pkgsrc-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
CVS commit: pkgsrc/graphics/libjpeg-turbo
Module Name: pkgsrc
Committed By: adam
Date: Sun Apr 12 06:17:06 UTC 2020
Modified Files:
pkgsrc/graphics/libjpeg-turbo: Makefile PLIST distinfo
Added Files:
pkgsrc/graphics/libjpeg-turbo/patches: patch-simd_arm_jsimd.c
Removed Files:
pkgsrc/graphics/libjpeg-turbo/patches: patch-aa patch-configure
patch-simd_jsimd__arm.c
Log Message:
libjpeg-turbo: updated to 2.0.4
2.0.4
Fixed a regression in the Windows packaging system (introduced by 2.0 beta1[2]) whereby, if both the 64-bit libjpeg-turbo SDK for GCC and the 64-bit libjpeg-turbo SDK for Visual C++ were installed on
the same system, only one of them could be uninstalled.
Fixed a signed integer overflow and subsequent segfault that occurred when attempting to decompress images with more than 715827882 pixels using the 64-bit C version of TJBench.
Fixed out-of-bounds write in tjDecompressToYUV2() and tjDecompressToYUVPlanes() (sometimes manifesting as a double free) that occurred when attempting to decompress grayscale JPEG images that were
compressed with a sampling factor other than 1 (for instance, with cjpeg -grayscale -sample 2x2).
Fixed a regression introduced by 2.0.2[5] that caused the TurboJPEG API to incorrectly identify some JPEG images with unusual sampling factors as 4:4:4 JPEG images. This was known to cause a buffer
overflow when attempting to decompress some such images using tjDecompressToYUV2() or tjDecompressToYUVPlanes().
Fixed an issue, detected by ASan, whereby attempting to losslessly transform a specially-crafted malformed JPEG image containing an extremely-high-frequency coefficient block (junk image data that
could never be generated by a legitimate JPEG compressor) could cause the Huffman encoder's local buffer to be overrun. (Refer to 1.4.0[9] and 1.4beta1[15].) Given that the buffer overrun was fully
contained within the stack and did not cause a segfault or other user-visible errant behavior, and given that the lossless transformer (unlike the decompressor) is not generally exposed to arbitrary
data exploits, this issue did not likely pose a security risk.
The ARM 64-bit (ARMv8) NEON SIMD assembly code now stores constants in a separate read-only data section rather than in the text section, to support execute-only memory layouts.
2.0.3
Fixed "using JNI after critical get" errors that occurred on Android platforms when passing invalid arguments to certain methods in the TurboJPEG Java API.
Fixed a regression in the SIMD feature detection code, introduced by the AVX2 SIMD extensions (2.0 beta1[1]), that was known to cause an illegal instruction exception, in rare cases, on CPUs that
lack support for CPUID leaf 07H (or on which the maximum CPUID leaf has been limited by way of a BIOS setting.)
The 4:4:0 (h1v2) fancy (smooth) chroma upsampling algorithm in the decompressor now uses a similar bias pattern to that of the 4:2:2 (h2v1) fancy chroma upsampling algorithm, rounding up or down the
upsampled result for alternate pixels rather than always rounding down. This ensures that, regardless of whether a 4:2:2 JPEG image is rotated or transposed prior to decompression (in the frequency
domain) or after decompression (in the spatial domain), the final image will be similar.
Fixed an integer overflow and subsequent segfault that occurred when attempting to compress or decompress images with more than 1 billion pixels using the TurboJPEG API.
Fixed a regression introduced by 2.0 beta1[15] whereby attempting to generate a progressive JPEG image on an SSE2-capable CPU using a scan script containing one or more scans with lengths divisible
by 16 would result in an error ("Missing Huffman code table entry") and an invalid JPEG image.
Fixed an issue whereby tjDecodeYUV() and tjDecodeYUVPlanes() would throw an error ("Invalid progressive parameters") or a warning ("Inconsistent progression sequence") if passed a TurboJPEG instance
that was previously used to decompress a progressive JPEG image.
