svn commit: r497122 - in head/graphics/openjpeg: . files
Sunpoet Po-Chuan Hsieh
sunpoet at FreeBSD.org
Fri Mar 29 14:15:25 UTC 2019
Author: sunpoet
Date: Fri Mar 29 14:15:23 2019
New Revision: 497122
URL: https://svnweb.freebsd.org/changeset/ports/497122
Log:
Fix CVE-2018-5727
- Bump PORTREVISION for possible package change
Obtained from: https://github.com/uclouvain/openjpeg/commit/d6b8aed5612e6be6d3a4053867fbd2ae0cb7c8af
Security: 5efd7a93-2dfb-11e9-9549-e980e869c2e9
MFH: 2019Q1
Added:
head/graphics/openjpeg/files/patch-src-lib-openjp2-t1.c (contents, props changed)
Modified:
head/graphics/openjpeg/Makefile
Modified: head/graphics/openjpeg/Makefile
==============================================================================
--- head/graphics/openjpeg/Makefile Fri Mar 29 14:15:18 2019 (r497121)
+++ head/graphics/openjpeg/Makefile Fri Mar 29 14:15:23 2019 (r497122)
@@ -3,8 +3,8 @@
PORTNAME= openjpeg
PORTVERSION= 2.3.0
-PORTREVISION= 3
DISTVERSIONPREFIX= v
+PORTREVISION= 4
CATEGORIES= graphics
MAINTAINER= sunpoet at FreeBSD.org
@@ -18,8 +18,9 @@ LIB_DEPENDS= liblcms2.so:graphics/lcms2 \
libpng.so:graphics/png \
libtiff.so:graphics/tiff
-USE_LDCONFIG= yes
USES= cmake cpe pkgconfig
+
+USE_LDCONFIG= yes
PLIST_SUB= PORTVERSION=${PORTVERSION} VER=${PORTVERSION:R}
Added: head/graphics/openjpeg/files/patch-src-lib-openjp2-t1.c
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/graphics/openjpeg/files/patch-src-lib-openjp2-t1.c Fri Mar 29 14:15:23 2019 (r497122)
@@ -0,0 +1,24 @@
+Obtained from: https://github.com/uclouvain/openjpeg/commit/d6b8aed5612e6be6d3a4053867fbd2ae0cb7c8af
+
+--- src/lib/openjp2/t1.c.orig 2017-10-04 22:23:14 UTC
++++ src/lib/openjp2/t1.c
+@@ -2168,9 +2168,18 @@ OPJ_BOOL opj_t1_encode_cblks(opj_t1_t *t
+ t1->data = tiledp;
+ t1->data_stride = tile_w;
+ if (tccp->qmfbid == 1) {
++ /* Do multiplication on unsigned type, even if the
++ * underlying type is signed, to avoid potential
++ * int overflow on large value (the output will be
++ * incorrect in such situation, but whatever...)
++ * This assumes complement-to-2 signed integer
++ * representation
++ * Fixes https://github.com/uclouvain/openjpeg/issues/1053
++ */
++ OPJ_UINT32* OPJ_RESTRICT tiledp_u = (OPJ_UINT32*) tiledp;
+ for (j = 0; j < cblk_h; ++j) {
+ for (i = 0; i < cblk_w; ++i) {
+- tiledp[tileIndex] *= (1 << T1_NMSEDEC_FRACBITS);
++ tiledp_u[tileIndex] <<= T1_NMSEDEC_FRACBITS;
+ tileIndex++;
+ }
+ tileIndex += tileLineAdvance;
More information about the svn-ports-head
mailing list