packages/LibRaw
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: packages:2c0fee8d8eab0632b49cee177cf0b64efaeb86ed
Branches Tags
packages:main
..
compare: packages:28f3f52fb7d59ae6ba31ba988999979cf2d87d61
Branches Tags
packages:main

No commits in common. "2c0fee8d8eab0632b49cee177cf0b64efaeb86ed" and "28f3f52fb7d59ae6ba31ba988999979cf2d87d61" have entirely different histories.
2c0fee8d8e ... 28f3f52fb7

5 changed files with 2 additions and 151 deletions
Show Stats Expand all files Collapse all files

37
CVE-2021-32142.patch
View File

@ -1,37 +0,0 @@
From bc3aaf4223fdb70d52d470dae65c5a7923ea2a49 Mon Sep 17 00:00:00 2001
From: Alex Tutubalin <lexa@lexa.ru>
Date: Mon, 12 Apr 2021 13:21:52 +0300
Subject: [PATCH] check for input buffer size on datastream::gets
---
src/libraw_datastream.cpp | 3 +++
1 file changed, 3 insertions(+)
diff --git a/src/libraw_datastream.cpp b/src/libraw_datastream.cpp
index a5c1a84a..a31ae9dd 100644
--- a/src/libraw_datastream.cpp
+++ b/src/libraw_datastream.cpp
@@ -287,6 +287,7 @@ INT64 LibRaw_file_datastream::tell()
char *LibRaw_file_datastream::gets(char *str, int sz)
{
+ if(sz<1) return NULL;
LR_STREAM_CHK();
std::istream is(f.get());
is.getline(str, sz);
@@ -421,6 +422,7 @@ INT64 LibRaw_buffer_datastream::tell()
char *LibRaw_buffer_datastream::gets(char *s, int sz)
{
+ if(sz<1) return NULL;
unsigned char *psrc, *pdest, *str;
str = (unsigned char *)s;
psrc = buf + streampos;
@@ -618,6 +620,7 @@ INT64 LibRaw_bigfile_datastream::tell()
char *LibRaw_bigfile_datastream::gets(char *str, int sz)
{
+ if(sz<1) return NULL;
LR_BF_CHK();
return fgets(str, sz, f);
}

22
CVE-2023-1729.patch
View File

@ -1,22 +0,0 @@
From 9ab70f6dca19229cb5caad7cc31af4e7501bac93 Mon Sep 17 00:00:00 2001
From: Alex Tutubalin <lexa@lexa.ru>
Date: Sat, 14 Jan 2023 18:32:59 +0300
Subject: [PATCH] do not set shrink flag for 3/4 component images
---
src/preprocessing/raw2image.cpp | 2 ++
1 file changed, 2 insertions(+)
diff --git a/src/preprocessing/raw2image.cpp b/src/preprocessing/raw2image.cpp
index e65e2ad7..702cf290 100644
--- a/src/preprocessing/raw2image.cpp
+++ b/src/preprocessing/raw2image.cpp
@@ -43,6 +43,8 @@ void LibRaw::raw2image_start()
// adjust for half mode!
IO.shrink =
+ !imgdata.rawdata.color4_image && !imgdata.rawdata.color3_image &&
+ !imgdata.rawdata.float4_image && !imgdata.rawdata.float3_image &&
P1.filters &&
(O.half_size || ((O.threshold || O.aber[0] != 1 || O.aber[2] != 1)));