2.0.2
Fixed a regression introduced by 2.0.1[5] that prevented a runtime search path (rpath) from being embedded in the libjpeg-turbo shared libraries and executables for macOS and iOS. This caused a fatal
error of the form "dyld: Library not loaded" when attempting to use one of the executables, unless DYLD_LIBRARY_PATH was explicitly set to the location of the libjpeg-turbo shared libraries.
Fixed an integer overflow and subsequent segfault (CVE-2018-20330) that occurred when attempting to load a BMP file with more than 1 billion pixels using the tjLoadImage() function.
Fixed a buffer overrun (CVE-2018-19664) that occurred when attempting to decompress a specially-crafted malformed JPEG image to a 256-color BMP using djpeg.
Fixed a floating point exception that occurred when attempting to decompress a specially-crafted malformed JPEG image with a specified image width or height of 0 using the C version of TJBench.
The TurboJPEG API will now decompress 4:4:4 JPEG images with 2x1, 1x2, 3x1, or 1x3 luminance and chrominance sampling factors. This is a non-standard way of specifying 1x subsampling (normally 4:4:4
JPEGs have 1x1 luminance and chrominance sampling factors), but the JPEG format and the libjpeg API both allow it.
Fixed a regression introduced by 2.0 beta1[7] that caused djpeg to generate incorrect PPM images when used with the -colors option.
Fixed an issue whereby a static build of libjpeg-turbo (a build in which ENABLE_SHARED is 0) could not be installed using the Visual Studio IDE.
Fixed a severe performance issue in the Loongson MMI SIMD extensions that occurred when compressing RGB images whose image rows were not 64-bit-aligned.
2.0.1
Fixed a regression introduced with the new CMake-based Un*x build system, whereby jconfig.h could cause compiler warnings of the form "HAVE_*_H" redefined if it was included by downstream
Autotools-based projects that used AC_CHECK_HEADERS() to check for the existence of locale.h, stddef.h, or stdlib.h.
The jsimd_quantize_float_dspr2() and jsimd_convsamp_float_dspr2() functions in the MIPS DSPr2 SIMD extensions are now disabled at compile time if the soft float ABI is enabled. Those functions use
instructions that are incompatible with the soft float ABI.
Fixed a regression in the SIMD feature detection code, introduced by the AVX2 SIMD extensions (2.0 beta1[1]), that caused libjpeg-turbo to crash on Windows 7 if Service Pack 1 was not installed.
Fixed out-of-bounds read in cjpeg that occurred when attempting to compress a specially-crafted malformed color-index (8-bit-per-sample) Targa file in which some of the samples (color indices)
exceeded the bounds of the Targa file's color table.
Fixed an issue whereby installing a fully static build of libjpeg-turbo (a build in which CFLAGS contains -static and ENABLE_SHARED is 0) would fail with "No valid ELF RPATH or RUNPATH entry exists
in the file."
2.0.0
The TurboJPEG API can now decompress CMYK JPEG images that have subsampled M and Y components (not to be confused with YCCK JPEG images, in which the C/M/Y components have been transformed into luma
and chroma.) Previously, an error was generated ("Could not determine subsampling type for JPEG image") when such an image was passed to tjDecompressHeader3(), tjTransform(),
tjDecompressToYUVPlanes(), tjDecompressToYUV2(), or the equivalent Java methods.
Fixed an issue (CVE-2018-11813) whereby a specially-crafted malformed input file (specifically, a file with a valid Targa header but incomplete pixel data) would cause cjpeg to generate a JPEG file
that was potentially thousands of times larger than the input file. The Targa reader in cjpeg was not properly detecting that the end of the input file had been reached prematurely, so after all
valid pixels had been read from the input, the reader injected dummy pixels with values of 255 into the JPEG compressor until the number of pixels specified in the Targa header had been compressed.
