33 +00:00
starlet-dx
bab38fa6e5 Fix CVE-2023-1729 
(cherry picked from commit 1ed5e98b5534a12f7a0bf0cb0259c4453ae21739)
 2023-05-15 15:06:43 +08:00
openeuler-ci-bot
4d8110692c !27 [sync] PR-26: fix use of uninitialized value 
From: @openeuler-sync-bot
Reviewed-by: @small_leek
Signed-off-by: @small_leek
 2021-06-03 18:53:29 +08:00
jpzhang187
9fcbfe62cc fix use of uninitialized value 
(cherry picked from commit 9113987cc058e57d85fef5662e5ceef226a917eb)
 2021-06-03 18:47:32 +08:00
openeuler-ci-bot
570b2824ba !23 modify Patch0001 name to fix patch parse error 
From: @lei_ju
Reviewed-by: @small_leek
Signed-off-by: @small_leek
 2020-12-06 10:11:14 +08:00
lei_ju
0e7d654a17 modify Patch0001 name to fix patch parse error 2020-12-05 09:57:45 +08:00
openeuler-ci-bot
8bcd26c9b9 !18 fix stack buffer overflow in LibRaw_buffer_datastream::gets() 
From: @zhanghua1831
Reviewed-by: @small_leek
Signed-off-by: @small_leek
 2020-12-04 21:11:45 +08:00
zhanghua1831
f88a2febbc fix stack buffer overflow in LibRaw_buffer_datastream::gets() 2020-12-04 15:11:37 +08:00
openeuler-ci-bot
4d29ce295f !12 update to 0.20.2 and fix stack buffer overflow in parse_rollei 
From: @zhanghua1831
Reviewed-by: @small_leek
Signed-off-by: @small_leek
 2020-12-03 11:38:44 +08:00
5 changed files with 151 additions and 2 deletions
Show Stats Expand all files Collapse all files

37
CVE-2021-32142.patch Normal file
View File

@ -0,0 +1,37 @@
From bc3aaf4223fdb70d52d470dae65c5a7923ea2a49 Mon Sep 17 00:00:00 2001
From: Alex Tutubalin <lexa@lexa.ru>
Date: Mon, 12 Apr 2021 13:21:52 +0300
Subject: [PATCH] check for input buffer size on datastream::gets
---
src/libraw_datastream.cpp | 3 +++
1 file changed, 3 insertions(+)
diff --git a/src/libraw_datastream.cpp b/src/libraw_datastream.cpp
index a5c1a84a..a31ae9dd 100644
--- a/src/libraw_datastream.cpp
+++ b/src/libraw_datastream.cpp
@@ -287,6 +287,7 @@ INT64 LibRaw_file_datastream::tell()
char *LibRaw_file_datastream::gets(char *str, int sz)
{
+ if(sz<1) return NULL;
LR_STREAM_CHK();
std::istream is(f.get());
is.getline(str, sz);
@@ -421,6 +422,7 @@ INT64 LibRaw_buffer_datastream::tell()
char *LibRaw_buffer_datastream::gets(char *s, int sz)
{
+ if(sz<1) return NULL;
unsigned char *psrc, *pdest, *str;
str = (unsigned char *)s;
psrc = buf + streampos;
@@ -618,6 +620,7 @@ INT64 LibRaw_bigfile_datastream::tell()
char *LibRaw_bigfile_datastream::gets(char *str, int sz)
{
+ if(sz<1) return NULL;
LR_BF_CHK();
return fgets(str, sz, f);
}

22
CVE-2023-1729.patch Normal file
View File

@ -0,0 +1,22 @@
From 9ab70f6dca19229cb5caad7cc31af4e7501bac93 Mon Sep 17 00:00:00 2001
From: Alex Tutubalin <lexa@lexa.ru>
Date: Sat, 14 Jan 2023 18:32:59 +0300
Subject: [PATCH] do not set shrink flag for 3/4 component images
---
src/preprocessing/raw2image.cpp | 2 ++
1 file changed, 2 insertions(+)
diff --git a/src/preprocessing/raw2image.cpp b/src/preprocessing/raw2image.cpp
index e65e2ad7..702cf290 100644
--- a/src/preprocessing/raw2image.cpp
+++ b/src/preprocessing/raw2image.cpp
@@ -43,6 +43,8 @@ void LibRaw::raw2image_start()
// adjust for half mode!
IO.shrink =
+ !imgdata.rawdata.color4_image && !imgdata.rawdata.color3_image &&
+ !imgdata.rawdata.float4_image && !imgdata.rawdata.float3_image &&
P1.filters &&
(O.half_size || ((O.threshold || O.aber[0] != 1 || O.aber[2] != 1)));

