[pkgsrc/trunk]: pkgsrc/graphics/openjpeg Patch for CVE-2018-16376

[sevan <sevan%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/e7a8348238a9
branches:  trunk
changeset: 405380:e7a8348238a9
user:      sevan <sevan%pkgsrc.org@localhost>
date:      Tue Nov 26 23:10:22 2019 +0000

description:
Patch for CVE-2018-16376

diffstat:

 graphics/openjpeg/Makefile                           |   3 +-
 graphics/openjpeg/distinfo                           |   3 +-
 graphics/openjpeg/patches/patch-src_lib_openmj2_t2.c |  37 ++++++++++++++++++++
 3 files changed, 41 insertions(+), 2 deletions(-)

diffs (67 lines):

diff -r 21e158fbc676 -r e7a8348238a9 graphics/openjpeg/Makefile
--- a/graphics/openjpeg/Makefile        Tue Nov 26 22:42:03 2019 +0000
+++ b/graphics/openjpeg/Makefile        Tue Nov 26 23:10:22 2019 +0000
@@ -1,6 +1,7 @@
-# $NetBSD: Makefile,v 1.17 2019/04/03 08:04:08 adam Exp $
+# $NetBSD: Makefile,v 1.18 2019/11/26 23:10:22 sevan Exp $
 
 DISTNAME=      openjpeg-2.3.1
+PKGREVISION=   1
 CATEGORIES=    graphics
 MASTER_SITES=  ${MASTER_SITE_GITHUB:=uclouvain/}
 GITHUB_TAG=    v${PKGVERSION_NOREV}
diff -r 21e158fbc676 -r e7a8348238a9 graphics/openjpeg/distinfo
--- a/graphics/openjpeg/distinfo        Tue Nov 26 22:42:03 2019 +0000
+++ b/graphics/openjpeg/distinfo        Tue Nov 26 23:10:22 2019 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.14 2019/04/03 08:04:08 adam Exp $
+$NetBSD: distinfo,v 1.15 2019/11/26 23:10:22 sevan Exp $
 
 SHA1 (openjpeg-2.3.1.tar.gz) = 38321fa9730252039ad0b7f247a160a8164f5871
 RMD160 (openjpeg-2.3.1.tar.gz) = 31b75aa70f5d26dd1b7e374a9e4b6be1842fefe7
@@ -8,3 +8,4 @@
 SHA1 (patch-src_bin_jp2_CMakeLists.txt) = c9f709c23d6bab7a3c705640d66a00ec90ddabc7
 SHA1 (patch-src_lib_openjp2_CMakeLists.txt) = d839121ec2d008e5d3e1676d3e7ac3642bc946f7
 SHA1 (patch-src_lib_openjp2_opj__config__private.h.cmake.in) = fc0c170789dbe0a2ebc9dce0ef0d21aa6b2edd49
+SHA1 (patch-src_lib_openmj2_t2.c) = 7689b3d82a5d346707a3519f183757356e118a8c
diff -r 21e158fbc676 -r e7a8348238a9 graphics/openjpeg/patches/patch-src_lib_openmj2_t2.c
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/graphics/openjpeg/patches/patch-src_lib_openmj2_t2.c      Tue Nov 26 23:10:22 2019 +0000
@@ -0,0 +1,37 @@
+$NetBSD: patch-src_lib_openmj2_t2.c,v 1.1 2019/11/26 23:10:22 sevan Exp $
+
+CVE-2018-16376
+https://github.com/uclouvain/openjpeg/issues/1127
+https://nvd.nist.gov/vuln/detail/CVE-2018-16376
+
+--- src/lib/openmj2/t2.c.orig  2019-11-26 22:37:00.687890833 +0000
++++ src/lib/openmj2/t2.c
+@@ -166,6 +166,12 @@ static int t2_encode_packet(opj_tcd_tile
+ 
+     /* <SOP 0xff91> */
+     if (tcp->csty & J2K_CP_CSTY_SOP) {
++      if (length < 6) {
++          if (p_t2_mode == FINAL_PASS) {
++              opj_event_msg(p_manager, EVT_ERROR,
++                              "opj_t2_encode_packet(): only %u bytes remaining in "
++                              "output buffer. %u needed.\n",
++                              length, 6);
+         c[0] = 255;
+         c[1] = 145;
+         c[2] = 0;
+@@ -272,6 +278,15 @@ static int t2_encode_packet(opj_tcd_tile
+ 
+     /* <EPH 0xff92> */
+     if (tcp->csty & J2K_CP_CSTY_EPH) {
++      if (length < 2) {
++          if (p_t2_mode == FINAL_PASS) {
++              opj_event_msg(p_manager, EVT_ERROR,
++                              "opj_t2_encode_packet(): only %u bytes remaining in "
++                              "output buffer. %u needed.\n",
++                              length, 2);
++          }
++          return OPJ_FALSE;
++      }
+         c[0] = 255;
+         c[1] = 146;
+         c += 2;