The Targa reader in cjpeg now behaves like the PPM reader and aborts compression if the end of the input file is reached prematurely. Because this issue only affected cjpeg and not the underlying
library, and because it did not involve any out-of-bounds reads or other exploitable behaviors, it was not believed to represent a security threat.
Fixed an issue whereby the tjLoadImage() and tjSaveImage() functions would produce a "Bogus message code" error message if the underlying bitmap and PPM readers/writers threw an error that was
specific to the readers/writers (as opposed to a general libjpeg API error.)
Fixed an issue (CVE-2018-1152) whereby a specially-crafted malformed BMP file, one in which the header specified an image width of 1073741824 pixels, would trigger a floating point exception
(division by zero) in the tjLoadImage() function when attempting to load the BMP file into a 4-component image buffer.
Fixed an issue whereby certain combinations of calls to jpeg_skip_scanlines() and jpeg_read_scanlines() could trigger an infinite loop when decompressing progressive JPEG images that use vertical
chroma subsampling (for instance, 4:2:0 or 4:4:0.)
Fixed a segfault in jpeg_skip_scanlines() that occurred when decompressing a 4:2:2 or 4:2:0 JPEG image using the merged (non-fancy) upsampling algorithms (that is, when setting
cinfo.do_fancy_upsampling to FALSE.)
The new CMake-based build system will now disable the MIPS DSPr2 SIMD extensions if it detects that the compiler does not support DSPr2 instructions.
Fixed out-of-bounds read in cjpeg (CVE-2018-14498) that occurred when attempting to compress a specially-crafted malformed color-index (8-bit-per-sample) BMP file in which some of the samples (color
indices) exceeded the bounds of the BMP file's color table.
Fixed a signed integer overflow in the progressive Huffman decoder, detected by the Clang and GCC undefined behavior sanitizers, that could be triggered by attempting to decompress a
specially-crafted malformed JPEG image. This issue did not pose a security threat, but removing the warning made it easier to detect actual security issues, should they arise in the future.
To generate a diff of this commit:
cvs rdiff -u -r1.18 -r1.19 pkgsrc/graphics/libjpeg-turbo/Makefile
cvs rdiff -u -r1.5 -r1.6 pkgsrc/graphics/libjpeg-turbo/PLIST
cvs rdiff -u -r1.12 -r1.13 pkgsrc/graphics/libjpeg-turbo/distinfo
cvs rdiff -u -r1.6 -r0 pkgsrc/graphics/libjpeg-turbo/patches/patch-aa
cvs rdiff -u -r1.3 -r0 pkgsrc/graphics/libjpeg-turbo/patches/patch-configure
cvs rdiff -u -r0 -r1.1 \
pkgsrc/graphics/libjpeg-turbo/patches/patch-simd_arm_jsimd.c
cvs rdiff -u -r1.2 -r0 \
pkgsrc/graphics/libjpeg-turbo/patches/patch-simd_jsimd__arm.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: pkgsrc/graphics/libjpeg-turbo/Makefile
diff -u pkgsrc/graphics/libjpeg-turbo/Makefile:1.18 pkgsrc/graphics/libjpeg-turbo/Makefile:1.19
