From 8ddf828a5777feba43430ec113fdcfd61d46a966 Mon Sep 17 00:00:00 2001 From: wangmy Date: Fri, 6 May 2022 22:48:29 +0800 Subject: openjpeg: upgrade 2.4.0 -> 2.5.0 file://0001-This-patch-fixed-include-dir-to-usr-include-.-Obviou.patch file://CVE-2021-29338.patch file://CVE-2022-1122.patch removed since they're included in 2.5.0 Changelog: ========== No API/ABI break compared to v2.4.0, but additional symbols for subset of components decoding (hence the MINOR version bump). Encoder: add support for generation of TLM markers Decoder: add support for high throughput (HTJ2K) decoding. Decoder: add support for partial bitstream decoding Signed-off-by: Wang Mingyu Signed-off-by: Khem Raj --- ...fixed-include-dir-to-usr-include-.-Obviou.patch | 36 ---------- .../openjpeg/openjpeg/CVE-2021-29338.patch | 78 ---------------------- .../openjpeg/openjpeg/CVE-2022-1122.patch | 31 --------- .../recipes-graphics/openjpeg/openjpeg_2.4.0.bb | 25 ------- .../recipes-graphics/openjpeg/openjpeg_2.5.0.bb | 21 ++++++ 5 files changed, 21 insertions(+), 170 deletions(-) delete mode 100644 meta-oe/recipes-graphics/openjpeg/openjpeg/0001-This-patch-fixed-include-dir-to-usr-include-.-Obviou.patch delete mode 100644 meta-oe/recipes-graphics/openjpeg/openjpeg/CVE-2021-29338.patch delete mode 100644 meta-oe/recipes-graphics/openjpeg/openjpeg/CVE-2022-1122.patch delete mode 100644 meta-oe/recipes-graphics/openjpeg/openjpeg_2.4.0.bb create mode 100644 meta-oe/recipes-graphics/openjpeg/openjpeg_2.5.0.bb (limited to 'meta-oe/recipes-graphics') diff --git a/meta-oe/recipes-graphics/openjpeg/openjpeg/0001-This-patch-fixed-include-dir-to-usr-include-.-Obviou.patch b/meta-oe/recipes-graphics/openjpeg/openjpeg/0001-This-patch-fixed-include-dir-to-usr-include-.-Obviou.patch deleted file mode 100644 index 663f499df6..0000000000 --- a/meta-oe/recipes-graphics/openjpeg/openjpeg/0001-This-patch-fixed-include-dir-to-usr-include-.-Obviou.patch +++ /dev/null @@ -1,36 +0,0 @@ -From 3e4fe4c42d4d63c36df966baea87da6fbc032553 Mon Sep 17 00:00:00 2001 -From: Lei Maohui -Date: Thu, 7 Jan 2021 16:05:28 +0900 -Subject: [PATCH] This patch fixed include dir to /usr/include/. Obviously, it - is not suitble for cross-compile. So, removed this patch temporarily. -https://github.com/uclouvain/openjpeg/issues/1174 - -Upsteam-Status: Pending -https://github.com/uclouvain/openjpeg/issues/1320 - -Signed-off-by: Lei Maohui ---- - cmake/OpenJPEGConfig.cmake.in | 6 +++++- - 1 file changed, 5 insertions(+), 1 deletion(-) - -diff --git a/cmake/OpenJPEGConfig.cmake.in b/cmake/OpenJPEGConfig.cmake.in -index 8a726697..2925108a 100644 ---- a/cmake/OpenJPEGConfig.cmake.in -+++ b/cmake/OpenJPEGConfig.cmake.in -@@ -27,8 +27,12 @@ if(EXISTS ${SELF_DIR}/OpenJPEGTargets.cmake) - # This is an install tree - include(${SELF_DIR}/OpenJPEGTargets.cmake) - -+ # We find a relative path from the PKG directory to header files. -+ set(PKG_DIR "@CMAKE_INSTALL_PREFIX@/@OPENJPEG_INSTALL_PACKAGE_DIR@") - set(INC_DIR "@CMAKE_INSTALL_PREFIX@/@OPENJPEG_INSTALL_INCLUDE_DIR@") -- get_filename_component(OPENJPEG_INCLUDE_DIRS "${INC_DIR}" ABSOLUTE) -+ file(RELATIVE_PATH PKG_TO_INC_RPATH "${PKG_DIR}" "${INC_DIR}") -+ -+ get_filename_component(OPENJPEG_INCLUDE_DIRS "${SELF_DIR}/${PKG_TO_INC_RPATH}" ABSOLUTE) - - else() - if(EXISTS ${SELF_DIR}/OpenJPEGExports.cmake) --- -2.25.1 - diff --git a/meta-oe/recipes-graphics/openjpeg/openjpeg/CVE-2021-29338.patch b/meta-oe/recipes-graphics/openjpeg/openjpeg/CVE-2021-29338.patch deleted file mode 100644 index a7c2bb4f38..0000000000 --- a/meta-oe/recipes-graphics/openjpeg/openjpeg/CVE-2021-29338.patch +++ /dev/null @@ -1,78 +0,0 @@ -Upstream-Status: Backport [https://github.com/uclouvain/openjpeg/pull/1395/commits/f0727df] -CVE: CVE-2021-29338 - -Signed-off-by: Kai Kang - -From f0727df07c4d944d7d1c5002451cfbc9545d3288 Mon Sep 17 00:00:00 2001 -From: Brad Parham -Date: Wed, 12 Jan 2022 12:20:28 +0100 -Subject: [PATCH] Fix integer overflow in num_images - -Includes the fix for CVE-2021-29338 -Credit to @kaniini based on #1346 -Fixes #1338 ---- - src/bin/jp2/opj_compress.c | 4 ++-- - src/bin/jp2/opj_decompress.c | 5 ++--- - src/bin/jp2/opj_dump.c | 7 ++++--- - 3 files changed, 8 insertions(+), 8 deletions(-) - -diff --git a/src/bin/jp2/opj_compress.c b/src/bin/jp2/opj_compress.c -index 8c71d4536..1399d5277 100644 ---- a/src/bin/jp2/opj_compress.c -+++ b/src/bin/jp2/opj_compress.c -@@ -1959,9 +1959,9 @@ int main(int argc, char **argv) - num_images = get_num_images(img_fol.imgdirpath); - dirptr = (dircnt_t*)malloc(sizeof(dircnt_t)); - if (dirptr) { -- dirptr->filename_buf = (char*)malloc(num_images * OPJ_PATH_LEN * sizeof( -+ dirptr->filename_buf = (char*)calloc(num_images, OPJ_PATH_LEN * sizeof( - char)); /* Stores at max 10 image file names*/ -- dirptr->filename = (char**) malloc(num_images * sizeof(char*)); -+ dirptr->filename = (char**) calloc(num_images, sizeof(char*)); - if (!dirptr->filename_buf) { - ret = 0; - goto fin; -diff --git a/src/bin/jp2/opj_decompress.c b/src/bin/jp2/opj_decompress.c -index fc0012b63..e1217f891 100644 ---- a/src/bin/jp2/opj_decompress.c -+++ b/src/bin/jp2/opj_decompress.c -@@ -1374,14 +1374,13 @@ int main(int argc, char **argv) - return EXIT_FAILURE; - } - /* Stores at max 10 image file names */ -- dirptr->filename_buf = (char*)malloc(sizeof(char) * -- (size_t)num_images * OPJ_PATH_LEN); -+ dirptr->filename_buf = calloc((size_t) num_images, sizeof(char) * OPJ_PATH_LEN); - if (!dirptr->filename_buf) { - failed = 1; - goto fin; - } - -- dirptr->filename = (char**) malloc((size_t)num_images * sizeof(char*)); -+ dirptr->filename = (char**) calloc((size_t) num_images, sizeof(char*)); - - if (!dirptr->filename) { - failed = 1; -diff --git a/src/bin/jp2/opj_dump.c b/src/bin/jp2/opj_dump.c -index 6111d2ab6..d2646f10e 100644 ---- a/src/bin/jp2/opj_dump.c -+++ b/src/bin/jp2/opj_dump.c -@@ -515,13 +515,14 @@ int main(int argc, char *argv[]) - if (!dirptr) { - return EXIT_FAILURE; - } -- dirptr->filename_buf = (char*)malloc((size_t)num_images * OPJ_PATH_LEN * sizeof( -- char)); /* Stores at max 10 image file names*/ -+ /* Stores at max 10 image file names*/ -+ dirptr->filename_buf = (char*) calloc((size_t) num_images, -+ OPJ_PATH_LEN * sizeof(char)); - if (!dirptr->filename_buf) { - free(dirptr); - return EXIT_FAILURE; - } -- dirptr->filename = (char**) malloc((size_t)num_images * sizeof(char*)); -+ dirptr->filename = (char**) calloc((size_t) num_images, sizeof(char*)); - - if (!dirptr->filename) { - goto fails; diff --git a/meta-oe/recipes-graphics/openjpeg/openjpeg/CVE-2022-1122.patch b/meta-oe/recipes-graphics/openjpeg/openjpeg/CVE-2022-1122.patch