24
LibRaw.spec
View File

@ -1,11 +1,16 @@
Name: LibRaw
Version: 0.20.2
Release: 1
Release: 6
Summary: Library for reading RAW files obtained from digital photo cameras
License: BSD and (CDDL or LGPLv2)
License: BSD and (CDDL-1.0 or LGPLv2)
URL: http://www.libraw.org
Source0: http://github.com/LibRaw/LibRaw/archive/%{version}.tar.gz
Patch0000: prevent-buffer-overrun-in-parse_rollei.patch
Patch0001: fix-stack-buffer-overflow-in-LibRaw_buffer_datastream_gets.patch
Patch0002: fix-use-of-uninitialized-value.patch
Patch0003: CVE-2023-1729.patch
# https://github.com/LibRaw/LibRaw/commit/bc3aaf4223fdb70d52d470dae65c5a7923ea2a49
Patch0004: CVE-2021-32142.patch
BuildRequires: gcc-c++ pkgconfig(lcms2) pkgconfig(libjpeg)
BuildRequires: autoconf automake libtool
Provides: bundled(dcraw) = 9.25
@ -66,6 +71,21 @@ rm -rfv samples/.deps samples/.dirstamp samples/*.o
%exclude %{_docdir}/libraw/*
%changelog
* Tue Mar 26 2024 yaoxin <yao_xin001@hoperun.com> - 0.20.2-6
- Fix CVE-2021-32142
* Mon May 15 2023 yaoxin <yao_xin001@hoperun.com> - 0.20.2-5
- Fix CVE-2023-1729
* Thu Jun 3 2021 zhangjiapeng <zhangjiapeng9@huawei.com> - 0.20.2-4
- fix use of uninitialized value
* Sat Dec 5 2020 leiju <leiju4@huawei.com> - 0.20.2-3
- modify Patch0001 name to fix patch parse error
* Fri Dec 4 2020 zhanghua <zhanghua40@huawei.com> - 0.20.2-2
- fix stack buffer overflow in LibRaw_buffer_datastream::gets()
* Tue Dec 1 2020 zhanghua <zhanghua40@huawei.com> - 0.20.2-1
- update to 0.20.2 and fix stack buffer overflow in parse_rollei

50
fix-stack-buffer-overflow-in-LibRaw_buffer_datastream_gets.patch Normal file
View File

@ -0,0 +1,50 @@
From e70ded8b0bc231f7ed3fd5d2e83d61bd18ef5e94 Mon Sep 17 00:00:00 2001
From: Alex Tutubalin <lexa@lexa.ru>
Date: Thu, 3 Dec 2020 12:28:52 +0300
Subject: [PATCH] LibRaw_buffer_datastream: gets() not always returns
0-terminated string
Reverted back parse_rollei change
---
src/libraw_datastream.cpp | 7 +++++--
src/metadata/misc_parsers.cpp | 1 -
2 files changed, 5 insertions(+), 3 deletions(-)
diff --git a/src/libraw_datastream.cpp b/src/libraw_datastream.cpp
index 606e5de7..eaf071ee 100644
--- a/src/libraw_datastream.cpp
+++ b/src/libraw_datastream.cpp
@@ -422,7 +422,7 @@ char *LibRaw_buffer_datastream::gets(char *s, int sz)
psrc = buf + streampos;
pdest = str;
if(streampos >= streamsize) return NULL;
- while ((size_t(psrc - buf) < streamsize) && ((pdest - str) < sz))
+ while ((size_t(psrc - buf) < streamsize) && ((pdest - str) < (sz-1)))
{
*pdest = *psrc;
if (*psrc == '\n')
@@ -432,8 +432,11 @@ char *LibRaw_buffer_datastream::gets(char *s, int sz)
}
if (size_t(psrc - buf) < streamsize)
psrc++;
- if ((pdest - str) < sz)
+ if ((pdest - str) < sz-1)
*(++pdest) = 0;
+ else
+ s[sz - 1] = 0; // ensure trailing zero
+
streampos = psrc - buf;
return s;
}
diff --git a/src/metadata/misc_parsers.cpp b/src/metadata/misc_parsers.cpp
index 4e36e940..7a74c9f1 100644
--- a/src/metadata/misc_parsers.cpp
+++ b/src/metadata/misc_parsers.cpp
@@ -304,7 +304,6 @@ void LibRaw::parse_rollei()
line[0] = 0;
if (!fgets(line, 128, ifp))
break;
- line[127] = 0;
if(!line[0]) break; // zero-length
if ((val = strchr(line, '=')))
*val++ = 0;

20
fix-use-of-uninitialized-value.patch Normal file
View File

@ -0,0 +1,20 @@
diff --git a/src/metadata/sony.cpp b/src/metadata/sony.cpp
index 120340b..2e8dd49 100644
--- a/src/metadata/sony.cpp
+++ b/src/metadata/sony.cpp
@@ -1071,6 +1071,7 @@ void LibRaw::parseSonyMakernotes(
(len >= 196))
{
table_buf = (uchar *)malloc(len);
+ memset(table_buf,0,len);
fread(table_buf, len, 1, ifp);
lid = 0x01 << 2;
@@ -1106,6 +1107,7 @@ void LibRaw::parseSonyMakernotes(
(len >= 227))
{
table_buf = (uchar *)malloc(len);
+ memset(table_buf,0,len);
fread(table_buf, len, 1, ifp);
lid = 0x0;