--- pkgsrc/graphics/libjpeg-turbo/Makefile:1.18 Fri Mar 13 17:55:33 2020
+++ pkgsrc/graphics/libjpeg-turbo/Makefile Sun Apr 12 06:17:06 2020
@@ -1,11 +1,11 @@
-# $NetBSD: Makefile,v 1.18 2020/03/13 17:55:33 tnn Exp $
+# $NetBSD: Makefile,v 1.19 2020/04/12 06:17:06 adam Exp $
-DISTNAME= libjpeg-turbo-1.5.3
+DISTNAME= libjpeg-turbo-2.0.4
CATEGORIES= graphics
MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=libjpeg-turbo/}
MAINTAINER= dsainty%NetBSD.org@localhost
-HOMEPAGE= https://libjpeg-turbo.virtualgl.org/
+HOMEPAGE= https://libjpeg-turbo.org/
COMMENT= Accelerated libjpeg with SIMD instructions
LICENSE= gnu-lgpl-v2 # OR wxWindows Library Licence, Version 3.1
@@ -18,16 +18,16 @@ CONFLICTS= jpeg-[0-9]*
BUILD_DEPENDS+= nasm-[0-9]*:../../devel/nasm
.endif
-GNU_CONFIGURE= yes
+USE_CMAKE= yes
+USE_LANGUAGES= c c++
+PKGCONFIG_OVERRIDE= release/libturbojpeg.pc.in release/libjpeg.pc.in
+TEST_ENV+= LD_LIBRARY_PATH=${WRKSRC}
+TEST_TARGET= test
+
# Ask for compatibility with jpeg 8, to get the highest ABI that
# libjpeg-turbo supports.
-CONFIGURE_ARGS+= --with-jpeg8
-USE_LIBTOOL= yes
-USE_LANGUAGES= c c++
+CMAKE_ARGS+= -DWITH_JPEG8=ON
CHECK_PORTABILITY_SKIP+= release/makemacpkg.in
-PKGCONFIG_OVERRIDE= release/libturbojpeg.pc.in release/libjpeg.pc.in
-
-TEST_TARGET= test
.include "../../mk/bsd.pkg.mk"
Index: pkgsrc/graphics/libjpeg-turbo/PLIST
diff -u pkgsrc/graphics/libjpeg-turbo/PLIST:1.5 pkgsrc/graphics/libjpeg-turbo/PLIST:1.6
--- pkgsrc/graphics/libjpeg-turbo/PLIST:1.5 Tue Jun 14 12:07:57 2016
+++ pkgsrc/graphics/libjpeg-turbo/PLIST Sun Apr 12 06:17:06 2020
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.5 2016/06/14 12:07:57 wiz Exp $
+@comment $NetBSD: PLIST,v 1.6 2020/04/12 06:17:06 adam Exp $
bin/cjpeg
bin/djpeg
bin/jpegtran
@@ -10,8 +10,14 @@ include/jerror.h
include/jmorecfg.h
include/jpeglib.h
include/turbojpeg.h
-lib/libjpeg.la
-lib/libturbojpeg.la
+lib/libjpeg.a
+lib/libjpeg.so
+lib/libjpeg.so.8
+lib/libjpeg.so.8.2.2
+lib/libturbojpeg.a
+lib/libturbojpeg.so
+lib/libturbojpeg.so.0
+lib/libturbojpeg.so.0.2.0
lib/pkgconfig/libjpeg.pc
lib/pkgconfig/libturbojpeg.pc
man/man1/cjpeg.1
@@ -22,8 +28,9 @@ man/man1/wrjpgcom.1
share/doc/libjpeg-turbo/LICENSE.md
share/doc/libjpeg-turbo/README.ijg
share/doc/libjpeg-turbo/README.md
-share/doc/libjpeg-turbo/example.c
+share/doc/libjpeg-turbo/example.txt
share/doc/libjpeg-turbo/libjpeg.txt
share/doc/libjpeg-turbo/structure.txt
+share/doc/libjpeg-turbo/tjexample.c
share/doc/libjpeg-turbo/usage.txt
share/doc/libjpeg-turbo/wizard.txt
Index: pkgsrc/graphics/libjpeg-turbo/distinfo
diff -u pkgsrc/graphics/libjpeg-turbo/distinfo:1.12 pkgsrc/graphics/libjpeg-turbo/distinfo:1.13