deleted file mode 100644 index 8aa9c15e33..0000000000 --- a/meta-oe/recipes-graphics/openjpeg/openjpeg/CVE-2022-1122.patch +++ /dev/null @@ -1,31 +0,0 @@ -Upstream-Status: Backport [https://github.com/uclouvain/openjpeg/commit/0afbdcf3e6d0d2bd2e16a0c4d513ee3cf86e460d] -CVE: CVE-2022-1122 - -While this patch improves things re-CVE-2022-1122, the defect is undergoing re-analysis and there may be follow-up commits. - -From 0afbdcf3e6d0d2bd2e16a0c4d513ee3cf86e460d Mon Sep 17 00:00:00 2001 -From: xiaoxiaoafeifei -Date: Wed, 14 Jul 2021 09:35:13 +0800 -Subject: [PATCH] Fix segfault in src/bin/jp2/opj_decompress.c due to - uninitialized pointer (fixes #1368) (#1369) - ---- - src/bin/jp2/opj_decompress.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/src/bin/jp2/opj_decompress.c b/src/bin/jp2/opj_decompress.c -index 0e028735..18ead672 100644 ---- a/src/bin/jp2/opj_decompress.c -+++ b/src/bin/jp2/opj_decompress.c -@@ -1356,7 +1356,7 @@ int main(int argc, char **argv) - int it_image; - num_images = get_num_images(img_fol.imgdirpath); - -- dirptr = (dircnt_t*)malloc(sizeof(dircnt_t)); -+ dirptr = (dircnt_t*)calloc(1, sizeof(dircnt_t)); - if (!dirptr) { - destroy_parameters(¶meters); - return EXIT_FAILURE; --- -2.25.1 - diff --git a/meta-oe/recipes-graphics/openjpeg/openjpeg_2.4.0.bb b/meta-oe/recipes-graphics/openjpeg/openjpeg_2.4.0.bb deleted file mode 100644 index f248619ec8..0000000000 --- a/meta-oe/recipes-graphics/openjpeg/openjpeg_2.4.0.bb +++ /dev/null @@ -1,25 +0,0 @@ -DESCRIPTION = "OpenJPEG library is an open-source JPEG 2000 codec" -HOMEPAGE = "http://www.openjpeg.org" -LICENSE = "BSD-2-Clause" -LIC_FILES_CHKSUM = "file://LICENSE;md5=c648878b4840d7babaade1303e7f108c" - -DEPENDS = "libpng tiff lcms zlib" - -SRC_URI = " \ - git://github.com/uclouvain/openjpeg.git;branch=master;protocol=https \ - file://0002-Do-not-ask-cmake-to-export-binaries-they-don-t-make-.patch \ - file://0001-This-patch-fixed-include-dir-to-usr-include-.-Obviou.patch \ - file://CVE-2021-29338.patch \ - file://CVE-2022-1122.patch \ -" -SRCREV = "37ac30ceff6640bbab502388c5e0fa0bff23f505" -S = "${WORKDIR}/git" - -inherit cmake - -# for multilib -EXTRA_OECMAKE += "-DOPENJPEG_INSTALL_LIB_DIR=${@d.getVar('baselib').replace('/', '')}" - -FILES:${PN} += "${libdir}/openjpeg*" - -BBCLASSEXTEND = "native nativesdk" diff --git a/meta-oe/recipes-graphics/openjpeg/openjpeg_2.5.0.bb b/meta-oe/recipes-graphics/openjpeg/openjpeg_2.5.0.bb new file mode 100644 index 0000000000..c71e535649 --- /dev/null +++ b/meta-oe/recipes-graphics/openjpeg/openjpeg_2.5.0.bb @@ -0,0 +1,21 @@ +DESCRIPTION = "OpenJPEG library is an open-source JPEG 2000 codec" +HOMEPAGE = "http://www.openjpeg.org" +LICENSE = "BSD-2-Clause" +LIC_FILES_CHKSUM = "file://LICENSE;md5=c648878b4840d7babaade1303e7f108c" + +DEPENDS = "libpng tiff lcms zlib" + +SRC_URI = "git://github.com/uclouvain/openjpeg.git;branch=master;protocol=https \ + file://0002-Do-not-ask-cmake-to-export-binaries-they-don-t-make-.patch \ + " +SRCREV = "a5891555eb49ed7cc26b2901ea680acda136d811" +S = "${WORKDIR}/git" + +inherit cmake + +# for multilib +EXTRA_OECMAKE += "-DOPENJPEG_INSTALL_LIB_DIR=${@d.getVar('baselib').replace('/', '')}" + +FILES:${PN} += "${libdir}/openjpeg*" + +BBCLASSEXTEND = "native nativesdk" -- cgit 1.2.3-korg