Date: Mon, 24 Sep 2018 18:54:18 +0000 (UTC) From: Sunpoet Po-Chuan Hsieh <sunpoet@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r480624 - in head/graphics/openjpeg: . files Message-ID: <201809241854.w8OIsICX066322@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: sunpoet Date: Mon Sep 24 18:54:18 2018 New Revision: 480624 URL: https://svnweb.freebsd.org/changeset/ports/480624 Log: Fix CVE-2018-5785 - Bump PORTREVISION for package change Obtained from: https://github.com/uclouvain/openjpeg/commit/ca16fe55014c57090dd97369256c7657aeb25975 Added: head/graphics/openjpeg/files/patch-src-bin-jp2-convertbmp.c (contents, props changed) Modified: head/graphics/openjpeg/Makefile Modified: head/graphics/openjpeg/Makefile ============================================================================== --- head/graphics/openjpeg/Makefile Mon Sep 24 18:54:04 2018 (r480623) +++ head/graphics/openjpeg/Makefile Mon Sep 24 18:54:18 2018 (r480624) @@ -3,7 +3,7 @@ PORTNAME= openjpeg PORTVERSION= 2.3.0 -PORTREVISION= 1 +PORTREVISION= 2 DISTVERSIONPREFIX= v CATEGORIES= graphics Added: head/graphics/openjpeg/files/patch-src-bin-jp2-convertbmp.c ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/graphics/openjpeg/files/patch-src-bin-jp2-convertbmp.c Mon Sep 24 18:54:18 2018 (r480624) @@ -0,0 +1,51 @@ +Fix CVE-2018-5785 + +Obtained from: https://github.com/uclouvain/openjpeg/commit/ca16fe55014c57090dd97369256c7657aeb25975 + +--- src/bin/jp2/convertbmp.c.orig 2017-10-04 22:23:14 UTC ++++ src/bin/jp2/convertbmp.c +@@ -435,16 +435,31 @@ static OPJ_BOOL bmp_read_info_header(FIL + header->biRedMask |= (OPJ_UINT32)getc(IN) << 16; + header->biRedMask |= (OPJ_UINT32)getc(IN) << 24; + ++ if (!header->biRedMask) { ++ fprintf(stderr, "Error, invalid red mask value %d\n", header->biRedMask); ++ return OPJ_FALSE; ++ } ++ + header->biGreenMask = (OPJ_UINT32)getc(IN); + header->biGreenMask |= (OPJ_UINT32)getc(IN) << 8; + header->biGreenMask |= (OPJ_UINT32)getc(IN) << 16; + header->biGreenMask |= (OPJ_UINT32)getc(IN) << 24; + ++ if (!header->biGreenMask) { ++ fprintf(stderr, "Error, invalid green mask value %d\n", header->biGreenMask); ++ return OPJ_FALSE; ++ } ++ + header->biBlueMask = (OPJ_UINT32)getc(IN); + header->biBlueMask |= (OPJ_UINT32)getc(IN) << 8; + header->biBlueMask |= (OPJ_UINT32)getc(IN) << 16; + header->biBlueMask |= (OPJ_UINT32)getc(IN) << 24; + ++ if (!header->biBlueMask) { ++ fprintf(stderr, "Error, invalid blue mask value %d\n", header->biBlueMask); ++ return OPJ_FALSE; ++ } ++ + header->biAlphaMask = (OPJ_UINT32)getc(IN); + header->biAlphaMask |= (OPJ_UINT32)getc(IN) << 8; + header->biAlphaMask |= (OPJ_UINT32)getc(IN) << 16; +@@ -831,6 +846,12 @@ opj_image_t* bmptoimage(const char *file + bmpmask32toimage(pData, stride, image, 0x00FF0000U, 0x0000FF00U, 0x000000FFU, + 0x00000000U); + } else if (Info_h.biBitCount == 32 && Info_h.biCompression == 3) { /* bitmask */ ++ if ((Info_h.biRedMask == 0U) && (Info_h.biGreenMask == 0U) && ++ (Info_h.biBlueMask == 0U)) { ++ Info_h.biRedMask = 0x00FF0000U; ++ Info_h.biGreenMask = 0x0000FF00U; ++ Info_h.biBlueMask = 0x000000FFU; ++ } + bmpmask32toimage(pData, stride, image, Info_h.biRedMask, Info_h.biGreenMask, + Info_h.biBlueMask, Info_h.biAlphaMask); + } else if (Info_h.biBitCount == 16 && Info_h.biCompression == 0) { /* RGBX */
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201809241854.w8OIsICX066322>