--- pkgsrc/graphics/libjpeg-turbo/distinfo:1.12 Mon Aug 13 20:50:59 2018
+++ pkgsrc/graphics/libjpeg-turbo/distinfo Sun Apr 12 06:17:06 2020
@@ -1,10 +1,8 @@
-$NetBSD: distinfo,v 1.12 2018/08/13 20:50:59 gdt Exp $
+$NetBSD: distinfo,v 1.13 2020/04/12 06:17:06 adam Exp $
-SHA1 (libjpeg-turbo-1.5.3.tar.gz) = 87ebf4cab2bb27fcb8e7ccb18ec4eb680e1f2c2d
-RMD160 (libjpeg-turbo-1.5.3.tar.gz) = 95d377ecef8ea830a1b47b099ae53c2400416056
-SHA512 (libjpeg-turbo-1.5.3.tar.gz) = b611b1cc3d1ddedddad871854b42449d053a5f910ed1bdfa45c98e0270f4ecc110fde3a10111d2b876d847a826fa634f09c0bb8c357056c9c3a91c9065eb5202
-Size (libjpeg-turbo-1.5.3.tar.gz) = 1658672 bytes
-SHA1 (patch-aa) = 44fe4fe05221288490bd8d76dd2a1bc6e0ce377b
-SHA1 (patch-configure) = 5e6b6b08c82e9406e9ab1b423dd1f6367cf02ab6
+SHA1 (libjpeg-turbo-2.0.4.tar.gz) = 163d8f96d0999526a117de0388624241b54dcd67
+RMD160 (libjpeg-turbo-2.0.4.tar.gz) = ace5f6647f3d0fc51554f630309c1e02b253bf37
+SHA512 (libjpeg-turbo-2.0.4.tar.gz) = 708c2e7418d9ed5abca313e2ff5a08f8176d79cad2127573cda6036583c201973db4cfb0eafc0fc8f57ecc7b000d2b4af95980de54de5a0aed45969e993a5bf9
+Size (libjpeg-turbo-2.0.4.tar.gz) = 2161812 bytes
SHA1 (patch-jpeglib.h) = 22f69b5fed1882c33f4a8a6e42b8aca5ed195de3
-SHA1 (patch-simd_jsimd__arm.c) = a8bf4b4f2993d1878ee163a11d4189b4da3dafcd
+SHA1 (patch-simd_arm_jsimd.c) = 8953f17f28b066853cff716065bc4f7bf1dc039c
Added files:
Index: pkgsrc/graphics/libjpeg-turbo/patches/patch-simd_arm_jsimd.c
diff -u /dev/null pkgsrc/graphics/libjpeg-turbo/patches/patch-simd_arm_jsimd.c:1.1
--- /dev/null Sun Apr 12 06:17:06 2020
+++ pkgsrc/graphics/libjpeg-turbo/patches/patch-simd_arm_jsimd.c Sun Apr 12 06:17:06 2020
@@ -0,0 +1,36 @@
+$NetBSD: patch-simd_arm_jsimd.c,v 1.1 2020/04/12 06:17:06 adam Exp $
+
+--- simd/arm/jsimd.c.orig 2019-12-31 07:10:30.000000000 +0000
++++ simd/arm/jsimd.c
+@@ -28,6 +28,10 @@
+ #include <string.h>
+ #include <ctype.h>
+
++#if defined(__NetBSD__)
++#include <sys/sysctl.h>
++#endif
++
+ static unsigned int simd_support = ~0;
+ static unsigned int simd_huffman = 1;
+
+@@ -108,6 +112,9 @@ init_simd(void)
+ #endif
+ #if !defined(__ARM_NEON__) && (defined(__linux__) || defined(ANDROID) || defined(__ANDROID__))
+ int bufsize = 1024; /* an initial guess for the line buffer size limit */
++#elif defined(__NetBSD__)
++ int neon_present;
++ size_t len;
+ #endif
+
+ if (simd_support != ~0U)
+@@ -126,6 +133,10 @@ init_simd(void)
+ if (bufsize > SOMEWHAT_SANE_PROC_CPUINFO_SIZE_LIMIT)
+ break;
+ }
++#elif defined(__NetBSD__)
++ if (sysctlbyname("machdep.neon_present", &neon_present, &len, NULL, 0) == 0
++ && neon_present != 0)
++ simd_support |= JSIMD_ARM_NEON;
+ #endif
+
+ #ifndef NO_GETENV
Home |
Main Index |
Thread Index |
Old Index