diff options
| author |   Slater, Joseph <joe.slater@windriver.com> | 2020-09-01 14:47:45 -0700 |
|---|---|---|
| committer |   Khem Raj <raj.khem@gmail.com> | 2020-09-01 15:37:45 -0700 |
| commit | 26c103da9fbe39cfed4232fafff2fe4eb9dd238d (patch) | |
| tree | 953c7c2f6c64ba656c596f30e563781acf6af11b /meta-oe/recipes-graphics | |
| parent | 6c43941d116bbb9f0d62ca5376da24ae03eb9eab (diff) | |
| download | meta-openembedded-contrib-26c103da9fbe39cfed4232fafff2fe4eb9dd238d.tar.gz | |
openjpeg: fix CVE-2020-15389
Backport from github meta-xilinx-tools.
Signed-off-by: Joe Slater <joe.slater@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Diffstat (limited to 'meta-oe/recipes-graphics')
| -rw-r--r-- | meta-oe/recipes-graphics/openjpeg/openjpeg/CVE-2020-15389.patch | 51 | ||||
| -rw-r--r-- | meta-oe/recipes-graphics/openjpeg/openjpeg_2.3.1.bb | 1 |
2 files changed, 52 insertions, 0 deletions
diff --git a/meta-oe/recipes-graphics/openjpeg/openjpeg/CVE-2020-15389.patch b/meta-oe/recipes-graphics/openjpeg/openjpeg/CVE-2020-15389.patch new file mode 100644 index 0000000000..f5ce11a27f --- /dev/null +++ b/meta-oe/recipes-graphics/openjpeg/openjpeg/CVE-2020-15389.patch @@ -0,0 +1,51 @@ +From e8e258ab049240c2dd1f1051b4e773b21e2d3dc0 Mon Sep 17 00:00:00 2001 +From: Even Rouault <even.rouault@spatialys.com> +Date: Sun, 28 Jun 2020 14:19:59 +0200 +Subject: [PATCH] opj_decompress: fix double-free on input directory with mix + of valid and invalid images (CVE-2020-15389) + +Fixes #1261 + +Credits to @Ruia-ruia for reporting and analysis. +--- + src/bin/jp2/opj_decompress.c | 8 ++++---- + 1 file changed, 4 insertions(+), 4 deletions(-) + +--- end of original header --- + +CVE: CVE-2020-15389 + +Upstream-Status: Backport [git://github.com/uclouvain/openjpeg.git] + +Signed-off-by: Joe Slater <joe.slater@windriver.com> + +--- +diff --git a/src/bin/jp2/opj_decompress.c b/src/bin/jp2/opj_decompress.c +index 7eeb0952..2634907f 100644 +--- a/src/bin/jp2/opj_decompress.c ++++ b/src/bin/jp2/opj_decompress.c +@@ -1316,10 +1316,6 @@ static opj_image_t* upsample_image_components(opj_image_t* original) + int main(int argc, char **argv) + { + opj_decompress_parameters parameters; /* decompression parameters */ +- opj_image_t* image = NULL; +- opj_stream_t *l_stream = NULL; /* Stream */ +- opj_codec_t* l_codec = NULL; /* Handle to a decompressor */ +- opj_codestream_index_t* cstr_index = NULL; + + OPJ_INT32 num_images, imageno; + img_fol_t img_fol; +@@ -1393,6 +1389,10 @@ int main(int argc, char **argv) + + /*Decoding image one by one*/ + for (imageno = 0; imageno < num_images ; imageno++) { ++ opj_image_t* image = NULL; ++ opj_stream_t *l_stream = NULL; /* Stream */ ++ opj_codec_t* l_codec = NULL; /* Handle to a decompressor */ ++ opj_codestream_index_t* cstr_index = NULL; + + if (!parameters.quiet) { + fprintf(stderr, "\n"); +-- +2.17.1 + diff --git a/meta-oe/recipes-graphics/openjpeg/openjpeg_2.3.1.bb b/meta-oe/recipes-graphics/openjpeg/openjpeg_2.3.1.bb index 42011efa97..a0740a2740 100644 --- a/meta-oe/recipes-graphics/openjpeg/openjpeg_2.3.1.bb +++ b/meta-oe/recipes-graphics/openjpeg/openjpeg_2.3.1.bb @@ -10,6 +10,7 @@ SRC_URI = " \ file://0002-Do-not-ask-cmake-to-export-binaries-they-don-t-make-.patch \ file://CVE-2020-6851.patch \ file://CVE-2020-8112.patch \ + file://CVE-2020-15389.patch \ " SRCREV = "57096325457f96d8cd07bd3af04fe81d7a2ba788" S = "${WORKDIR}/git" |