24
LibRaw.spec
View File

@ -1,16 +1,11 @@
Name: LibRaw Name: LibRaw
Version: 0.20.2 Version: 0.20.2
Release: 6 Release: 1
Summary: Library for reading RAW files obtained from digital photo cameras Summary: Library for reading RAW files obtained from digital photo cameras
License: BSD and (CDDL-1.0 or LGPLv2) License: BSD and (CDDL or LGPLv2)
URL: http://www.libraw.org URL: http://www.libraw.org
Source0: http://github.com/LibRaw/LibRaw/archive/%{version}.tar.gz Source0: http://github.com/LibRaw/LibRaw/archive/%{version}.tar.gz
Patch0000: prevent-buffer-overrun-in-parse_rollei.patch Patch0000: prevent-buffer-overrun-in-parse_rollei.patch
Patch0001: fix-stack-buffer-overflow-in-LibRaw_buffer_datastream_gets.patch
Patch0002: fix-use-of-uninitialized-value.patch
Patch0003: CVE-2023-1729.patch
# https://github.com/LibRaw/LibRaw/commit/bc3aaf4223fdb70d52d470dae65c5a7923ea2a49
Patch0004: CVE-2021-32142.patch
BuildRequires: gcc-c++ pkgconfig(lcms2) pkgconfig(libjpeg) BuildRequires: gcc-c++ pkgconfig(lcms2) pkgconfig(libjpeg)
BuildRequires: autoconf automake libtool BuildRequires: autoconf automake libtool
Provides: bundled(dcraw) = 9.25 Provides: bundled(dcraw) = 9.25
@ -71,21 +66,6 @@ rm -rfv samples/.deps samples/.dirstamp samples/*.o
%exclude %{_docdir}/libraw/* %exclude %{_docdir}/libraw/*
%changelog %changelog
* Tue Mar 26 2024 yaoxin <yao_xin001@hoperun.com> - 0.20.2-6
- Fix CVE-2021-32142
* Mon May 15 2023 yaoxin <yao_xin001@hoperun.com> - 0.20.2-5
- Fix CVE-2023-1729
* Thu Jun 3 2021 zhangjiapeng <zhangjiapeng9@huawei.com> - 0.20.2-4
- fix use of uninitialized value
* Sat Dec 5 2020 leiju <leiju4@huawei.com> - 0.20.2-3
- modify Patch0001 name to fix patch parse error
* Fri Dec 4 2020 zhanghua <zhanghua40@huawei.com> - 0.20.2-2
- fix stack buffer overflow in LibRaw_buffer_datastream::gets()
* Tue Dec 1 2020 zhanghua <zhanghua40@huawei.com> - 0.20.2-1 * Tue Dec 1 2020 zhanghua <zhanghua40@huawei.com> - 0.20.2-1
- update to 0.20.2 and fix stack buffer overflow in parse_rollei - update to 0.20.2 and fix stack buffer overflow in parse_rollei

50
fix-stack-buffer-overflow-in-LibRaw_buffer_datastream_gets.patch
View File

@ -1,50 +0,0 @@
From e70ded8b0bc231f7ed3fd5d2e83d61bd18ef5e94 Mon Sep 17 00:00:00 2001
From: Alex Tutubalin <lexa@lexa.ru>
Date: Thu, 3 Dec 2020 12:28:52 +0300
Subject: [PATCH] LibRaw_buffer_datastream: gets() not always returns
0-terminated string
Reverted back parse_rollei change
---
src/libraw_datastream.cpp | 7 +++++--
src/metadata/misc_parsers.cpp | 1 -
2 files changed, 5 insertions(+), 3 deletions(-)
diff --git a/src/libraw_datastream.cpp b/src/libraw_datastream.cpp
index 606e5de7..eaf071ee 100644
--- a/src/libraw_datastream.cpp
+++ b/src/libraw_datastream.cpp
@@ -422,7 +422,7 @@ char *LibRaw_buffer_datastream::gets(char *s, int sz)
psrc = buf + streampos;
pdest = str;
if(streampos >= streamsize) return NULL;
- while ((size_t(psrc - buf) < streamsize) && ((pdest - str) < sz))
+ while ((size_t(psrc - buf) < streamsize) && ((pdest - str) < (sz-1)))
{
*pdest = *psrc;
if (*psrc == '\n')
@@ -432,8 +432,11 @@ char *LibRaw_buffer_datastream::gets(char *s, int sz)
}
if (size_t(psrc - buf) < streamsize)
psrc++;
- if ((pdest - str) < sz)
+ if ((pdest - str) < sz-1)
*(++pdest) = 0;
+ else
+ s[sz - 1] = 0; // ensure trailing zero
+
streampos = psrc - buf;
return s;
}
diff --git a/src/metadata/misc_parsers.cpp b/src/metadata/misc_parsers.cpp
index 4e36e940..7a74c9f1 100644
--- a/src/metadata/misc_parsers.cpp
+++ b/src/metadata/misc_parsers.cpp
@@ -304,7 +304,6 @@ void LibRaw::parse_rollei()
line[0] = 0;
if (!fgets(line, 128, ifp))
break;
- line[127] = 0;
if(!line[0]) break; // zero-length
if ((val = strchr(line, '=')))
*val++ = 0;

20
fix-use-of-uninitialized-value.patch
View File

@ -1,20 +0,0 @@
diff --git a/src/metadata/sony.cpp b/src/metadata/sony.cpp
index 120340b..2e8dd49 100644
--- a/src/metadata/sony.cpp
+++ b/src/metadata/sony.cpp
@@ -1071,6 +1071,7 @@ void LibRaw::parseSonyMakernotes(
(len >= 196))
{
table_buf = (uchar *)malloc(len);
+ memset(table_buf,0,len);
fread(table_buf, len, 1, ifp);
lid = 0x01 << 2;
@@ -1106,6 +1107,7 @@ void LibRaw::parseSonyMakernotes(
(len >= 227))
{
table_buf = (uchar *)malloc(len);
+ memset(table_buf,0,len);
fread(table_buf, len, 1, ifp);
lid = 0x0;